26·
4 months agoI went this route from the start and love it. In case you need some resources:
- VimJoyer is excellent: https://www.youtube.com/watch?v=a67Sv4Mbxmc
- Do secrets using SOPS: https://www.youtube.com/watch?v=G5f6GC7SnhU
- NixOS and Restic are an amazing combination, full backups in 20 lines of config. This article was my best find for this: https://francis.begyn.be/blog/nixos-restic-backups . Tip: you can easily write systemd services to trigger each software’s preferred backup strategy and simply schedule them to run before the Restic backup - I have them all copy the backups to one folder that then Restic backs up, works great for me!
Hope this helps a bit. I found the effort to be very worth it, but took me almost half a year to get comfortable with it.
A lot of software exposes the general “config” or “environment” object too. Thanks to that I haven’t encountered many things I couldn’t go in my Nix config for already packaged services.
And you can always fall back to Docker in Nix, which has the benefit of all the flexibility and will still declaratively declare your deployments.
So in practice this works out very well in my case, I haven’t had to fight Nix (apart from the initial learning curve).