How to ensure that NixOS configuration will build or use the same package versions in the future?

In Software packaging and distribution for LHCb using Nix, the authors write:

In order to facilitate this use, software must be stable for long
periods; much longer than even Long Term Support operating systems are
available. Additionally, the software should reproduce any and all
bugs which were present in the original version to ensure the accuracy
of the final results. Builds should be reproducible to allow for
patches to be carefully introduced.

But NixOS configuration files do not include versions of packages (unlike, say, Rust manifests), e.g.

environment.systemPackages = with pkgs; [

    # Basic utils

If I understand correctly, packages can be updated within a channel, and they can change when the channel is changed.

Then, how to ensure that in 10 years I will be able to get or build the same Nix environment with the same versions packages installed?

You need to pin the revision of nixpkgs used for the build. As you note, with channels that status is kept separately and you have to record it somehow. With flakes it’s part of the lock file (the same as Rust’s cargo lock).


Probably also need some source mirroring solution if the goal is to keep it around and maintainable for 10 years.