NixUP – State and Future of a Nix-Managed User Profile

Video thumbnail (Frame 0) Video thumbnail (Frame 722) Video thumbnail (Frame 1656) Video thumbnail (Frame 2766) Video thumbnail (Frame 4889) Video thumbnail (Frame 5662) Video thumbnail (Frame 7157) Video thumbnail (Frame 8071) Video thumbnail (Frame 12105) Video thumbnail (Frame 14474)
Video in TIB AV-Portal: NixUP – State and Future of a Nix-Managed User Profile

Formal Metadata

Title
NixUP – State and Future of a Nix-Managed User Profile
Title of Series
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2017
Language
English
Production Year
2017

Content Metadata

Subject Area
Abstract
Nix User Profile (NixUP) should have been a declarative configuration for the user environment [1]. By now similar solutions have emerged, like nix-home [2] or home-manager [3]. In this talk the different approaches will be reviewed and an update on the state and future of NixUP will be given. [1] https://github.com/NixOS/nixpkgs/pull/9250 [2] https://github.com/sheenobu/nix-home [3] https://github.com/rycee/home-manager
Statistics State of matter
User interface Service (economics) Implementation Service (economics) Computer file Computer file Set (mathematics) Directory service Directory service Declarative programming User profile User profile Centralizer and normalizer Data management Configuration space Implementation
Computer file Forcing (mathematics) Disintegration Projective plane Bit User profile Data management Computer configuration Mixed reality Einbettung <Mathematik> Configuration space Integrated development environment Einbettung <Mathematik> Modul <Datentyp> Configuration space Resultant Thumbnail
Service (economics) Service (economics) Link (knot theory) Computer file Computer file File system Content (media) Attribute grammar Directory service Bit Directory service Content (media) Mereology User profile Data management User profile Hash function File system Configuration space Configuration space Physical system Physical system
Ocean current Functional (mathematics) Dynamical system Service (economics) Link (knot theory) Computer file Source code Set (mathematics) Directory service Online help Function (mathematics) Parameter (computer programming) Power (physics) Data management User profile Computer configuration Atomic number Software testing Aerodynamics Information security Source code Service (economics) Dependent and independent variables Link (knot theory) Computer file Data storage device Content (media) Directory service Arithmetic mean Fluid statics Hash function Mixed reality Order (biology) output Software testing Information security Genetic programming
Web page Slide rule Functional (mathematics) Server (computing) Implementation Service (economics) Computer file Distribution (mathematics) State of matter Multiplication sign Mehrplatzsystem 1 (number) Rollback (data management) Revision control Data management Operating system Configuration space Metropolitan area network Physical system Service (economics) Distribution (mathematics) Moment (mathematics) Electronic mailing list Planning Database Directory service Instance (computer science) Limit (category theory) Declarative programming User profile Type theory Subject indexing Data mining Software Software repository Mixed reality Revision control Configuration space Right angle Procedural programming Functional (mathematics) Physical system
all right let's start so you remember from before the statistics there was one issue with 155 comments I think is the one that's too much well started almost two years ago and so today is gonna talk about this issue thank you for the kind introduction hello everyone so yes I want to talk about mix-up mix-up is a
declarative way of managing your user environment and what it basically is it's copying the way how we manage the NICS OS operating system into and use the same method that we learn to actually manage our home user environment so you have a central configuration file that we write down which packages we want to have installed which services should be running and which resources or files we want to have linked in to our home directory and then a set of su the tools to instantiate this user profile and as you've already
heard behaviorist rod Rhodes so I remember people talking about it back in 2014 Nickolas then implemented at first the first a year and then I opened this long-standing cool request which by now has 150 comments and 60 participants and it last year it already had enough attention so that Peter had to mention it in his April Fool's joke and finally by beginning of this year Robert Ferguson he implemented or announced a real implementation of it called Home Manager and then when I heard about this conference I thought what do I do about this pull request should I actually just work on it and so I wonder is it worth
the effort our people really interested in to this feature ends up I have this problem I went through this pull request and I saw a lot of comments and people like that and had a lot a lot of thumbs up and likes and I thought but they're so cheap are people really willing to put their money where their mouth is and so I thought could I just ask them to donate money to the next one Foundation just for me to measure how real the interest really is and if the result was that in the end around 20 people donated or pledged 650 euros so big thanks to all of you with it then but for me it wasn't conclusive what I should do in the end if it would have been a hundred people I would have said yes people loved it so I should really do it and if it would have been just fifty years I would have said well apparently it's just me and I would have dropped it but this result somehow left me in between and then I thought well Tomas come on just do it and so and so the overall design was very clear for me from the beginning there are this whole miniature and so I reached out to Robert and said can we somehow join forces because I didn't want to start another project and so he said yes we should and so I could just focus on this deep embedding into Nexus which whole manager so far has not and so with a little bit
of luck by the end of the workshop next week you should have an option mix-up enable within your mix OS or configuration and the your configuration file should go or we'll go into config mix up profile dot next and then with a little bit of luck Nick cerebral switch should do its job and present you all the features that is right before the
content of the next up profile next is something that you should get you probably familiar with from the Nexus S configuration itself so you can write down which packages you want to have which file should be linked in to your home directory or which services should be running maybe system D services might be switched to user services I don't know yet but Indian it's very standard the only thing that took a little bit more effort for me it was this part here so linking files into the home directory is something I'm very careful about because your link you have the users home directory and I linked things in when I switch to a certain profile and if I switch away from the profile I somehow want to remove this links or data that I copied again and so this is something where I had to be sure that I'm not accidentally deleting stuff files that the user actually cared about and so to
solve this or my idea was that I implemented a way of adding extended filesystem attributes to every file that I generated or they're linked and I tagged them with a hash of the path relative to its home directory and the initial content so that afterwards if you would change the content of the file of it or if you would move it around this could be detected then switching away from this profile so that this content in the from the user is actually for generating the files you will get a
few options as well the first one is that sources can be either static or dynamic static means that whatever is within the next store is just copied or linked into your home directory dynamic means that what is stored in the mix in the next door it's more or less a function that is called with a parameter to the file that you should want to that you actually want to create so it means that dynamic sources they take the current file as input and should generate the new content as output for the files that are generated you also have two options the I began can be non-volatile which means they are protected or volatile which me so non-volatile means that if you're switching away we're checking the hash that we stored against the content that is there at this moment and if it is not the same which are stopped whereas for volatile we don't care about this initial content and we just remove the file as we expected it to change so these two options they give you great power but they also will come with great responsibility so just be warned a few more notes about it about switching the files so files itself if if the file is present in the old and the new profile this file will be switched atomically so you should all it should always be there symbolic links into the next store will always be followed so before creating the link we really resolve it to the final target so either a file or a directory or the dangling link and so this is the one thing the thing that will be stored or ever be created there is no switching atomic switching of sets of files because I couldn't give you any particular girl and he's only the only thing that I can guarantee that is guaranteed is that the order of switching from one profile to the other always deactivates unwanted services switches the resource files or final resources and then activates the new services and the best thing about it it it's almost done so I will need a little more help about with testing and especially security review and writing documentation but I'm very confident that this can get done so thank you very
much and before I stop talking I take the
chance to talk about what I want to work on next so the next thing I want to work upon is about managing States indexes so Nix is is this wonderful purely functional Linux distribution for installing packages but what about executing the services that you install so we all know about what guarantees do we have that once we want to execute a service that it has actually the right data to operate on so you always know this procedure you are this this let's have some happening you upgrade your software as a database server gets upgraded it executes for the first time it upgrades your database and then for whatever reason you want to roll back and you can't discuss your data is already nearer than the version of your software that you want to switch to so how can we prevent this from happening that's the thing that I want to work on and mine export checkers obvious and we are here is that we I could we could maybe just annotate resources within that within our mixer s configuration list cut some kind of text types that we collect during the build of the new operating system of the configuration and that we check before we activate this so this is something that probably requires another conference for me to get started but that's it thank you very much
any questions so in the original configuration paid you showed on the first page it basically specified a path into the home directory where the Knicks up config was for that user what if you wanted to use this with something like Knicks ops where when you do a Knicks ops deploy it grabs your configuration file from the local repo and sets up the home users directory okay I couldn't so sorry so um on the first page your slide you showed a or it might have been the second page you showed right next one the one with the brown and it that one there no right back dot config Knicks up profile mix so I'm assuming that's basically a file that the user would put in their home directory what if you wanted to use this with something like Knicks ops for remote instances where you wanted to basically manage some files in a single users home directory using this tool but you wanted that declaratively defined on the system where you're actually using it so so you mean you want to be finding the OS configuration you want to define them like the deployment dot next file in like Knicks ops so basically instead of having the mix-up config file on the system itself you want the Knicks up config file defined where you're running Knicks off yeah and this is that possible or you know it's plan its plan so so now I just want to get it in man get this basic feature and then it should be possible to also have some declarative configuration within the operating system configuration as well so I think this I hope without knowing it but I guess this would resolve this issue as well ok last question well hello I have a simple question could you summarize what are the limitations of your implementation at the moment just summarize limitations and if there are any as compared to the system way of declaring sister packages I'm absolutely sure that their limitations could you which ones are you thinking about and that's a very good question [Laughter] so yeah we will see we will see it's it's so the implementation is very new we need a lot of people to test it and I think they they have to tell me because they are it's the same issue as putting secrets into the year in excess configuration so tonight we can talk about it on the drink yeah I think there was one last question oh okay thank you very much you
Feedback