Why I prefer Fedora Atomic (plus BlueBuild) to Nix OS
- All changes are automatically tracked and versioned when using Fedora Atomic via layers or BlueBuild modules. With Nix, all your state is in one place, yes, but it can still easily become a gigantic mess of state that's difficult to untangle, since it's an actual codebase that you have to maintain over time. You can of course layer a version control system (probably git) on top, but then you have to remember to uphold one-change-per-commit and so on.
-
Changing and rebuilding your image (as opposed to just layers) takes place on a server, air-gapped from your PC. This means:
- It's much more difficult for malicious software to effect your system.
- It's easier to insulate your system from possibly broken changes since there's a CI element.
- It's easier to use your computer and build the next version of your image asynchronously.
- The core image uses a mostly traditional file layout, it's just that everything outside of /var and /etc is immutable, as opposed to the insane complete remodelling Nix has going on. This means things are much more likely to just work on a Fedora Atomic system, whereas Nix OS systems require all packages to be custom-patched to work, and this can cause bugs, lack of availability of packages, and so on.
- The Fedora Atomic file system is pretty much human readable and human navigable, although of course not perfect, since it follows the standard UNIX filesystem layout. The Nix OS file system is totally opaque to human beings.
- You can just inherit from upstream images, thus automatically getting updates from them as well, instead of having to copy and paste configuration manually.
- Although less theoretically pure, Fedora Atomic's use of simple composable YAML and Bash scripts makes what everything does very clean and easy to understand, whereas Nix OS is a lazy purely functional language, which is a pain to work with. Guix of course solves this, but Guix has other problems.
- Nix also has a serious cultural problem.