1. 2

    I don’t understand this “pin the channel git SHA” part of the process. Say I have some software environment in production that runs with fixed versions of nodejs, pan doc, and postgres. How do I find the right Nix SHA that contains the desired versions of all of those packages? If such a SHA doesn’t exist, what do I do? Find the best SHA for the majority of the packages then go back to installing the rest manually with a shell script? Sounds like a Dockerfile with a much more difficult specification language.

    1. 7

      The idea of pinning a sha is that all packages in the nixpkgs repo are guaranteed to work together for any given sha. For the most common programs, nix ships multiple versions by default to make it easy to switch between versions (nodejs has 10/12/14/16, postgres has 9.6/10/11/12/13). If you need exact dependencies you can create an overlay to specify the exact version of the dependency that you need.

      The advantage over a Dockerfile is that in Nix each program can depend on their own versioned set of dependencies: so you can have program hello depending on libyaml-0.12 and program goodbye depending on libyaml-0.13. In Nix they can co-exist peacefully without interfering with each other.

      1. 3

        Technically you don’t even need niv to do that either. You can encode the sha you wish to pin right in the default.nix.

        In fact both niv and direnv in the examples are unnecessary technically although they may make some things a little easier.

        1. 1

          How do I find the right SHA?

          1. 2

            I wrote a tool to help do that:

            https://ahobson.github.io/nix-package-search/#/

            1. 1

              Usually you pick a released nixpkg version. This page gives a pretty decent overview of the various methods to pin stuff. https://nixos.wiki/wiki/FAQ/Pinning_Nixpkgs

            2. 1

              OP here: completely agree that niv and direnv are technically unnecessary :) I wrote the post with in mind a complete Nix beginner that doesn’t really want to run nix-shell or pin nixpkgs manually, or learn how to use Nix flakes. I’ll use it as a resource to point people that are curious about Nix and want to try it without having to understand too much in depth how it works.