More build tools: Nix

After talking about Bazel in one of our previous episodes, we are now looking at Nix, a build system that has been getting increasing attention lately.

Resources:

Transcript
  1. Surma:I know there's like two camps of people.
  2. Surma:The people who like ASMR and the people who get freaked out by mouth sounds.
  3. Jake:Oh, yeah, a little... I don't like the little mouse sounds. No, no, no, no, no. In particular,
  4. Jake:podcasts, if you've got that... It's a lip-smacking thing. I'm like, no, no, no, no, no, no, no.
  5. Jake:Edit it out. Edit it out. Oh, hope we don't do that.
  6. Jake:Welcome to another episode of OTMT, a podcast about... What do we do here, Simon? Web things!
  7. Jake:Hi, I'm Jake, and Shopify lets us do this, and we're ever-grateful.
  8. Surma:And I'm Surma.
  9. Surma:Thank you, Shopify.
  10. Surma:I think it actually has been too long without a bathroom story, and there is a story that
  11. Surma:I need to share with you.
  12. Jake:Oh, I'm ready. I am in the receive position for your bathroom story.
  13. Jake:Thrown. Absolutely.
  14. Surma:Are you on the edge of your...?
  15. Surma:This was when I was on vacation, and I was in, like, a restaurant, and I wanted to wash
  16. Surma:my hands.
  17. Surma:I was not even, you know, not even bodily functions.
  18. Surma:Just wanted to wash my hands.
  19. Surma:Went into a really nice-looking bathroom, you know, like, they're going to have, you
  20. Surma:know, like, proper cotton towel stacks and those kind of things.
  21. Surma:And the sinks were really quite interesting.
  22. Surma:So it was like a big mirror on the wall, like, one... basically, the entire wall was just
  23. Surma:one mirror.
  24. Surma:And then the sinks were at a 45-degree angle going into the wall, so you had, like, one
  25. Jake:I see kind of trough sort of thing. Wait, hang on. This was this was definitely the
  26. Surma:super long sink in front of you, effectively, so multiple people could wash their hands
  27. Surma:next to each other.
  28. Surma:Yeah, okay.
  29. Surma:Like a trough.
  30. Surma:Yes, I did double-check.
  31. Jake:sink and not the urinal. OK. Oh, so you're going to get you're going to get all angles
  32. Surma:But also, wouldn't it be weird if you had a urinal with a big-ass mirror in front of
  33. Surma:you?
  34. Surma:And by the way, the trough itself was also a mirror.
  35. Surma:Yeah, you know, if you need a good checking out, that's the place to be.
  36. Jake:of your of your little lad. Oh, I see. Yes. OK, I'm with you.
  37. Surma:So you kind of hold your hands into this trough, and, like, the trough goes a bit under
  38. Surma:the wall, and then suddenly water comes out, like, you kind of know them from, like, airports,
  39. Surma:kind of, like, auto-sensing things.
  40. Surma:And so I was washing my hands, admiring the undersides of my hands in the mirror of the
  41. Surma:trough, and suddenly, from below the sink, from basically inside the wall, hands appear
  42. Jake:What? No, I want my money back.
  43. Surma:with really nicely done red nail polish.
  44. Surma:And I let out a little yelp, and that's when I understood that this wall was shared with
  45. Surma:the ladies' room, and from both sides, basically, the wall contained the taps.
  46. Surma:And then the trough came in from both sides with a cut-through in the wall, and you could
  47. Surma:watch each other's hands, how they wash.
  48. Jake:I don't know. No, I I disinvest in this idea.
  49. Jake:Like, yeah, because there's a chance of just, you know, two people going in at the same
  50. Surma:Yeah, like a, like a nice little post-bathroom break handshake, is that not what you're looking
  51. Jake:time and a hand collision. And I would have to get a flight back home.
  52. Surma:for?
  53. Jake:Bathroom break, handshake. I mean, now I hear it rhyming. I like it.
  54. Surma:Now there's, there's a niche, there's a brand, yeah, it's, it really has burned itself into
  55. Surma:my brain as a startling experience that, and then, when you start, when you keep watching,
  56. Jake:Does sound like the kind of thing like someone who works in finance in the city would say
  57. Surma:and you realize there's more hands, it's just like these disembodied hands kind of wringing
  58. Surma:around each other to wash themselves.
  59. Surma:Very Addams Family, it was surreal.
  60. Jake:is like, excuse me, let's just going off through a bathroom break, handshake.
  61. Jake:You know what I mean? I mean, I don't know what you mean.
  62. Jake:No, you know what I mean? I don't know what you mean.
  63. Jake:Yeah, you know what I mean? Yeah, that's.
  64. Surma:That's probably also the people who would enjoy this the most, and not be startled by
  65. Jake:Yeah, they built it. Yeah, absolutely.
  66. Surma:it.
  67. Surma:So instead of analyzing this further and re-traumatizing myself, should we talk about tech, I suppose?
  68. Jake:Oh, wait, wait, what? This I don't like change.
  69. Surma:Ah, well, no, I know.
  70. Surma:Well, it is, it is useful for web development, so, you know, I'm going to talk about Nix.
  71. Jake:I.
  72. Jake:Hmm.
  73. Surma:So a couple months ago, I think, I don't know how long ago it is now, actually, I did an
  74. Surma:episode about Bazel, which also, you know, not really web development, but kind of tangential
  75. Surma:because it can be used for web development, and Nix is the same.
  76. Surma:It's also a build system, and I have been learning it, and I have become a big old fan
  77. Jake:Oh.
  78. Surma:of it.
  79. Surma:And therefore, I'm now here to kind of like talk a bit about why, because I do think it
  80. Jake:Hmm.
  81. Surma:is really interesting to think about.
  82. Surma:It genuinely has made me question certain things about why our current incarnation of
  83. Surma:operating system, build systems work the way they do, because some of these things seem
  84. Surma:kind of like bad choices in retrospect.
  85. Jake:I do think that there's so much of the web-built systems that we use
  86. Jake:that kind of haven't maybe learned enough from some of these grander scale systems,
  87. Surma:It even made me question some of the choices that, for example, the current Rust compiler
  88. Jake:so I'm excited to hear more about this.
  89. Surma:toolchain makes, like not question it, but you kind of realize they're all built on assumptions
  90. Surma:that have been around for ages, and they kind of work, but we could be, we could be doing
  91. Surma:so much better.
  92. Jake:Before you dive into that, I feel, has Rust now switched into that thing
  93. Jake:where people are actually critically analysing it?
  94. Jake:I'm seeing a lot of this, like a lot of Rust criticism all of a sudden.
  95. Jake:It felt like it's been for five years or however long,
  96. Surma:Yes and no.
  97. Jake:it's like, wow, this is just revolutionising everything,
  98. Jake:we should rewrite everything in Rust.
  99. Jake:And it feels now that it's kind of got to, it's sort of past that hype peak,
  100. Jake:and people are like, huh, this is, you know, maybe we should be using Zig or...
  101. Surma:I feel like it is becoming cooler to not like Rust, to an extent that's a deserved counter
  102. Surma:movement because there was also some undeserved overhype, like this whole, you know, the Rust
  103. Jake:I don't know.
  104. Surma:community, I think is really great.
  105. Surma:But there are also a couple of traits that for some reason are very present in many people
  106. Surma:in the Rust community, like what you just said, the whole like, this should be rewritten
  107. Surma:in Rust and it would be so much better.
  108. Surma:Most of the time, that's just a shitty thing to say, like a piece of software has been
  109. Surma:around for ages and working well and has been written in C or C++.
  110. Surma:Will it get better just because it's now rewritten in Rust?
  111. Jake:Yeah.
  112. Surma:I doubt it.
  113. Surma:Like, I personally would love it because it makes the code much more approachable to me.
  114. Surma:Like, I feel much more comfortable jumping into a Rust code base than I do into a C or
  115. Surma:C++ code base.
  116. Surma:But that's just the nature of being fluent in a language versus a language that I'm not
  117. Surma:comfortable or fluent in.
  118. Surma:Like, yes, I know some C, I know some C++, but I not once really in the last, I don't
  119. Surma:know, 15 years have I written a side project in C++.
  120. Surma:I've written a whole bunch in Rust.
  121. Surma:So that's, you know, I think you're right.
  122. Jake:Yeah.
  123. Surma:There's more people being more vocal about things that are not great in Rust because,
  124. Surma:you know, it has introduced many new things to the ecosystem and to coding.
  125. Surma:But of course, it's not perfect.
  126. Surma:But I, as always.
  127. Jake:Okay, I derailed you.
  128. Jake:So, like...
  129. Surma:Yeah, let's talk about Rust.
  130. Surma:So how do I start?
  131. Jake:What is Nix?
  132. Surma:Well, it's a build system, innit?
  133. Surma:So I tried myself at making a YouTube video and I'm not sure if, so people seem to like
  134. Jake:What is Nix?
  135. Surma:it, but I'm not sure if they liked it because of the way I explained Nix or because I did
  136. Surma:nice animations, because I discovered this cool thing called Motion Canvas, which was
  137. Surma:really fun to use to build basically a video with.
  138. Surma:You can also use to build presentations.
  139. Jake:It is really nice. We'll link to that.
  140. Surma:Yeah, and I'm not going to, I literally feel bad like taking credit for how nice animations
  141. Surma:look because I just plugged things together.
  142. Surma:Anyway, my plan is not to just like rehash the video.
  143. Surma:In the video, I really like explain step by step how Nix was started by a guy named Alko
  144. Jake:It is really nice. We'll link to that.
  145. Jake:It is really nice. We'll link to that.
  146. Surma:Doltstra throughout the work on his PhD thesis and then the individual building blocks.
  147. Surma:This is a podcast.
  148. Surma:I don't have visuals.
  149. Surma:I want to focus a bit more or speed run a bit through that to get to where we could
  150. Surma:be using it in web development, potentially, because that's, I think, where it gets interesting.
  151. Jake:I have to say, when someone says, like, if you want to know about, you know,
  152. Jake:how this build system works, read my PhD thesis.
  153. Jake:Like, I cannot close the tab fast enough.
  154. Surma:It does sound scary, doesn't it?
  155. Surma:And I will say, sadly, that is kind of on brand for Nix a little bit.
  156. Surma:Like the documentation situation on Nix is not good.
  157. Surma:Like you don't have to read the PhD thesis, but you do have to dive into, you know, standard
  158. Jake:All right. Okay. Good start.
  159. Surma:library code to figure out how to use it sometimes.
  160. Surma:That's definite.
  161. Surma:And everybody I feel like that likes and loves Nix immediately acknowledges like, yeah, our
  162. Jake:All right.
  163. Surma:documentation is not good.
  164. Surma:It's not good, mate.
  165. Surma:So that's something that hopefully will get better.
  166. Surma:And also, yes, it is a PhD thesis, although it is the product of a PhD thesis, which means
  167. Surma:it has its origins in academia.
  168. Surma:And even that shows it is a purely it involves a purely functional programming language that
  169. Surma:looks a lot like or reminds one of Haskell.
  170. Surma:And that's also not everybody's cup of tea.
  171. Jake:All right.
  172. Surma:That being said, he designed a language for this build system.
  173. Surma:And I'm not sure it was 100% necessary, but the language is so small that I felt comfortable
  174. Surma:with it very, very quickly.
  175. Surma:But let me take a step back before we talk about the language itself.
  176. Surma:Basically, the problem that this guy, Alcadolstra, was looking at for his PhD thesis is the general
  177. Surma:problem of how do I get my code or my software on machine A to run on machine B?
  178. Jake:All right.
  179. Surma:And that actually isn't necessarily easy to do in a reliable way.
  180. Surma:You know, when you install Chrome, you download a binary and you have to make sure you download
  181. Surma:for your operating system.
  182. Surma:If you download the Linux one and you're on Mac, that will not work.
  183. Surma:That's the first instance already where this model of deployment can go wrong.
  184. Surma:You need to make sure that you compile the right binary for the target system.
  185. Jake:All right.
  186. Surma:And then often these binaries rely on certain libraries being present on the machine it's
  187. Surma:supposed to run on.
  188. Surma:And if these libraries are missing or even just have the wrong version, then it will
  189. Surma:likely not work.
  190. Surma:So this whole thing of just like copying binaries around is just it's not a good system.
  191. Surma:But we know people like you and me, we work in open source.
  192. Surma:That's very different where you have the source and you can just copy the source code over
  193. Surma:and compile that.
  194. Surma:And I think that actually works fairly well.
  195. Surma:But I think even there, most of us have experienced the problem of just because it compiles on
  196. Jake:Yes.
  197. Jake:Yes.
  198. Surma:my machine doesn't mean it will successfully compile on your machine.
  199. Jake:Yes.
  200. Jake:And we hit this a lot with, well, in Squoosh,
  201. Jake:because when we were dealing with the various image libraries,
  202. Surma:And I will talk about Squoosh later because that's exactly where I want to use Nix in
  203. Jake:and even two of us using Mac.
  204. Jake:Like, yeah.
  205. Jake:Works on one machine, but not the other.
  206. Surma:the future.
  207. Surma:But yeah, even with just when you have notes or NPM libraries like Sharp that pull in C++
  208. Jake:Yeah.
  209. Surma:code or maybe even, you know, rely on certain files being present.
  210. Surma:But, you know, on Windows, everything is different.
  211. Surma:You can already tell just because something compiles on my machine doesn't mean it will
  212. Surma:compile on your machine.
  213. Surma:And even then, even if it compiles on both machines, doesn't mean that will run.
  214. Surma:Like if we have a JavaScript code base and we both run the exact same version of Vite
  215. Jake:And then Docker came along and solved the problem.
  216. Surma:to compile the exact same source code, they probably will spit out the exact same result.
  217. Surma:And yet, because you are on Node 20 and I'm on Node 22, it may not actually work because
  218. Surma:that code that was output relies on a specific version of the runtime or again on system
  219. Surma:libraries.
  220. Surma:Just if you think about one machine may have FFmpeg installed and the other one doesn't,
  221. Surma:but you rely on FFmpeg being there.
  222. Jake:Yeah.
  223. Surma:And everybody was happy.
  224. Surma:To an extent, yes, but also kind of no.
  225. Surma:I mean, so I think Docker is in its simplest terms, you can think about like it spins up
  226. Surma:a virtual machine.
  227. Surma:And so if everybody boots up the same virtual machine image, that means you can compile
  228. Surma:the software reliably in there because the entire environment is snapshotted basically
  229. Surma:in that image of the virtual machine effectively.
  230. Jake:Yes.
  231. Surma:But if you want to run the software outside of the virtual machine, you kind of back to
  232. Surma:the same problem.
  233. Surma:So unless you also tend to run the software inside the virtual machine, that problem is
  234. Surma:still kind of there because now you're back in the world outside of the virtual machine
  235. Surma:where you don't control what exactly is and isn't there.
  236. Surma:But you're right, like Docker is one of the things that's been around that kind of has
  237. Surma:made these things a lot more interesting.
  238. Surma:But also, and this is where and I think I'm basically I'm going to jump ahead here a little
  239. Jake:Yeah.
  240. Jake:Yeah.
  241. Surma:bit because we had a problem with or we use Docker in Squoosh.
  242. Jake:Yeah.
  243. Jake:Yeah.
  244. Surma:So in Squoosh, if you probably set the context here, we have loads of different image codecs.
  245. Jake:Yeah.
  246. Jake:Yeah.
  247. Jake:Yeah.
  248. Surma:So something that takes a bitmap and converts it to JPEG, another one to AVF, another one
  249. Surma:to JPEG XL.
  250. Surma:And those are all, you know, C++ or Rust programs that we have in there.
  251. Jake:Yeah.
  252. Jake:Yeah.
  253. Jake:Yeah.
  254. Surma:And we use Docker to turn those into WebAssembly because we did not want to force people to
  255. Surma:install all kinds of compiler tool chains and libraries to be able to work on these
  256. Jake:Yeah.
  257. Jake:Yeah.
  258. Jake:Yeah.
  259. Surma:image codecs.
  260. Surma:And for that, we use Docker.
  261. Surma:So inside the Docker container, we set up the basically the development environment
  262. Jake:Yeah.
  263. Surma:to work on the codecs and to also compile them.
  264. Jake:Yeah.
  265. Surma:And then we have WebAssembly, which kind of ensures that the binary works outside the
  266. Jake:Yes.
  267. Surma:virtual machine as well.
  268. Surma:But in there, in the inside the virtual machine, we still need to somehow formulate, codify
  269. Jake:Yes.
  270. Jake:Okay.
  271. Jake:Yes.
  272. Surma:how code is supposed to be built.
  273. Surma:And for that, we use makefiles.
  274. Jake:Yes.
  275. Surma:Basically, it's a bash script where every individual step, take these bunch of C files
  276. Jake:Yes.
  277. Surma:and compile them to a static library, take these bunch of C files and compile them to
  278. Jake:Yes.
  279. Surma:object files and then link them all together to form a WebAssembly file.
  280. Jake:Yes.
  281. Surma:And we kind of like wrote these steps out with a makefile, more or less.
  282. Jake:Yes.
  283. Surma:And makefiles have been around for ages, really well understood.
  284. Jake:Yes.
  285. Surma:And they work quite simply through the mechanism of timestamps.
  286. Jake:Yes.
  287. Surma:So you write your build instructions and you tell make these are the input files that this
  288. Jake:Yes.
  289. Jake:Yes.
  290. Surma:build step needs.
  291. Surma:And these are the expected output files.
  292. Jake:Yes.
  293. Surma:And if any one of the input files has a newer modify date than the output file that we have,
  294. Jake:Yes.
  295. Surma:we need to rerun the step.
  296. Jake:Yeah.
  297. Surma:That sounds pretty good on paper, but the reality is the amount of time that we lost
  298. Jake:Yes.
  299. Surma:hours to trying to figure out why something wasn't working until we realized our code
  300. Jake:Yes.
  301. Jake:Yes.
  302. Surma:changes are not actually being incorporated into the output, because somewhere along the
  303. Jake:Yes.
  304. Surma:stack of all these different build steps, there was a cache that just cached the output
  305. Jake:Yes.
  306. Jake:Yes.
  307. Surma:and didn't actually use the new output or something like that.
  308. Jake:Yes.
  309. Surma:We have lost so much time to that.
  310. Jake:Yes.
  311. Jake:Yes.
  312. Surma:No.
  313. Jake:Yes.
  314. Surma:And that's what I was praising so much about Bazel, where I felt like their caching is
  315. Jake:Yes.
  316. Surma:rock solid.
  317. Surma:Not once did I need to, you know, nuke a cache to fix a build error.
  318. Jake:Yes.
  319. Surma:It was always going to be the exact same build error because they got caching right.
  320. Jake:Yes.
  321. Jake:Yes.
  322. Surma:And I feel like Nix does the same.
  323. Surma:And that's, again, where then suddenly, to me, it becomes useful.
  324. Jake:Yes.
  325. Jake:Yes.
  326. Surma:So, you know, in Squoosh, we had this problem.
  327. Surma:We had basically used Docker to have a very consistent, shareable development environment.
  328. Jake:Yes.
  329. Jake:Yes.
  330. Surma:But then we used Makefile's glorified bash scripts to do the building.
  331. Jake:Yes.
  332. Surma:And going back to Nix and the PhD thesis, this is kind of the observation that I'll
  333. Jake:Yes.
  334. Surma:get as well.
  335. Jake:Yes.
  336. Surma:The problem with all of these tools is that on the one hand, they don't accurately necessarily
  337. Jake:Yes.
  338. Jake:Yes.
  339. Surma:track which steps need to be redone or rebuilt.
  340. Jake:Yes.
  341. Surma:And also that in many instances, it doesn't fully capture any variable that can affect
  342. Jake:Yes.
  343. Surma:the output.
  344. Surma:So, for example, in Makefile, you will just write, hey, take Clang as my C++ compiler,
  345. Jake:Yes.
  346. Jake:Yes.
  347. Surma:put these files in and take the output.
  348. Jake:Yes.
  349. Surma:But nowhere do you specify which exact version of Clang it is.
  350. Jake:Yes.
  351. Jake:Yes.
  352. Surma:Yes and no to an extent.
  353. Jake:Yes.
  354. Surma:I think it covers part of it, but it's still not, you know, bulletproof in that sense.
  355. Jake:Yes.
  356. Surma:And so what Alko did when he developed Nix is basically by tackling this problem from
  357. Jake:Yes.
  358. Jake:Yes.
  359. Surma:two sides.
  360. Surma:The one is to design a domain-specific language that is specifically designed to express how
  361. Jake:Yes.
  362. Jake:Yes.
  363. Surma:software is built.
  364. Surma:In that sense, it is like make, but on steroids.
  365. Jake:Yes.
  366. Surma:And these kind of like build recipes in Nix are called a derivation.
  367. Jake:Yes.
  368. Surma:And that's, again, that's probably academia leaking through a little bit, but it's a
  369. Jake:Yes.
  370. Surma:build recipe, right?
  371. Surma:And it is a bit like make in that you actually do end up writing bash scripts or scripts,
  372. Jake:Yes.
  373. Jake:Yes.
  374. Surma:abstraction of bash scripts, but basically just as a way for you to orchestrate these
  375. Jake:Yes.
  376. Surma:individual tools, similar to Makefile, where you invoke different tools and tell them which
  377. Jake:Yes.
  378. Surma:files to consume and where to put the output.
  379. Jake:Yes.
  380. Surma:So really what this is in that sense, again, it is still quite similar.
  381. Jake:Yes.
  382. Surma:These derivations, as they're called, they have inputs, which is usually source code
  383. Jake:Yes.
  384. Surma:and build tools.
  385. Surma:So the build tools are part of the input.
  386. Surma:They're exactly specified and they produce outputs.
  387. Jake:Yes.
  388. Surma:And here's where now the tracking of dependencies gets in.
  389. Jake:Yes.
  390. Surma:And I think it's really interesting that that build recipe, together with a list of the
  391. Jake:Yes.
  392. Surma:source files that it consumes and the tool that it needs, gets cryptographically hashed.
  393. Jake:Yes.
  394. Surma:I'm not going to go into details how, but basically I'm going to hand wave those details
  395. Jake:Yes.
  396. Surma:so that then this build recipe can be stored in what is called the Nix store.
  397. Jake:Yes.
  398. Jake:Yes.
  399. Surma:That's really just a folder on your disk, but that hash becomes part of the name.
  400. Jake:Yes.
  401. Surma:So in that sense, it's a bit like Git where it's content addressable.
  402. Jake:Yes.
  403. Surma:So if something changes in your derivation, it now gets a new name because the hash will
  404. Jake:Yes.
  405. Surma:be different.
  406. Surma:Yes, exactly.
  407. Jake:Yes.
  408. Surma:Because that's exactly where it gets kind of interesting and recursive with Nix, I feel
  409. Jake:Yes.
  410. Surma:like, because both the source files that you want to compile, as well as the tools, must
  411. Jake:Yes.
  412. Jake:Yes.
  413. Surma:come from the Nix store.
  414. Surma:You're basically not allowed to take something from anywhere else.
  415. Jake:Yes.
  416. Surma:So only things that have been hashed, you can use in your build recipe.
  417. Jake:Yes.
  418. Surma:And if you have this item in your Nix store, you can just use it.
  419. Jake:Yes.
  420. Surma:If you don't have it, because this hash also incorporates the build recipe that this item
  421. Jake:Yes.
  422. Jake:Yes.
  423. Surma:was built with, Nix can deduce how to create this item in the Nix store.
  424. Jake:Yes.
  425. Surma:So either you have this exact version of Clang on your system in the Nix store and you can
  426. Jake:Yes.
  427. Surma:use it.
  428. Jake:Yes.
  429. Surma:But if you don't, Nix can figure out how to build this exact version of Clang in the Nix
  430. Jake:Yes.
  431. Surma:store.
  432. Surma:How to build this exact version of Clang so that you have the exact same version of the
  433. Jake:Yes.
  434. Surma:compiler and the exact same version of all libraries and the exact correct source files
  435. Jake:Yes.
  436. Surma:to produce a specific output.
  437. Jake:Yes.
  438. Surma:And that sounds very tedious, but it is actually designed in a way where it's kind of natural
  439. Jake:Yes.
  440. Surma:to write this way.
  441. Jake:Yes.
  442. Surma:Yes, it is.
  443. Surma:In that sense, they bootstrap themselves up to the point where they are completely independent
  444. Jake:Yes.
  445. Jake:Yes.
  446. Surma:of the system.
  447. Surma:And that makes sense because the system is one of the biggest variables that differs
  448. Jake:Yes.
  449. Surma:between, well, systems where these kind of things, it works on my machine, but not yours.
  450. Jake:Yes.
  451. Surma:The origin often is differences in the system.
  452. Jake:Yes.
  453. Surma:And so he has designed this system in a way that you can use in your build recipe.
  454. Jake:Yes.
  455. Surma:Yes.
  456. Surma:So for example, the operating system is part of the hash.
  457. Jake:Yes.
  458. Surma:So that means if I'm building something on Windows, it will, by very definition, get
  459. Jake:Yes.
  460. Jake:Yes.
  461. Surma:a do... it's a do-it-yourself thing.
  462. Surma:It's not a do-it-yourself thing.
  463. Jake:Yes.
  464. Surma:It's a do-it-yourself thing.
  465. Surma:So if I'm building something on Windows, it will, by very definition, get a do...
  466. Jake:Yes.
  467. Jake:Yes.
  468. Surma:It's a different dependency chain all the way down than one on Darwin, because it is
  469. Jake:Yes.
  470. Surma:fundamentally a different operating system.
  471. Jake:Yes.
  472. Surma:It doesn't incorporate the version of the operating system, but I think that's all right
  473. Jake:Yes.
  474. Surma:because operating systems like kernels are stable in their APIs, or they're just assumed
  475. Jake:Yes.
  476. Surma:to be stable.
  477. Surma:And I think that's a realistic assumption.
  478. Jake:Yes.
  479. Surma:Exactly, exactly.
  480. Jake:Yes.
  481. Jake:Yes.
  482. Jake:Yes.
  483. Surma:Yeah.
  484. Surma:So they add stuff, but they barely break stuff.
  485. Jake:Yes.
  486. Surma:Breaking user land is a big no-no when it comes to operating system.
  487. Jake:Yes.
  488. Surma:So every piece of software that you express with Nix, you know, uses... needs tools to
  489. Jake:Yes.
  490. Surma:build it.
  491. Surma:And then these tools themselves must be buildable with Nix.
  492. Jake:Yes.
  493. Surma:Otherwise, they wouldn't exist in Nix.
  494. Surma:And this goes all the way down to like a very small... the smallest possible seed of kind
  495. Jake:Yes.
  496. Jake:Yes.
  497. Surma:of like impureness, where there's like one tiny, very basic, I don't know, maybe it's
  498. Jake:Yes.
  499. Jake:Yes.
  500. Surma:an assembler, I don't know, that is just pre-agreed to be accepted and will just be downloaded
  501. Jake:Yes.
  502. Surma:as a binary file or something.
  503. Surma:And everything else is bootstrapped from there.
  504. Jake:Yes.
  505. Surma:And that's because Nix is all about building software.
  506. Jake:Yes.
  507. Surma:And so it allows you to build the exact same version of this piece of code that you're
  508. Jake:Yes.
  509. Surma:looking at every single time.
  510. Jake:Yes.
  511. Surma:Of course, this sounds really, really slow.
  512. Surma:And it would be really, really slow if every time you'd have to like start from scratch
  513. Jake:Yes.
  514. Surma:and basically invent the universe.
  515. Jake:Yes.
  516. Surma:So the other thing that Alcott also looked at in his thesis is how you can do binary
  517. Jake:Yes.
  518. Jake:Yes.
  519. Surma:caching in a secure manner.
  520. Surma:So that basically, if one machine somewhere has already executed the derivation, like
  521. Jake:Yes.
  522. Jake:Yes.
  523. Surma:build the output, that you can just share that rather than having to rebuild it yourself.
  524. Jake:Yes.
  525. Surma:And there's all kinds of things you need to think about, you know, with like cache poisoning
  526. Jake:Yes.
  527. Surma:and other weird things.
  528. Surma:And he looks at all of it in the thesis.
  529. Jake:Yes.
  530. Surma:But basically, he found a solution that basically you could set up shared caches between systems
  531. Jake:Yes.
  532. Surma:that if one machine has already done the work, you don't need to redo the work, provided
  533. Jake:Yes.
  534. Surma:you have the same operating system.
  535. Jake:Yes.
  536. Jake:Yes.
  537. Surma:Yeah, it is in that sense.
  538. Jake:Yes.
  539. Surma:But the other part is that it is not just about setting up a system.
  540. Jake:Yes.
  541. Surma:It's also about executing build instructions, right?
  542. Jake:Yes.
  543. Surma:Like it's all about build recipe.
  544. Surma:So with Docker, you get your, I guess, you know, a Docker file in a sense, maybe.
  545. Jake:Yes.
  546. Surma:But even there, those are not, I guess, you know, if you think about even a Docker file
  547. Jake:Yes.
  548. Surma:is, it seems to be sufficiently reproducible considering we all use them in certain environments.
  549. Jake:Yes.
  550. Surma:But really, if you look at Docker files, they often just, you know, do apt-get install,
  551. Jake:Yes.
  552. Surma:which just downloads whatever is currently in that Debian package repository.
  553. Jake:Yes.
  554. Jake:Yes.
  555. Surma:And technically, it will definitely not be byte equivalent to what my Docker image looks
  556. Jake:Yes.
  557. Surma:like, necessarily, if we execute.
  558. Jake:Yes.
  559. Surma:Again, this is like the academic level of accuracy.
  560. Surma:And maybe that's not necessary.
  561. Jake:Yes.
  562. Surma:But I think in this case, the sharing these, these are these binary artifacts.
  563. Jake:Yes.
  564. Surma:There is stuff to think and to read about security.
  565. Surma:I'm not going to get into that.
  566. Surma:Because where it then gets interesting next is that, you know, now we have Nix, we can
  567. Surma:build software, we can bootstrap our way up from nothing and kind of.
  568. Surma:So it was originally and you still feel that kind of tailored for downloading tar balls
  569. Surma:of C or C++ source code and building that.
  570. Surma:But from there, you can kind of like continue building and build software packages like
  571. Jake:Yes.
  572. Surma:make or clang or whatever, but also build other language tool chains for like go or
  573. Jake:Yes.
  574. Surma:Dart or Rust.
  575. Surma:And that's what Nix packages is, which is an entire collection of build recipes for
  576. Jake:Yes.
  577. Jake:Yes.
  578. Surma:all kinds of software.
  579. Surma:And I think it is still currently, by a large margin, the biggest collection of packages
  580. Jake:Yes.
  581. Jake:Yes.
  582. Surma:and the most up to date ones.
  583. Surma:If you compare it to, you know, Debian's or Ubuntu's apt, or to Arch Linux's AUR, or
  584. Jake:Yes.
  585. Jake:Yes.
  586. Surma:even to Homebrew, these are all at about a third of the size than what Nix packages
  587. Jake:Yes.
  588. Surma:has.
  589. Jake:Yes.
  590. Jake:Yes.
  591. Jake:Yes.
  592. Jake:Yes.
  593. Jake:Yes.
  594. Jake:Yes.
  595. Jake:Yes.
  596. Surma:There's two factors here.
  597. Surma:The one factor is that it's only achieved this place in the ranking in the last two
  598. Jake:Yes.
  599. Surma:years, I want to say.
  600. Surma:It was, I think, a proactive effort where they basically now have a system where each
  601. Jake:Yes.
  602. Jake:Yes.
  603. Surma:build recipe has a script that will automatically update the build recipe itself if there is
  604. Jake:Yes.
  605. Jake:Yes.
  606. Surma:a new version pushed to, you know, that piece of software GitHub repository.
  607. Jake:Yes.
  608. Surma:Previously, you would have to step in and update the thing.
  609. Surma:But most of the time, you know, software projects just like do minor fixes.
  610. Jake:Yes.
  611. Surma:So compiling a new version is kind of just, you know, bump the reference Git commit, and
  612. Jake:Yes.
  613. Jake:Yes.
  614. Surma:then the same build recipe will probably still work.
  615. Jake:Yes.
  616. Surma:So that's one thing they have done where most of these recipes will now be automatically
  617. Jake:Yes.
  618. Surma:updated on an almost daily basis via CI.
  619. Jake:Yes.
  620. Surma:And the other part is Nix is just weird to an extent.
  621. Surma:It is actually a bit scary to install.
  622. Jake:Yes.
  623. Surma:One of the implications of wanting to be able to share your build output with other users
  624. Jake:Yes.
  625. Jake:Yes.
  626. Surma:on your system, or even people on the internet, is that the building is actually executed
  627. Jake:Yes.
  628. Surma:by a different user on your system.
  629. Jake:Yes.
  630. Surma:So the Nix installer creates a bunch of dummy users.
  631. Jake:Yes.
  632. Surma:And on Mac OS, it even creates a separate partition to prevent being nuked from your
  633. Jake:Yes.
  634. Surma:disk because Mac OS is very precious about what gets to be in your, you know, in slash
  635. Jake:Yes.
  636. Jake:Yes.
  637. Surma:on your file system.
  638. Surma:And it's all legit.
  639. Surma:It's all not dangerous.
  640. Jake:Yes.
  641. Surma:But I think that is definitely the turn for many people if you, you know, you start the
  642. Jake:Yes.
  643. Surma:install and goes like, hey, I'm going to create 30 users, 30 groups and a new partition on
  644. Jake:Yes.
  645. Surma:your Mac hard drive.
  646. Jake:Yes.
  647. Surma:Yeah, I only do it now because, you know, I know it's worth it for me, but I can totally
  648. Jake:Yes.
  649. Surma:I think if you told me this, like half a year ago, I would have said nope, especially
  650. Jake:Yes.
  651. Surma:on my work machine.
  652. Surma:But even there, I've done it now.
  653. Jake:Yes.
  654. Jake:Yes.
  655. Jake:Yes.
  656. Surma:Oh, yeah, it prints it every time you boot.
  657. Surma:Gotta gotta do it.
  658. Surma:So Nix packages is this collection, huge amounts of software in there.
  659. Jake:Yes.
  660. Surma:And also there's stuff in there that lets you, if you were the author of your own Nix
  661. Jake:Yes.
  662. Jake:Yes.
  663. Surma:build recipe, makes your life easier.
  664. Jake:Yes.
  665. Surma:So, you know, instead of having to figure out how to compile, I don't know, Node or
  666. Jake:Yes.
  667. Surma:NPM yourself, because you want to build your own Node project, Nix packages is full of
  668. Jake:Yes.
  669. Surma:helper stuff for the Nix language to do Rust projects, Node projects, Go projects.
  670. Jake:Yes.
  671. Surma:It's all kind of in there.
  672. Jake:Yes.
  673. Surma:There's something you might even call documentation around it.
  674. Surma:But yeah, there is definitely support in there to help you build your own projects using
  675. Jake:Yes.
  676. Jake:Yes.
  677. Surma:Nix if you need these kind of kind of benefits.
  678. Surma:And that's exactly why I've been looking at it for Squoosh, because another problem
  679. Jake:Yes.
  680. Jake:Yes.
  681. Surma:we had in this thing that we are working at this, you know, often our codecs come at the
  682. Jake:Yes.
  683. Surma:very least as a two step compilation process.
  684. Jake:Yes.
  685. Surma:Once you compile the library that contains the codec, and then you compile our glue code
  686. Jake:Yes.
  687. Jake:Yes.
  688. Surma:that, you know, provides the standardized interface that the Squoosh app expects in
  689. Jake:Yes.
  690. Surma:a WebAssembly way to invoke that library.
  691. Jake:Yes.
  692. Surma:And often the work that happens is mostly on the glue code, because we don't develop
  693. Jake:Yes.
  694. Surma:the codecs ourselves.
  695. Surma:We just take those off of GitHub and compile them to a library.
  696. Jake:Yes.
  697. Surma:And then we write the glue code and have to figure out how do we invoke this library correctly.
  698. Jake:Yes.
  699. Surma:But in many cases, it seemed like we end up recompiling the library over and over, which
  700. Jake:Yes.
  701. Surma:takes a long time because those are, you know, quite big, quite complex.
  702. Jake:Yes.
  703. Surma:And similar to what I was a fan about in Bazel is that you can break out these individual
  704. Jake:Yes.
  705. Jake:Yes.
  706. Surma:build steps into singular units of execution, and therefore they're cached individually.
  707. Jake:Yes.
  708. Surma:So once they get built, they will never get rebuilt unless the inputs file change.
  709. Jake:Yes.
  710. Surma:And that's kind of what I've been looking at for both our Rust-based codecs as well
  711. Jake:Yes.
  712. Surma:as our C++ codecs in Squoosh.
  713. Jake:Yes.
  714. Surma:Yeah, I have a branch, and I think because, well, here's the reason why, right?
  715. Jake:Yes.
  716. Surma:Like so far, we have been committing the Wasm binaries to our repository in Squoosh, just
  717. Jake:Yes.
  718. Jake:Yes.
  719. Surma:because most of the time, if we are going to get contributions on Squoosh, it's going
  720. Jake:Yes.
  721. Surma:to be on the web app part, just because Wasm is just more niche, I guess, and probably
  722. Jake:Yes.
  723. Surma:also those things don't need, once they work, they work.
  724. Jake:Yes.
  725. Surma:Maybe an update to a newer version of the codec, but it's a lot rarer that something
  726. Jake:Yes.
  727. Surma:needs to be changing there.
  728. Jake:Yes.
  729. Surma:And so we just committed them.
  730. Surma:And I always feel iffy about committing binaries to a repository.
  731. Jake:Yes.
  732. Surma:But what is the alternative?
  733. Jake:Yes.
  734. Surma:Because building every codec every single time would, at the very least, blow our CI
  735. Jake:Yes.
  736. Surma:runtime.
  737. Surma:But also, it would just make it not fun for people to contribute.
  738. Jake:Yes.
  739. Surma:You clone the repository, you run npm install.
  740. Jake:Yes.
  741. Surma:And the first time you do npm start or run dev, whatever it's called, and then you have
  742. Jake:Yes.
  743. Surma:to wait for, I don't know, yeah, that's not cool.
  744. Jake:Yes.
  745. Surma:And like I said, even if we were to invoke Docker, then it's like, it works maybe great
  746. Jake:Yes.
  747. Surma:for a fresh build.
  748. Surma:But once you start working on the code, there's often these caching problems.
  749. Jake:Yes.
  750. Surma:So yeah, that's why I'm looking into that.
  751. Jake:Yes.
  752. Surma:Because on the one hand, with the hashing of the sources, if you had it built once on
  753. Jake:Yes.
  754. Surma:your system, it would be very fast afterwards.
  755. Jake:Yes.
  756. Surma:But also, we could set up our own remote cache.
  757. Jake:Yes.
  758. Surma:Like there's actually a whole website called cachehicks that does it for you and is free
  759. Jake:Yes.
  760. Surma:for open source projects.
  761. Jake:Yes.
  762. Surma:But you can also just use a GCS bucket.
  763. Surma:And basically, we could just allow people to clone the repository, which would also
  764. Jake:Yes.
  765. Surma:get quicker if the WASM binaries weren't in there anymore.
  766. Jake:Yes.
  767. Surma:And once they do npm run, we would invoke Nix.
  768. Jake:Yes.
  769. Surma:But then it would just end up downloading the result rather than actually doing the
  770. Jake:Yes.
  771. Surma:build.
  772. Jake:Yes.
  773. Surma:Now that presupposes that they have Nix installed, which probably would lead us back to Docker.
  774. Jake:Yes.
  775. Surma:So that's also not a perfect solution.
  776. Surma:I'm not sure yet.
  777. Surma:But I'm mostly exploring it as a means to address the problem of why am I not able to
  778. Jake:Yes.
  779. Jake:Yes.
  780. Surma:fix the bucket I'm investigating?
  781. Jake:Yes.
  782. Surma:And then an hour later, you find out, oh, there's some caching going on somewhere along
  783. Jake:Yes.
  784. Surma:the stack that maybe you didn't know about or that wasn't supposed to be caching, but
  785. Surma:it's caching for some reason anyway, which has just been a massive pain point.
  786. Jake:Yes.
  787. Jake:Yes.
  788. Jake:Yes.
  789. Jake:Yes.
  790. Surma:So that's actually a really good point in general.
  791. Jake:Yes.
  792. Jake:Yes.
  793. Jake:Yes.
  794. Jake:Yes.
  795. Jake:Yes.
  796. Surma:That's also what most of these helper functions for Rust projects, Go projects, JavaScript
  797. Jake:Yes.
  798. Jake:Yes.
  799. Surma:projects do for you, that they download your dependencies for you and also put them in
  800. Jake:Yes.
  801. Surma:the Nix cache.
  802. Surma:So it's an additional like, you know, projects like Rust or JavaScript nowadays have their
  803. Jake:Yes.
  804. Surma:package log file, which already protects against supply chains attacks.
  805. Jake:Yes.
  806. Surma:But if you were to like run your own cache, and then somebody goes ahead and unpublishes
  807. Jake:Yes.
  808. Jake:Yes.
  809. Surma:a package from npm, if you still have it in your cache, you would still be able to build
  810. Jake:Yes.
  811. Surma:it because it's in there.
  812. Surma:And the other part is if somebody if there was a supply chain attack, and somebody manages
  813. Jake:Yes.
  814. Surma:to somehow replace a version somewhere without doing a version bump with malicious code,
  815. Jake:Yes.
  816. Jake:Yes.
  817. Surma:all of that would be caught and it's implemented at the Nix level, it doesn't need to be implemented
  818. Jake:Yes.
  819. Surma:at the language level if you're using.
  820. Surma:So if you're experimenting with like a very new young language or some other build tool
  821. Jake:Yes.
  822. Jake:Yes.
  823. Surma:that doesn't have this kind of protection built in, Nix can provide it for you.
  824. Jake:Yes.
  825. Surma:So this kind of like security thing that you're mentioning, it provides it across the
  826. Jake:Yes.
  827. Surma:entire project.
  828. Surma:And I think that's actually also something really valuable, which is also one of the
  829. Jake:Yes.
  830. Surma:reasons why we are looking at Nix now for Shopify, to see if we can build our system
  831. Jake:Yes.
  832. Surma:with Nix.
  833. Surma:But that's early exploration, nothing I want to commit too much to publicly.
  834. Jake:Yes.
  835. Jake:Yes.
  836. Surma:Yeah, so that's something I'm, I've been working on.
  837. Jake:Yes.
  838. Surma:And I have to say like the Nix packages as a whole has replaced Homebrew for me on my
  839. Jake:Yes.
  840. Surma:system.
  841. Surma:Again, because there is a global shared cache for everything in Nix packages specifically,
  842. Jake:Yes.
  843. Jake:Yes.
  844. Surma:most of the time, it's just downloading.
  845. Surma:So it is really quick.
  846. Surma:It has so many packages in there.
  847. Jake:Yes.
  848. Surma:And not only that, it's very easy to install an older version or a newer version, depending
  849. Jake:Yes.
  850. Surma:on what you need, because each of these packages expresses their dependencies so accurately
  851. Jake:Yes.
  852. Jake:Yes.
  853. Surma:down to like a cryptographic hash that you don't run into this problem where you maybe
  854. Jake:Yes.
  855. Surma:have two pieces of software installed and one needs this new version of the FFmpeg library
  856. Jake:Yes.
  857. Jake:Yes.
  858. Surma:and the other version doesn't work with this new version of FFmpeg but needs the older
  859. Surma:one.
  860. Surma:But both versions of FFmpeg cannot coexist, which is something that has happened before.
  861. Jake:Yes.
  862. Jake:Yes.
  863. Surma:And that I just find really, really appealing.
  864. Jake:Yes.
  865. Jake:Yes.
  866. Surma:Yes.
  867. Jake:Yes.
  868. Surma:No, I know.
  869. Surma:So there's differences.
  870. Jake:Yes.
  871. Surma:One of the things actually, it is actually something I really appreciate about Nix.
  872. Jake:Yes.
  873. Surma:There is a command that you get by default when you install it called nix shell.
  874. Jake:Yes.
  875. Surma:And you can just say nix shell dash p for package and say, for example, FFmpeg.
  876. Jake:Yes.
  877. Surma:And then it will, you know, basically create a new bash shell for you.
  878. Jake:Yes.
  879. Surma:And in the shell, FFmpeg is suddenly available for you and you can use it.
  880. Jake:Yes.
  881. Surma:And once you go out of the shell, FFmpeg is gone again.
  882. Jake:Yes.
  883. Surma:More or less like it was never on your system.
  884. Jake:Yes.
  885. Surma:So it's not like it has installed all kinds of shit to, you know, your slash op slash
  886. Jake:Yes.
  887. Surma:homebrew or anything like there's nothing that has been on your system outside of the
  888. Jake:Yes.
  889. Jake:Yes.
  890. Surma:Nix stores.
  891. Surma:There will be a Nix store item that is specifically for FFmpeg, but everything is contained within
  892. Jake:Yes.
  893. Surma:there.
  894. Surma:So that way you can actually try out something without having to commit to actually fully
  895. Jake:Yes.
  896. Surma:installing on your system.
  897. Jake:Yes.
  898. Surma:And then there's a command called nix collect garbage, which will remove everything from
  899. Jake:Yes.
  900. Surma:a Nix store that you currently don't use anymore.
  901. Surma:You can also install it persistently with a command called nixenv.
  902. Jake:Yes.
  903. Jake:Yes.
  904. Surma:These are kind of like, I guess, not the best practices anymore, but they're the easiest
  905. Surma:to explain.
  906. Jake:Yes.
  907. Surma:So there's, you know, every user gets their own so-called Nix environments, which you
  908. Jake:Yes.
  909. Surma:manage with the command called nixenv.
  910. Surma:And you can add Nix packages to this environment.
  911. Jake:Yes.
  912. Surma:And then they're just there until you remove them again.
  913. Jake:Yes.
  914. Surma:So that's how installing would work.
  915. Jake:Yes.
  916. Jake:Yes.
  917. Jake:Yes.
  918. Surma:With a Nix shell commands, it knows that the second you close the shell with nixenv, when
  919. Jake:Yes.
  920. Surma:you install a package, it installs it into your profile, which sounds very abstract,
  921. Jake:Yes.
  922. Jake:Yes.
  923. Surma:but basically, like I said, every user gets their own environment.
  924. Jake:Yes.
  925. Surma:And an environment is just a collection of symlinks.
  926. Surma:So basically, there will be a .nixprofile folder that is full of symlinks with different
  927. Jake:Yes.
  928. Surma:packages that you have installed.
  929. Jake:Yes.
  930. Surma:And as long as these symlinks exist, it knows it's still needed.
  931. Jake:Yes.
  932. Surma:And then it can obviously, you know, track the dependencies all the way down and basically
  933. Jake:Yes.
  934. Surma:mark what is still needed in Nix store and remove the rest.
  935. Jake:Yes.
  936. Surma:And that's kind of how it works.
  937. Surma:And if you use nixenv to uninstall something, technically, I think you could even just remove
  938. Jake:Yes.
  939. Surma:the symlink.
  940. Surma:I wouldn't recommend that, but you probably can do that.
  941. Jake:Yes.
  942. Surma:If you then run nix collect garbage again, now the symlink isn't there.
  943. Surma:Now this package will not get marked as still in use, and then it will also get removed.
  944. Jake:Yes.
  945. Jake:Yes.
  946. Jake:Yes.
  947. Jake:Yes.
  948. Jake:Yes.
  949. Surma:Yeah, it is weird, but I haven't been told of it.
  950. Jake:Yes.
  951. Surma:I mean, you can, as always, run it in Docker first if you want to play around with it and
  952. Jake:Yes.
  953. Surma:get familiar with the commands.
  954. Surma:To hint at something, there is a thing in Nix project called Home Manager.
  955. Jake:Yes.
  956. Jake:Yes.
  957. Surma:And I don't want to get too much into NixOS, which is a whole Linux distribution that put
  958. Jake:Yes.
  959. Surma:Nix at its heart, but I think it's more of a distraction.
  960. Surma:In Home Manager, basically, you kind of declare the setup of your machine.
  961. Jake:Yes.
  962. Jake:Yes.
  963. Surma:You basically say, these are my config files that I have in my home folder, you know, like,
  964. Jake:Yes.
  965. Surma:like, you know, like people used to have .file repositories.
  966. Jake:Yes.
  967. Surma:But it also lists, I want to have these packages installed.
  968. Jake:Yes.
  969. Surma:And then you can use Home Manager to just, like, set up your machine and continually
  970. Jake:Yes.
  971. Surma:maintain the state.
  972. Surma:So when you want to install a new package, you just add it to your Home Manager config,
  973. Jake:Yes.
  974. Surma:and suddenly this package is now there and installed and set up.
  975. Jake:Yes.
  976. Surma:And if you get a new machine, you just run this config file on a new machine, and it
  977. Jake:Yes.
  978. Surma:will be set up the exact same way.
  979. Surma:And I've done this a couple of times now.
  980. Jake:Yes.
  981. Surma:I've been playing around with a couple of Raspberry Pis at home, and basically being
  982. Jake:Yes.
  983. Surma:able to go on a freshly installed system and run two commands.
  984. Jake:Yes.
  985. Surma:And suddenly my entire environment is there.
  986. Surma:My Vim config, my SSH and GPG keys, all the tools I use are installed.
  987. Jake:Yes.
  988. Jake:Yes.
  989. Surma:There is something about that.
  990. Surma:And again, because it's all, you know, hashed and tracked, it knows exactly whether your
  991. Jake:Yes.
  992. Jake:Yes.
  993. Surma:environment is currently out of date or not.
  994. Surma:It doesn't come without its drawbacks.
  995. Jake:Yes.
  996. Surma:But if I have NerdSnipe people, they should take a look at that because it's, yeah, that's
  997. Jake:Yes.
  998. Surma:what I'm using now.
  999. Surma:I have my Home Manager config where every machine has its own little configuration file.
  1000. Jake:Yes.
  1001. Jake:Yes.
  1002. Surma:And there's a couple of shared files when, you know, because obviously I want the same
  1003. Jake:Yes.
  1004. Surma:Vim config on every machine.
  1005. Surma:So I don't want to duplicate that.
  1006. Surma:And yeah, that's what I use to kind of like make sure my system is set up.
  1007. Jake:Yes.
  1008. Surma:And you can even install, just like with Vue, proper applications.
  1009. Jake:Yes.
  1010. Surma:So if you want to install Arc or Obsidian or Audacity, all these things are available,
  1011. Jake:Yes.
  1012. Jake:Yes.
  1013. Surma:even if they're closed source.
  1014. Surma:Some people have added them to Nix packages and it's just, you know, it's a form that
  1015. Jake:Yes.
  1016. Surma:just downloads a binary.
  1017. Surma:But even there, you will be sure it will always be the exact same version to make sure your
  1018. Jake:Yes.
  1019. Jake:Yes.
  1020. Surma:system is in exactly the same state.
  1021. Surma:And I'm not sure that's always desirable, but for certain things that is definitely
  1022. Jake:Yes.
  1023. Jake:Yes.
  1024. Surma:helpful to know that if this config file is applied to my system, I know that my tools
  1025. Jake:Yes.
  1026. Surma:will work because they have worked on these exact versions for the previous past four
  1027. Jake:Yes.
  1028. Surma:weeks.
  1029. Surma:There's lots more to talk about, but I think I've fanboyed enough for this episode and
  1030. Jake:Yes.
  1031. Surma:I will link to a couple of interesting things to look at for folks who got successfully
  1032. Jake:Yes.
  1033. Jake:Yes.
  1034. Surma:nerd sniped by this.
  1035. Jake:Yes.
  1036. Surma:It does feel a bit like it, right?
  1037. Surma:Because I did Bazel, now I did Nix.
  1038. Jake:Yes.
  1039. Surma:I did feel a bit bad, but at the same time, you know what?
  1040. Jake:Yes.
  1041. Surma:No shame.
  1042. Jake:Yes.
  1043. Jake:Yes.
  1044. Surma:It is, it's the best part of it.
  1045. Jake:Yes.
  1046. Jake:Yes.
  1047. Surma:I feel like sometimes, well, you know, after your episode, we had to digest.
  1048. Surma:I definitely now need to digest my own episode.
  1049. Jake:Yes.
  1050. Surma:So I think with all that being said, with all that being shared, I think there's nothing
  1051. Jake:Yes.
  1052. Surma:left to say except for happy next time.
  1053. Jake:Yes.
  1054. Jake:Yes.
  1055. Jake:Yes.
  1056. Jake:Yes.
  1057. Jake:Yes.
  1058. Jake:Yes.
  1059. Jake:Yes.
  1060. Jake:Yes.
  1061. Jake:Yes.