NixOS

NixOS is a free and open-source Linux distribution based on the Nix package manager. NixOS uses an immutable design and an atomic update model. Its use of a declarative configuration system allows reproducibility and portability.

NixOS is configured using composable modules, and relies on packages defined in th
Nixpkgs
project. Package recipes and configurations are written in the purpose-built "Nix language" that ships with the Nix package manager.

History

Nix began in 2003 as a research project led by Eelco Dolstra, who sought to develop a system for reliable software deployment. This work culminated in Dolstra's Ph.D. thesis, The Purely Functional Software Deployment Model, which proposed a novel approach to declarative, functional software configuration. His research, supervised by Eelco Visser at Utrecht University, laid the theoretical groundwork for Nix.

In 2006, NixOS was introduced as part of Armijn Hemel's Master's thesis, which explored applying Nix principles to a Linux distribution. This led to the creation of a unique, declarative configuration model that distinguished NixOS from other operating systems.

The NixOS Foundation was established in 2015 in the Netherlands to support projects that implement the purely functional deployment model, ensuring the ongoing development and sustainability of NixOS and its ecosystem.

Wiki

NixOS currently has both an official wiki located a
wiki.nixos.org
and an unofficial user's wiki a
nixos.wiki

History

The first NixOS community wiki was launched around 2010–2011 to centralize documentation and support collaborative knowledge-sharing. However, as community interest in maintaining the wiki waned, outdated and incorrect information accumulated, reducing its usefulness.

In November 2015, Rok Garbas highlighted the decaying state of the wiki in his talk Make Nix Friendlier for Beginners, sparking widespread discussion in the community. While many developers argued that the Nix* manuals were a better repository for official documentation, no immediate solution was implemented.

By mid-2016, spam bots had overwhelmed the wiki due to insufficient protection, leading to its official lockdown in August of that year. In February 2017, a GitHub issue was opened to discuss unlocking the wiki, but the debate resulted in no resolution. Finally, in May 2017, the wiki was permanently disabled, with an archive of its content made available on the Internet Archive.

To fill the void, Jörg Thalheim (Mic92) launched the nixos-users GitHub wiki in April 2017. Although this platform allowed quick edits and community contributions, it lacked features such as search functionality and a table of contents. Shortly thereafter, Tristan Helmich (fadenb) created a new MediaWiki-based wiki on his own initiative, citing the poor user experience of the GitHub wiki. Felix Richter (makefu) later migrated content from the GitHub wiki to Helmich’s wiki.

In January 2024, a new initiative to establish an official wiki was launched. This resulted in the official wiki currently in use, which was launched on 1 April 2024.

Release version history

NixOS publishes stable releases twice a year, around the end of May and the end of November.

Features

Declarative configuration model

In NixOS, the entire operating system—including the kernel, applications, system packages, and configuration files—is built by the Nix package manager from a description in th
Nix language
Building a new version will not overwrite previous versions.

A NixOS system is configured by writing a specification of the functionality that the user wants on their machine in a global configuration file (typically located in /etc/nixos). The following is a minimal specification of a machine running an SSH daemon:

After changing the specification file, the system can be updated using the nixos-rebuild command. This does everything necessary to create the new version of the system, including downloading and installing packages, and generating configuration files.

Reliable and atomic upgrades

Since Nix files are pure and declarative, evaluating them will always produce the same result, regardless of what packages or configuration files are on the system.

NixOS has a transactional approach to configuration management, making configuration changes such as upgrades atomic. For example, if an upgrade to a new configuration is interrupted by power failure, the system will still be in a consistent state: it will either boot in the old or the new configuration.

Rollbacks

If, after a system update, the new configuration is undesirable, it can be rolled back using a special command (nixos-rebuild switch --rollback). Every system configuration version automatically shows up in the system boot menu. If the new configuration crashes or does not boot properly, an older version can be selected. Rollbacks are lightweight operations that do not involve files being restored from copies.

Reproducible system configurations

NixOS's declarative configuration model makes it easy to reproduce a system configuration on another machine. Copying the configuration file to the target machine and running the system update command generates the same system configuration (kernel, applications, system services, and so on) except for parts of the system not managed by the package manager, such as user data.

Source-based model with binary cache

The Nix build language used by NixOS specifies how to build packages from source. This makes it easy to adapt the system to user needs. However, building from source being a slow process, the package manager automatically downloads pre-built binaries from a cache server when they are available. It is possible to disable the binary cache and force building from source by using --option substitute false as an argument. Changing any of the build options from the defaults will also cause packages to be built from source. This gives the flexibility of a source-based package management model, with the efficiency of a binary model.

Consistency

The Nix package manager ensures that the running system is consistent with the logical specification of the system, meaning that it will rebuild all packages that need to be rebuilt. For instance, if the kernel is changed, then the package manager will ensure that external kernel modules will be rebuilt. Similarly, when a library is updated, it ensures that all the system packages use the new version, even packages statically linked to it.

Multi-user package management

There is no need for special privileges to install software in NixOS. In addition to the system-wide profile, every user has a dedicated profile in which they can install packages. Nix also allows multiple versions of a package to coexist, so different users can have different versions of the same package installed in their respective profiles. If two users install the same version of a package, only one copy will be built or downloaded. Nix's security model ensures that this is secure, because only the users explicitly trusted by the system configuration are allowed to use build parameters that would allow them to control the content of a derivation's output (such as adding impurities to the sandbox, or using an untrusted substituter). Without those parameters, paths can only be substituted from a substituter trusted by the system, or a local sandboxed build which is implicitly trusted.

Flakes

The flakes feature of Nix aims to improve the reproducibility, composability, and usability of Nix-based configurations. It provides a standardized way to define, manage, and share Nix expressions, making it easier to create and maintain reproducible systems.

Nix-shell

The nix-shell command starts an interactive shell based on a Nix expression. It allows developers to work with isolated sets of dependencies without affecting the system globally.

Implementation

NixOS is based on the Nix package manager, which stores all packages in isolation from each other in the package store.

Installed packages are identified by a cryptographic hash of all input used for their build. Changing the build instructions of a package modifies its hash, and that will result in a different package being installed in the package store. This system is also used to manage configuration files, ensuring that newer configurations do not overwrite older ones.

An implication of this is that NixOS does not follow the Filesystem Hierarchy Standard. The only exceptions are that a /bin/sh symlink is created to the version of bash in the Nix store (e.g. /nix/store/s/5rnfzla9kcx4mj5zdc7nlnv8na1najvg-bash-4.3.43/), and while NixOS does have an /etc directory to keep system-wide configuration files, most files in that directory are symlinks to generated files in /nix/store, such as /nix/store/s2sjbl85xnrc18rl4fhn56irkxqxyk4p-sshd_config. Not using global directories such as /bin is part of what allows multiple versions of a package to coexist.

Reception

Jesse Smith, reviewing NixOS 15.09 for DistroWatch Weekly in 2015,DistroWatch Weekly, Issue 637, 23 November 2015
/ref> wrote:

A 2022 review of NixOS 21.11 "Porcupine" in Full Circle magazine concluded:

NixOS 22.11 "Raccoon" reviewed by Liam Proven at The Register:

NixOS 23.11 "Tapir" reviewed by Jesse Smith at DistroWatch:

Notes

See also

* GNU Guix System – an operating system built on GNU Guix that is inspired by Nix

References

External links

*

Official Wiki

{{Linux

Independent Linux distributions
Linux distributions
Linux distributions offering KDE desktop environment
Operating system security
Source-based Linux distributions
X86-64 Linux distributions
2003 software