Distro agnostic packages like flatpaks and appimages have become extremely popular over the past few years, yet they seem to get a lot of dirt thrown on them because they are super bloated (since they bring all their dependencies with them).
NixPkgs are also distro agnostic, but they are about as light as regular system packages (.deb/.rpm/.PKG) all the while having an impressive 80 000 packages in their repos.
I don’t get why more people aren’t using them, sure they do need some tweaking but so do flatpaks, my main theory is that there are no graphical installer for them and the CLI installer is lacking (no progress bar, no ETA, strange syntax) I’m also scared that there is a downside to them I dont know about.
The way nix installs in my root directory in another distro is a no-go for me
I can reassure you that it does not encroach on anything the “host” distro package manager does and does not cause conflicts with it.
At runtime, it only ever touches things in `/nix; it’s self-contained.
The only time Nix needs to interact with the host distro in any way is during install where it must place a little glue in your system configuration for things like PATH, bash completions or the nix-daemon to work as expected.
IIRC it puts a user owned directory inside the root. I have no clue what the total implications are in respect to privacy and security.
The last time I looked the NIX solution to secure boot keys was to disable secure boot, making the largest attack surface on modern computers completely unprotected by default. The idea of leaving it up to the user to figure out keys and self signing was a giant red flag for me. My current workstation requires a shim as the bootloader that came with the device rejects custom keys and I didn’t care to figure out Keytool on my own to boot into UEFI and try to change them by force. That knocked NIX off my list of complete distros to run. While I don’t know the implications for the NIX package manager on another distro, this is the combination of real factors that formed my chain of reasoning about using NIX in both respects.
I also ran arch for a few weeks once and am now extremely skeptical of any distro that presents anything that hints at “you figure it out yourself” complications for basic function. After Arch I went to Gentoo back when the Sakaki guide still worked and that was much more my style. I had something that just works, and made extra complications much more approachable. Specifically, I found documented entry points on things I didn’t understand, approached in ways I found useful. I don’t recall exactly what I was trying to do at this point, but with NIX I spent a couple of days trying to figure out stuff and went in circles. I think I had come across a NIX package for KoboldCPP and tried a bunch of stuff that didn’t work.
Anyways, I have nothing against NIX and might try it again one day. This is not bashing on NIX, or calling it inadequate. This was just my experience as a dumb user.
None.
Are we talking about Nix or NixOS here now? These are entirely different things.
Nix on non-NixOS does not care whether that OS can do secure boot or not.
As for NixOS: https://github.com/nix-community/lanzaboote
(Not sure what you’d actually want to achieve with “secure” boot as it doesn’t protect you against anything on its own.)
The current support for secure boot in NixOS is rather experimental still. It’s the same as any other distro that hasn’t applied to RedHat to get their shim signed with a M$-trusted key, so I don’t really see your point here.
That aspect is also being worked on as we speak.
That’s your ignorance’s fault, not any distro’s. If you can’t be bothered to plug in your own keys, you limit yourself to the set of distros that are indirectly officially approved by M$.
If you need your hand held, the Nix ecosystem won’t be for you. It’s not really approachable by people who can’t research things in its current state.
Nothing wrong with that but Nix just isn’t at the point where mere mortals can reasonably be expected to be able to use it.
deleted by creator