Interesting discussion so far…
I’m actually using both in combination, which might be considered an anti-pattern of sorts, especially if you consider that you can use nix-ops …
I have two VPS running nixos, where e.g.nginx with virtual hosts is managed declaratively, but their contents (gatsby-generated static sites) are pushed from a local gitlab CI using ansible to their respective webroots on the VPS.
Actually (even “worse” of an anti-pattern) I also push updated /etc/nixos/...nix from my local private git clone to the VPS with ansible (and do a nixos-rebuild switch after that). Obviously the latter pattern would be better replaced by something more nix-ops like.
I guess this is just to say that if you know ansible/“classic” devops but want to move to nix it is possible to mix them at first and hold-off on nix-ops if it’s “too much to handle” at first.
Indeed I’d be interested what is the recommended (nix) way to handle the former scenario, especially considering resource-constrained webservers and a process featuring static site generation in a local CI/CD instance (i.e. no dev-tools on webserver) and deployment of the webroot to a remote VPS (running nixos). This should be extensible also to e.g. web-service containers such as e.g. nodebb under podman/docker, where I suppose things like postgres would just run natively on the VPS?