this post was submitted on 02 Aug 2025

8 points (90.0% liked)

Nix / NixOS

2361 readers

25 users here now

Main links

Videos

founded 2 years ago

MODERATORS

erlingur@programming.dev

ballmerpeaking@programming.dev

WhiteBlackGoose@programming.dev

8

Why is xxx2nix a preprocessing step? (programming.dev)

submitted 18 hours ago by rutrum@programming.dev to c/nix@programming.dev

7 comments fedilink hide all child comments

For example, compose2nix lets you build nixos configuration for containers defined in a docker compose compose.yml. But this step happens offline. You have to first ad hoc generate the config from the compose.yml and then use that generated output in your config.

It seems obvious to me that the best user experience would be to write a flake/module that let's you just point to a compose file directly in your config. On rebuild, it would parse the compose file and build the appropriate config.

But I've not really seen that. These projects that convert from one package mamagement scheme or config file to another (xxx2nix projects) work using this preprocessing step. More examples include pip2nix and cargo2nix.

Given how common this pattern is, I suspect there is something preventing generating at rebuild time from being feasible, or at least easy. Does anyone have ideas for why this is? Thanks.

top 7 comments

sorted by: hot top controversial new old

[–] onlinepersona@programming.dev 3 points 11 hours ago* (last edited 11 hours ago)

Nix builds go through 2 phases, first downloading the dependencies into the nix store (which can also go through a nix build) and then executing the builder with access to the nix store but without network access. This is done for purity because network access can lead to non-reproducible builds.

Most languages and tools are complex but can output URLs to their depdencies or download them, but that cannot happen during the build (no network access). So, either a tool predownloads stuff and they can be put into the nix store by the "simple" nix derivation, or the tool (pip, docker compose, cargo,...) has to be rewritten either partially or completely in nix. The latter is much harder and in most cases would just lead to repeating the work. Nix may be a functional language but it's missing important language features like static typing.

Anti Commercial-AI license

[–] QuizzaciousOtter@lemmy.dbzer0.com 3 points 13 hours ago

This post exactly expresses my thoughts from some months ago. However, I wasn't motivated enough to actually post it. Thanks for reading in my mind and asking that for me, I appreciate it.

[–] 6d03@mathstodon.xyz 2 points 17 hours ago (1 children)

@rutrum isn't it because of the fear of import from derivation?

[–] sandro@c3d2.social 1 points 17 hours ago (1 children)

@6d03
@rutrum more it's performance impact

[–] QuizzaciousOtter@lemmy.dbzer0.com 2 points 13 hours ago (1 children)

Could you say a bit more about that? I was actually wondering about the exact same thing as OPs question. Is the performance so bad that it doesn't even make sense to consider this as an option? Idk, just like OP I feel like it's such an obvious use case that it really should be a thing.

[–] sandro@c3d2.social 0 points 13 hours ago (1 children)

@QuizzaciousOtter
You can then no longer split pure evaluation and build as you need to build an undefined amount of things to finish the first evaluation. This is especially worse for Hydra, for nixos systems it usually works. Especially when bootstrapping is involved this can make the initial eval take almost days.

[–] QuizzaciousOtter@lemmy.dbzer0.com 1 points 13 hours ago

Thanks for the answer! This sounds terryfing indeed. By bootstrapping, do you mean like an initial mass build without anything in store?