Photo by Lukas / Unsplash

NixOS from personal to business

May 27, 2024

If you're not familiar with NixOS the basic pitch is:

Declarative builds and deployments.
if a package works on one machine, it will also work on another.
trivial to share development and build environments
installing or upgrading one package cannot break other packages

I've been running NixOS on my personal machines and in local and cloud servers for almost a year now. I started playing around with it locally initially and eventually moved it to production uses. It definitely has a somewhat steep learning curve, but in my case it was enough to start with an example and build it up from there.

The official docs and package search is functional enough but leaves a bit to be desired in detail. But those are getting better. In my case these resources were indispensable:

GitHub - Misterio77/nix-starter-configs: Simple and documented config templates to help you get started with NixOS + home-manager + flakes. All the boilerplate you need!
Simple and documented config templates to help you get started with NixOS + home-manager + flakes. All the boilerplate you need! - Misterio77/nix-starter-configs

A starter config, with reference to a real personal config

Teile deine Videos mit Freunden, Verwandten oder der ganzen Welt

Vimjoyer's youtube channel, he links to example repositories

First steps — documentation

nix language introduction

Learning NixOS for personal use

It's nice for personal use because tinkering with a linux setup, packages, desktop environment, os config is really low risk. It's easy to roll back to a previous version, and the whole system and user config (through home-manager) can be kept in a single git repository.

I've been using NixOS personally on old laptops, handheld computers and raspberry pis. The first configuration was the hardest. It took some time but with the resources above and digging through the nixos forums I was able to get the first draft running on an old macbook air.

If anyone is serious about learning NixOS for personal use I really recommend installing it on an old computer that's sitting around or to boot it up on a virtual machine.

Applying NixOS to production business use

Using NixOS in production so far has been a great experience for us overall. First off, a bit about my team to explain how we use it. We are a small team of developers that for the most part work on a contract and retainer basis and offer some software products. We build apps, services, integrations, and AI products for our clients. We specialize in rescue projects, meaning clients come from issues with previous tech or developers. We also manage hosting and cloud resources for our clients including NixOS servers. If any of the above is interesting feel free to reach out 🙂

So we have multiple use cases for NixOS. We we use it to self host internal services, we use it to host our other product services, we use it to manage our clients services on their cloud providers, we use it in proxmox vms, we use it for development at the repository level through devbox. I cover the basics below, but I might cover the actual implementation of each use case in more detail in a future post.

In our case it was very easy to take my personal nixos config and and adapt it to a production server. Obviously there are differences between OS setup for a local device and a vm server but those differences aren't too much of a concern. For example one cloud provider that we use is Hetzner. They don't provide a NixOS image by default, but that's easy to overcome with NixOS-Infect. NixOS-Infect installs the operating system onto a vm in Hetzner and generates a configuration file. That configuration file is already valid and can be saved in a repository. Any settings and configuration from a personal config can be copied over, stored in the same repository, or can be shared by creating a nix module.

Hosting our services

This post you're reading is actually using the open source Ghost Blog on a NixOS server on Hetzner! Similarly, we host other open sources services that we use internally. Some services use docker images through nixos oci-containers. Others are just nixos packages configured to run as systemd services. Some of our product services are also running on nixos. One of the big benefits for using nixos in production for us is that all of the configuration is very explicit and can be seen in the configuration repository. Meaning we won't forget if we make a configuration change to the server directly because it's will have to go through the repository first. It also makes moving projects between cloud providers easier.

Proxmox NixOS VMs

Github codespaces seems like a great product to provide powerful machines to thin clients. We use nixos vms on proxmox as a self hosted alternative. Each vm can be configured for each user, the same configuration can be applied and deployed to all vms at once. We can even add code server to each vm so that they can be accessed from a browser!

This was actually our first usage of nixos in our business. It was not all that different from running on an actual device. The differences were actually in the specifics of using proxmox.

Devbox for each repository

We also use Devbox for each project that we are working on to create dev environments. Devbox actually uses nix under the hood. Devbox removes the need to manage versions of packages manually. For example we have used n and volta in the past to manage versions of node, that's not needed any more. We can manage versions of nodejs, yarn, and any other external dependency all through devbox. All developers have access to the exact same dev environment which removes most instances of "it works on my machine". Similarly this devbox configuration can be used in production as well with a docker build or as a systemd service.

Devbox is a great introduction to getting the benefits of NixOS, without having to go through the steep learning curve.

Overall using NixOS has been a great experience. It has made our production services more explicit and our local builds reproducible. I'd recommend it to business or developers interested in declarative and reproducible builds. If you're interested and have any questions, feel free to reach out and I'll point you in the right direction.