Why we've built yet another Nix deployment tool

@domenkozar / NixCon 2022

Documentation

Infrastructure

  • binary caches

  • deployments

https://nix.dev

There's not a lack of deployment tooling

 

  • Colmena
  • deploy-rs
  • krops
  • kubenix
  • kubernix
  • morph
  • Nixery
  • pushnix
  • terraform-nixos
  • autoUpgrade
  • bento
  • hail

Developer Experience

Simple setup

Support for known dev workflows

Documentation

Intuitive interface

How do you manage your NixOS laptop?

$ vim /etc/nixos/configuration.nix

$ nixos-rebuild switch

$ vim mymachine.nix

$ git commit && git push

 

Reality

Inspiration

Design decisions

Firewall agnostic

CI / CD workflow

Binary deployments

Pull architecture

Cloud scale

slow/intermittent connection friendly

Provisioning

Nix

Terraform

Continuous Delivery (CD)

1. Build Nix derivations

2. Push to a binary cache

3. Deploy!

cachix deploy agent myagent [nix-profile]

cachix deploy agent myagent --bootstrap

Cachix 1.1 (upcoming)

(nix-darwin installation just works)!

Running an agent

cachix deploy activate spec.json

{
  "agents": {
    "myagent": "/nix/store/...-nixos-system-myagent-22.05"
  },
  "rollbackScript": {
    "x86_64-linux": "/nix/store/...-rollback.sh"
  }
}

Tutorials

  • https://docs.cachix.org/deploy/running-an-agent/manually
  • https://docs.cachix.org/deploy/running-an-agent/nixos
  • https://docs.cachix.org/deploy/running-an-agent/darwin

Upcoming

  • https://github.com/cachix/cachix-deploy-aws
  • https://github.com/cachix/cachix-deploy-terraform
  • Hetzner metal
  • ?

Diffing deployments

OCEANSPRINT.ORG

Questions?

docs.cachix.org/deploy

domen@cachix.org / @domenkozar

Pricing: the first 10 agents are free.

Why we've built yet another Nix deployment tool

By ielectric

Made with Slides.com

Why we've built yet another Nix deployment tool

  • 127

More from ielectric