this post was submitted on 02 Aug 2025
1 points (100.0% liked)

Nix / NixOS

2721 readers
1 users here now

Main links

Videos

founded 2 years ago
MODERATORS
erlingur@programming.dev
ballmerpeaking@programming.dev
WhiteBlackGoose@programming.dev
1
Why is xxx2nix a preprocessing step? (programming.dev)
submitted 8 months ago by rutrum@programming.dev to c/nix@programming.dev
7 comments fedilink hide all child comments
 

For example, compose2nix lets you build nixos configuration for containers defined in a docker compose compose.yml. But this step happens offline. You have to first ad hoc generate the config from the compose.yml and then use that generated output in your config.

It seems obvious to me that the best user experience would be to write a flake/module that let's you just point to a compose file directly in your config. On rebuild, it would parse the compose file and build the appropriate config.

But I've not really seen that. These projects that convert from one package mamagement scheme or config file to another (xxx2nix projects) work using this preprocessing step. More examples include pip2nix and cargo2nix.

Given how common this pattern is, I suspect there is something preventing generating at rebuild time from being feasible, or at least easy. Does anyone have ideas for why this is? Thanks.

top 7 comments
sorted by: hot top controversial new old
[–] 6d03@mathstodon.xyz 0 points 8 months ago (1 children)

@rutrum isn't it because of the fear of import from derivation?

[–] sandro@c3d2.social 0 points 8 months ago (1 children)

@6d03
@rutrum more it's performance impact

[–] QuizzaciousOtter@lemmy.dbzer0.com 0 points 8 months ago (1 children)

Could you say a bit more about that? I was actually wondering about the exact same thing as OPs question. Is the performance so bad that it doesn't even make sense to consider this as an option? Idk, just like OP I feel like it's such an obvious use case that it really should be a thing.

[–] sandro@c3d2.social 0 points 8 months ago

@QuizzaciousOtter
You can then no longer split pure evaluation and build as you need to build an undefined amount of things to finish the first evaluation. This is especially worse for Hydra, for nixos systems it usually works. Especially when bootstrapping is involved this can make the initial eval take almost days.

[–] QuizzaciousOtter@lemmy.dbzer0.com 0 points 8 months ago

This post exactly expresses my thoughts from some months ago. However, I wasn't motivated enough to actually post it. Thanks for reading in my mind and asking that for me, I appreciate it.

[–] onlinepersona@programming.dev 0 points 8 months ago* (last edited 8 months ago)

Nix builds go through 2 phases, first downloading the dependencies into the nix store (which can also go through a nix build) and then executing the builder with access to the nix store but without network access. This is done for purity because network access can lead to non-reproducible builds.

Most languages and tools are complex but can output URLs to their depdencies or download them, but that cannot happen during the build (no network access). So, either a tool predownloads stuff and they can be put into the nix store by the "simple" nix derivation, or the tool (pip, docker compose, cargo,...) has to be rewritten either partially or completely in nix. The latter is much harder and in most cases would just lead to repeating the work. Nix may be a functional language but it's missing important language features like static typing.

Anti Commercial-AI license

[–] snowfalldreamland@lemmy.ml 0 points 8 months ago

There's work being done to make this possible in the future https://fzakaria.com/2025/03/10/an-early-look-at-nix-dynamic-derivations