• SavvyWolf@pawb.social
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    1 day ago

    Honestly, since getting into NixOS, I’ve found that much more of an elegant system than Docker or whatever.

    • Atemu@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      17 hours ago

      You’re comparing apples to oranges. One is a declarative Linux system environment creation solution and the other a daemon that starts sub-system environments using Linux namespaces.

      You could in theory use NixOS to define a system environment that you’d run inside of a docker container. It’s a bit harder to get systemd running inside of Docker which NixOS heavily relies on but that’s beside the point. Easier integrations exist for LXD and systemd-nspawn which actually fulfil an equivalent purpose to Docker. The single component that is most comparable to Docker in a typical NixOS deployment would arguably be its init process (systemd), though its use extends far beyond setting up the namespace (the root namespace in this case).

      • SavvyWolf@pawb.social
        link
        fedilink
        English
        arrow-up
        3
        ·
        12 hours ago

        As I understand it, the problem that both Nix and Docker try to solve is “How do I bundle and run this application in such a way that its dependencies are explicitly specified and don’t interfere with anything installed on the host system”.

        They have different approaches, but I think that goal is the same?

        • Atemu@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 hours ago

          That’s Nix, not NixOS.

          I also wouldn’t be too sure on that “explicit” part for Docker. It’s somewhat isolated, sure, but everything but explicit: you can download arbitrary data from wherever you like.

          • SavvyWolf@pawb.social
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 hours ago

            Unless it has changed recently, Docker is not intended to be a security layer as far as I know.