\begin{chapter}[id=ch-about-nix]{About Nix}Nix is a \emph{purely functional

1. \begin{chapter}[id=ch-about-nix]{About Nix}
2.  
3. Nix is a \emph{purely functional package manager}.  This means that it
4. treats packages like values in purely functional programming languages
5. such as Haskell — they are built by functions that don’t have
6. side-effects, and they never change after they have been built.  Nix
7. stores packages in the \emph{Nix store}, usually the directory
8. \filename{/nix/store}, where each package has its own unique
9. subdirectory such as
10.  
11.  \listing{/nix/store/b6gvzjyb2pg0kjfwrjmg1vfhh54ad73z-firefox-33.1/}
12.  
13. where \code{b6gvzjyb2pg0…} is a unique identifier for the package that
14. captures all its dependencies (it’s a cryptographic hash of the
15. package’s build dependency graph).  This enables many powerful
16. features.
17.  
18.  
19. \simplesect{Multiple versions}{
20.  
21. You can have multiple versions or variants of a package
22. installed at the same time.  This is especially important when
23. different applications have dependencies on different versions of the
24. same package — it prevents the “DLL hell”.  Because of the hashing
25. scheme, different versions of a package end up in different paths in
26. the Nix store, so they don’t interfere with each other.
27.  
28. An important consequence is that operations like upgrading or
29. uninstalling an application cannot break other applications, since
30. these operations never “destructively” update or delete files that are
31. used by other packages.
32.  
33. }
34.  
35. \simplesect{Complete dependencies}{
36.  
37. Nix helps you make sure that package dependency specifications are
38. complete.  In general, when you’re making a package for a package
39. management system like RPM, you have to specify for each package what
40. its dependencies are, but there are no guarantees that this
41. specification is complete.  If you forget a dependency, then the
42. package will build and work correctly on \emph{your} machine if you
43. have the dependency installed, but not on the end user's machine if
44. it's not there.
45.  
46. Since Nix on the other hand doesn’t install packages in “global”
47. locations like \filename{/usr/bin} but in package-specific
48. directories, the risk of incomplete dependencies is greatly reduced.
49. This is because tools such as compilers don’t search in per-packages
50. directories such as
51. \filename{/nix/store/5lbfaxb722zp…-openssl-0.9.8d/include}, so if a
52. package builds correctly on your system, this is because you specified
53. the dependency explicitly.
54.  
55. Once a package is built, runtime dependencies are found by scanning
56. binaries for the hash parts of Nix store paths (such as
57. \code{r8vvq9kq…}).  This sounds risky, but it works extremely well.
58.  
59. }
60.  
61. \simplesect{Multi-user support}{
62.  
63. Nix has multi-user support.  This means that non-privileged users can
64. securely install software.  Each user can have a different
65. \emph{profile}, a set of packages in the Nix store that appear in the
66. user’s \envar{PATH}.  If a user installs a package that another user
67. has already installed previously, the package won’t be built or
68. downloaded a second time.  At the same time, it is not possible for
69. one user to inject a Trojan horse into a package that might be used by
70. another user.
71.  
72. }
73.  
74. \simplesect{Atomic upgrades and rollbacks}{
75.  
76. Since package management operations never overwrite packages in the
77. Nix store but just add new versions in different paths, they are
78. \emph{atomic}.  So during a package upgrade, there is no time window
79. in which the package has some files from the old version and some
80. files from the new version — which would be bad because a program
81. might well crash if it’s started during that period.
82.  
83. And since packages aren’t overwritten, the old versions are still
84. there after an upgrade.  This means that you can \emph{roll
85. back} to the old version:
86.  
87.  \screen{
88.  $ nix-env --upgrade <replaceable>some-packages</replaceable>
89.  $ nix-env --rollback
90.  }
91.  
92. }
93.  
94. \simplesect{Garbage collection}{
95.  
96. When you uninstall a package like this…
97.  
98.  \screen{$ nix-env --uninstall firefox}
100. the package isn’t deleted from the system right away (after all, you
101. might want to do a rollback, or it might be in the profiles of other
102. users).  Instead, unused packages can be deleted safely by running the
103. \emph{garbage collector}:
105.  \screen{$ nix-collect-garbage}
106.  
107. This deletes all packages that aren’t in use by any user profile or by
108. a currently running program.
109.  
110. }
111.  
112. \simplesect{Functional package language}{
113.  
114. Packages are built from \emph{Nix expressions},
115. which is a simple functional language.  A Nix expression describes
116. everything that goes into a package build action (a “derivation”):
117. other packages, sources, the build script, environment variables for
118. the build script, etc.  Nix tries very hard to ensure that Nix
119. expressions are \emph{deterministic}: building a Nix
120. expression twice should yield the same result.
121.  
122. Because it’s a functional language, it’s easy to support
123. building variants of a package: turn the Nix expression into a
124. function and call it any number of times with the appropriate
125. arguments.  Due to the hashing scheme, variants don’t conflict with
126. each other in the Nix store.
127.  
128. }
129.  
130. \simplesect{Transparent source/binary deployment}{
131.  
132. Nix expressions generally describe how to build a package from
133. source, so an installation action like
134.  
135.  \screen{$ nix-env --install firefox}
137. \emph{could} cause quite a bit of build activity, as not only Firefox
138. but also all its dependencies (all the way up to the C library and the
139. compiler) would have to built, at least if they are not already in the
140. Nix store.  This is a \emph{source deployment model}.  For most users,
141. building from source is not very pleasant as it takes far too long.
142. However, Nix can automatically skip building from source and instead
143. use a \emph{binary cache}, a web server that provides pre-built
144. binaries. For instance, when asked to build
145. \code{/nix/store/b6gvzjyb2pg0…-firefox-33.1} from source, Nix would
146. first check if the file
147. \uri{https://cache.nixos.org/b6gvzjyb2pg0….narinfo} exists, and if so,
148. fetch the pre-built binary referenced from there; otherwise, it would
149. fall back to building from source.
151. }
153. \#{\simplesect{Binary patching}{
155. In addition to downloading binaries automatically if they’re
156. available, Nix can download binary deltas that patch an existing
157. package in the Nix store into a new version.  This speeds up
158. upgrades.
160. }}
162. \simplesect{Nix Packages collection}{
164. We provide a large set of Nix expressions containing hundreds of
165. existing Unix packages, the \emph{Nix Packages
166. collection} (Nixpkgs).
168. }
170. \simplesect{Managing build environments}{
172. Nix is extremely useful for developers as it makes it easy to
173. automatically set up the build environment for a package. Given a Nix
174. expression that describes the dependencies of your package, the
175. command \command{nix-shell} will build or download those dependencies
176. if they’re not already in your Nix store, and then start a Bash shell
177. in which all necessary environment variables (such as compiler search
178. paths) are set.
180. For example, the following command gets all dependencies of the Pan
181. newsreader, as described by
182. \link{https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/newsreaders/pan/default.nix}{its
183.  Nix expression}:
185.  \screen{$ nix-shell '<nixpkgs>' -A pan}
186.  
187. You’re then dropped into a shell where you can edit, build and test
188. the package:
189.  
190.  \screen{{{
191.  [nix-shell]$ tar xf $src
192.  [nix-shell]$ cd pan-*
193.  [nix-shell]$ ./configure
194.  [nix-shell]$ make
195.  [nix-shell]$ ./pan/gui/pan
196.  }}}
197.  
198. \#{
199. Since Nix packages are reproducible and have complete dependency
200. specifications, Nix makes an excellent basis for
201. \link{https://nixos.org/hydra}{a continuous build system}.
202. }
203.  
204. }
205.  
206. \simplesect{Portability}{
207.  
208. Nix runs on Linux and macOS.
209.  
210. }
211.  
212. \simplesect{NixOS}{
213.  
214. NixOS is a Linux distribution based on Nix.  It uses Nix not just for
215. package management but also to manage the system configuration (e.g.,
216. to build configuration files in \filename{/etc}).  This means, among
217. other things, that it is easy to roll back the entire configuration of
218. the system to an earlier state.  Also, users can install software
219. without root privileges.  For more information and downloads, see the
220. \link{http://nixos.org/}{NixOS homepage}.
221.  
222. }
223.  
224. \simplesect{License}{
225.  
226. Nix is released under the terms of the
227. \link{http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html}{GNU
228.  LGPLv2.1 or (at your option) any later version}.
229.  
230. }
231.  
232. \end{chapter}