:PROPERTIES: :ID: 892676b3-76cb-4cd4-9689-910c1fe6587a :END: #+title: The basics of Nix package manager #+date: "2021-06-05 12:34:49 +08:00" #+date_modified: "2021-06-05 13:32:22 +08:00" #+language: en [[id:3b3fdcbf-eb40-4c89-81f3-9d937a0be53c][Nix package manager]] is a great tool for reproducibility as you can easily set up your environment. Taking it up to the next level with NixOS, your whole installation. * Ecosystem - Nix has tools to make setting up environments easier with direnv, lorri, and [[id:c05e1aa9-0619-4617-abb6-870fceca3430][Niv]] You can create a [[https://nix.dev/tutorials/ad-hoc-developer-environments#reproducible-executables][reproducible executable]] that only requires Nix. #+begin_src bash #!/usr/bin/env nix-shell #! nix-shell --pure -i bash -p curl jq fzf findutils # A quick command line interface for creating a gitignore with the API from https://gitignore.io. # This script comes with a simple caching to avoid creating too much requests. set -eo pipefail CACHE_FILE="${XDG_CACHE_DIR:-$HOME/.cache}/gitignore-io.langs.json" # Check if the language list is downloaded for the last hour (3600 seconds). if [ ! -e $CACHE_FILE ] || test $(expr $(date "+%s") - $(date -r $CACHE_FILE "+%s")) -gt 3600 then ping "gitignore.io" --count 4 && curl --silent --location --output $CACHE_FILE "https://gitignore.io/api/list?format=json" fi KEYS=$(jq 'keys | .[] | @text' --raw-output $CACHE_FILE | fzf --multi | while read lang; do echo " .[\"$lang\"].contents"; done | paste -s -d ',') jq "$KEYS" --raw-output $CACHE_FILE #+end_src * Components of the package manager Holistically, Nix is made up of at least four components: the store, the language, the derivations, and the sandbox. - The store is a immutable centralized location where all of the outputs are placed. - The derivations are essentially build instructions. - The language (also called as Nix but we'll refer to it as Nixlang) is a domain-specific language for creating derivations. - The build process can be locked in a sandbox, improving the reproducibility of a setup and lowering the attack surface for a malicious package.