{"id":23020230,"url":"https://github.com/brainrake/nix-org","last_synced_at":"2026-02-17T02:35:26.454Z","repository":{"id":139111137,"uuid":"56862720","full_name":"brainrake/nix-org","owner":"brainrake","description":"Run Your Organization on Nix and Friends","archived":false,"fork":false,"pushed_at":"2016-05-09T10:46:07.000Z","size":8,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-14T01:33:29.555Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brainrake.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-04-22T14:47:40.000Z","updated_at":"2016-09-17T15:32:15.000Z","dependencies_parsed_at":"2023-06-04T03:45:19.740Z","dependency_job_id":null,"html_url":"https://github.com/brainrake/nix-org","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/brainrake/nix-org","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainrake%2Fnix-org","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainrake%2Fnix-org/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainrake%2Fnix-org/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainrake%2Fnix-org/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brainrake","download_url":"https://codeload.github.com/brainrake/nix-org/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brainrake%2Fnix-org/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29531027,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-17T00:57:22.232Z","status":"online","status_checked_at":"2026-02-17T02:00:08.105Z","response_time":100,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-15T12:13:32.451Z","updated_at":"2026-02-17T02:35:26.409Z","avatar_url":"https://github.com/brainrake.png","language":null,"readme":"# Run Your Organization on Nix\n\nThis series of articles will show you how to effectively run your company's\ndevelopment process and infrastructure using Nix and friends.\nIt will save you time and headaches by eliminating vast minefields of failure\nand largely or completely replacing the need for a variety of technologies such as:\n\n- package management - apt-get, yum, maven, npm, pip, bundler, cabal ...\n- \"isolated\" environments - nvm, rvm, virtualenv, nodeenv, stack ...\n- package registries - pypi, rubygems, npm, bower, hackage\n- configuration management - puppet, chef, ansible, salt ...\n- deployment - puppet master, ansible ...\n- process management and monitoring - supervisord, monit, upstart, pm2 ...\n- containers - docker, rkt\n- server provisioning - fog, terraform, cloudformation, heat, boto ...\n- operating system - ubuntu, debian, coreos ...\n\nMany of these tools try to solve closely related problems in slightly\ndifferent contexts. They all work reasonably well upto a point, but then the\ncomplexity becomes untraceable. They all fail in the same way: most operations\nrely on the current state of the system, which in turn is the result of previous\noperations, as well as outside effects that the tool in question does not know\nabout.\n\nNix uses a fundamentally different approach. It is purely functional, meaning\nthat in any context, the inputs (and nothing else) completely and unambiguously\ndetermine the output. Nix takes this simple principle to its conclusion by\napplying it pervasively, with great success.\n\nSystem state is irrelevant. Discovering the status quo is unnecessary.\nIf something is not specified, it does not exist, so it cannot influence reality.\nThere are no unknowns, so we don't have to think about them.\nSuch is the power of purity.\n\nThe following articles describe how Nix applies to many aspects of your\norganization's technology process: development, build, test, deployment,\nconfiguration, provisioning - essentially, all of DevOps. For each use, they will\nshow what tools are replaced or tamed, what problems purity eliminates, what\nopportunities it creates, and how exactly to use Nix and friends in that role,\nusing a running example - a SaaS developed with\n\nOf course, Nix is not a panacea. There are problems it cannot solve, and it has\na few problems of its own. The large number of problems that it does solve, and\nthe flexibility and safety gained make it highly worthwile.\n\n\n### Introduction\n\nNix is a package manager and a pure functional language used to define,\nconfigure and build packages. The inputs (dependencies) completely determine\nthe output (resulting package). This approach eliminates the single most\npersistent and ubiquitous source of errors, failures, ambiguities, differences,\nand undefined behaviour: state.\n\nA system's current state, when not precisely defined, is a source of complexity\nthat cannot, even in principle, be accounted for. The result of evaluating a\nfunction, or running a program, or building a package, depend on the complete\nstate of the system. Building the same package on a system with a different\nconfiguration, although the dependencies are satisfied, can fail, or result in a\ndifferent output.\n\nPackage managers like apt-get and npm try to cope with this by asking maintainers to\nlist dependencies. But if a dependency is present but not listed, it will lead\nto an irreproducible build, and a package that doesn't work.\n\nConfiguration management systems like puppet and chef try to cope by\ngathering information about the current configuration and trying to determine\nthe difference compared to the requested configuration, but this fails because\nthe state is dependent on all  of the previous states, and the described\nconfiguration doesn't account for the influence of all that is _not_ specified.\n\n[Nix](https://nixos.org/nix/) sidesteps these problems by following by being purely functional.\nOnly the inputs determine the outputs. When run with the same inputs, the output\nis always the same.\n\nApplied to package management, this principle leads to reproducible builds\nthat once successfully built, cannot break, regardless of what else is going on\nin the system. Packages can only see specified inputs (dependencies), so nothing\nelse can affect the build output, wether it succeeds, or what is available at runtime.\nPackages are also immutable. They cannot change\n\nDifferent versions of libraries can coexist witout any problems.\nDifferent environments can live side by side without any interference.\nDevelopment environments can finally be truly isolated, not only in name and intent.\nInstalls, updates, and all changes in general are atomic. They either succeed,\nor they don't, in which case no changes at all are applied.\n\n[NixOS](https://nixos.org/) applies this principle to the whole operating system,\nusing the same Nix language to build a reproducible, immutable, fully specified OS.\nIt manages system configuration, services, users, and much more, and given a\nconfiguration, always results in the same system, no matter where you start from.\nNot because it finds the differences and patches them, but because conceptually,\nit always starts from scratch, with no assumptions and no influence of the past.\n\n[NixOps](https://nixos.org/nixops/) in turn is a tool for deploying NixOS configurations on cloud servers.\nIt replaces cloud provisioning and deployment tools and brings the same advantages\nof statelessness, purity, immutability and reproducibility to a cloud workflow,\nso you can run anything at scale.\n\n[Hydra](https://nixos.org/hydra/) ties all this together by building nix packages and providing a binary\ncache, so you can download packages instead of building them for every install,\n\nTogether, these tools allow you to run your whole software infrastructure:\n\n- develop in isolated, reproducible nix environments\n- automatically build, test, and publish packages with hydra and nix channels\n- fully and declaratively specify immutable, atomically upgradable servers with NixOS\n- provision and deploy servers and services on the cloud with NixOps\n\n\n### Manage and Configure Packages with Nix\n\n- Status: **complete**\n- Difficulty: **easy**\n- Replaces:\n  - general package management - apt-get\n  - mostly: language-specific package management: npm, pip, bundler, cabal\n  - build tools: make, rake, setuptools, npm,\n\n[TODO]\n\n\n### Develop, Build and Test Your Software with Nix\n\n- Status: **complete**\n- Difficulty: **easy**\n- Replaces:\n  - general package management\n  - language-specific package management (mostly): npm, pip, bundler, cabal\n  - third-party package registries and repositories: npm, pypi,\n  - build tools: make, rake, setuptools, npm,\n\n[TODO]\n\n\n### Declare Your System with NixOS\n\n- Status: **complete**\n- Difficulty: **easy**\n- Replaces:\n  - OS - debuntu, redhat, coreos, arch (yes, you too)\n  - package management\n  - process management\n\n[TODO]\n\n\n### Isolate Your Services with NixOS Containers\n\n- Staus: **complete**\n- Difficulty: **easy**\n- Replaces:\n  - package management\n  - process management\n  - language-specific \"isolated\" environments\n  - third party registries and repositories\n  - containers: docker, rkt, vagga, lxc\n- Advantages:\n  - fast and small, uses shared Nix Store\n  - no need to ship container images around\n\n[TODO]\n\n\n### Provision Cloud Servers with NixOps\n\n- Status: **fairly complete** but not many clouds are supported\n- Difficulty: **easy**\n- Replaces:\n  - configuration management: puppet, chef, ansible\n  - deployment management: puppet master, chef, ansible\n  - provisioning: terraform, ...\n\n[TODO]\n\n\n### Automate Builds and Serve Packages with Hydra and Nix Channel\n\n- Status: **needs integration**\n- Difficulty: **medium** needs manual setup and build :(\n- Replaces:\n  - continuous integration/deployment - jenkins, travis, strider\n  - package repositories - dpkg, npm, pypi, rubygems, hackage\n- Advantage:\n  - reproducible builds\n  - cryptographically signed binary caches of source packages\n\n[TODO]\n\n\n\n### All Together\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrainrake%2Fnix-org","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrainrake%2Fnix-org","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrainrake%2Fnix-org/lists"}