NixOS vs. Fedora Silverblue

What are the benefits and drawbacks of each? Could NixOS one day adopt OSTree? I’m planning on building a distro based on NixOS and was wondering what exactly the differences are between the two systems. It looks like Fedora Silverblue doesn’t do actual system configuration the way NixOS does, but I might be mistaken. What are the benefits of drawbacks of OSTree vs. Nix’s way?

While I’m here, I might as well plug the place I learned of Fedora Silverblue. It’s a discord server with a bunch of tech minded people, designed to answer questions quickly and effectively. Check it out here if you are interested. It’d be nice to have a a community of Nixers on there

Reading about it for a few minutes, It sounds like OSTree is some way to snapshot and update a consistent traditional file system hierarchy. Does it let you have multiple copies of a C library available at the same time? This is one of the advantages of NixOS: all the available applications don’t have to have a shared and consistent set of libraries they link against.

1 Like

This is something I’m confused about in NixOS. I see everywhere that multiple versions of the same program can be installed, but how? Nixpkgs doesn’t specify a version for dependencies anywhere, other than a few cases where certain libraries have multiple different derivations for different versions. Or is that what is meant?

On a typical Linux distribution, applications look for dynamically-linked C libraries (.so files) in a few shared directories, so all the applications need to be compatible with the library version installed in those directories.

With Nix the dependencies are specified as paths in the nix store, so it is possible to have any number of versions of a library installed and the applications will be built in a way that they know the appropriate one to use.

Nixpkgs is a set of particular versions of packages, that work together. But you can install packages from different versions of nixpkgs! For example, I often use

λ nix-env -f https://github.com/NixOS/nixpkgs/archive/master.tar.gz -iA jetbrains.idea-community

to install the bleeding-edge version of IntelliJ alongside my otherwise stable packages. Because of how NixOs works, such mixing of stable and dev packages won’t cause any problems in general.

2 Likes

The “multiple version” situation seems often confusing to outsiders. While nix and the package expressions technically allow you to have any number of versions and configurations at once, in practice you typically want to minimize this space as much as possible (simplicity, coverage with tests, etc.), so there’s actually policy not to keep multiple versions (in one nixpkgs commit) without a good reason. Still, it’s useful for rollbacks (whole system with config, per-program), or developing/testing stuff against newer libraries without switching the system to them, or other “special situations”.

I’m biased, of course, but nix seems more flexible than any related approaches I’ve seen, largely thanks to not being afraid of forsaking shared directories like /usr/lib/. (Even so in nixpkgs we have steam-run that can simulate such an environment via mount namespaces.) Still, breaking such common assumptions does come with some disadvantages.

7 Likes

OSTree is a system based on snapshots, similar to Docker images but installed on the system level. This is a good way for traditional Linux distributions to provide better guarantees in terms of installation reproducibility while keeping backward-compatibility. It makes sure that two installations of the same snapshots have the same on-disk content. It’s not clear to me how the snapshots are produced and how configuration is managed.

What you will find is that if you need customization, Nix is typically more powerful. Instead of using snapshots it actually takes the Nix build instructions as an input. It is then able to query the binary cache to see if a pre-built version is available. If not, because you changed the inputs, it will simply rebuild (and then you can cache that result). This allows to more easily target custom hardware and do deep system changes. Thanks to that system you never end up in a situation where you have to remember to invalidate builds, all is handled automatically.

If you are going to target standard hardware or don’t need customization, Fedora is probably better tested as it’s used by more people and there is a big company behind it that has a lot of man-hours available to throw at the problem. Nix is a better foundation and allows us to do more things with less resources but it’s also less documented and has less Google juice. We do have a friendly community willing to help out on this forum and on FreeNode in #nixos :slight_smile:

7 Likes

From what I understand by using it, OSTree acts like a git repo in a way, and every transaction a new branch is created alongside the running one, the changes are done on that new image, and then the the new image is moved to the top of the boot priority and the last image is kept until the next transaction unless pinned to the tree.