Well ok, they both use symlinks but in different ways. I think what I was trying to say is that in NixOS it’s symlinks all the way down.

IIUC on Fedora Atomic you have an ostree image, and some directories in the image are actually symlinks to the mutable filesystem on /var. Files that are not symlinks to /var (and that are not inside those symlinked directories), are hard links to files in the ostree object store. (Basically like checked-out files in a git repository?)

On NixOS this is what happens if examine what’s in my path:

$ which curl
/run/current-system/sw/bin/curl

$ ls -l /run | grep current-system
/run/current-system -> /nix/store/p92xzjwwykjj1ak0q6lcq7pr9psjzf6w-nixos-system-yu-23.11.20231231.32f6357

$ ls -l /run/current-system/sw/bin/curl
/run/current-system/sw/bin/curl -> /nix/store/r304lglsa9i2jy5hpbdz48z3j3x2n4a6-curl-8.4.0-bin/bin/curl

If I select a previous configuration when I boot I would get a different symlink target for /run/current-system. And what makes updates atomic is the last step is to switch the /run/current-system symlink which switches over all installed packages at once.

I can temporarily load up the version of curl from NixOS Unstable in a shell and see a different result,

$ nix shell nixpkgs-unstable#curl  # this works because I added nixpkgs-unstable to my flake registry
$ which curl
/nix/store/0mjq6w6cx1k9907vxm0k5pk7pm1ifib3-curl-8.4.0-bin/bin/curl  # note the hash is different

I could have a different version curl installed in my user profile than the one installed system-wide. In that case I’d see this:

$ which curl
/home/jesse/.nix-profile/bin/curl

$ ls -la /home/jesse | grep .nix-profile
.nix-profile -> /nix/var/nix/profiles/per-user/jesse/profile

$ ls -l /nix/var/nix/profiles/per-user/jesse
profile -> profile-133-link
profile-130-link -> /nix/store/ylysfs90018zc9k0p0dg7x6wvzqcq68j-user-environment
profile-131-link -> /nix/store/9hjiznbaii7a8aa36i8zah4c0xcd8w6d-user-environment
profile-132-link -> /nix/store/h4kkw1m5q6zdhr6mlwr26n638vdbbm2c-user-environment
profile-133-link -> /nix/store/jgxhrhqiagvhd6g42d17h4jhfpgxsk3n-user-environment

Basically symlinks upon symlinks everywhere you look. (And environment variables.)

So I guess at the end everything is symlinks on NixOS, and everything is hard links plus a set of mount paths on Fedora Atomic.

“Atomic” is a catchy descriptor! Atomic distros for the Atomic Age! It could be an umbrella term since NixOS and Guix are atomic, but instead of images and partitions they use symlinks, and patch binaries to use full paths for libraries and programs that they reference. So there are image-based distros, and I guess expression-derived distros which are both atomic.

I haven’t tried image-based distros. This post fills in some gaps for me. Thanks for the write-up!

I think NixOS is awesome, but it certainly doesn’t offer “access to (basically) all Linux-capable software, no matter from what repo.” - at least not natively.

I don’t quite agree with this. In NixOS you can write custom expressions that fetch software from any source, and stitch them into your configuration as first-class packages. So you do get access to all Linux-capable software natively, but not necessarily easily. (There is a learning curve to packaging stuff yourself.)

I use this process to bring nightly releases of neovim and nushell into my reproducible config. Ok, I do use flakes that other people published for building those projects, which is a bit like installing from a community PPA. But when I wanted to install Niri, a very new window manager I wrote the package and NixOS module expressions all by myself!

My filter for app choice is support for list view. Fortunately there are multiple options: Sync and Connect have list views that work for me. I am curious about other list-view clients that I haven’t tried.

My main game continues to be Overwatch.

I’ve also been playing some Diablo IV. I’ve been taking my time - there is a lot to enjoy in that game. I just teamed up with my brother to finish the last act of the main story.

I think one of the most impactful choices in my last build was choosing a fast SSD. Not all SSDs are the same! Nowadays you can get NVMe drives that operate over PCIe instead of SATA which provide much higher throughput.

You can either get an M.2 form factor that plugs into a special socket on the motherboard and takes up minimal space, or a PCI card that plugs into the same type of slot as a graphics card. (Note that some M.2 drives / sockets are SATA, not NVMe, so watch out for that distinction.)

There is also some difference between NVMe implementations depending on which PCIe version they support. And you’ll want a motherboard that implements the same PCIe version. This applies to both M.2 and PCIe SSDs.

This stuff might be old enough that you’ve already encountered it. But it was new to me when I built my last PC in 2020. Other than that building was pretty much as I remembered from previous decades.

This kinda showcases a weakness of Nebula - that is a Nebula video, but sharing the Youtube version is easier. Unless I don’t understand Nebula’s sharing feature?

That said my watching has gradually been shifting from Youtube to Nebula.

Edit: Oh right, the Nebula link. https://nebula.tv/videos/wendover-how-a-small-group-of-creators-built-a-150-million-business/

Actually I’d like to add a note about how much I appreciate infrastructure. It would be great if we could all equally own and control the Internet. But when you get down to it, societies pooling their efforts can do things that small, independent groups can’t, such as building tier 1 network backbones.

Looking at it another way, if you did have a global mesh network it would be made up of electronics that take tremendous systems of supply chains and factories to build and distribute. That’s sort of the same idea: large-scale infrastructure that small groups can’t pull off.

If I had my way I would keep the large-scale networks, but change the governance model to shift the primary organizational motivation from profit to human wellbeing.

I remember reading about a “guerilla wifi” mesh network in NYC, and I did a bit of research on connecting to that several years ago. It turned out I was too far away from Manhattan to be in range. But also from what I read a series of small-scale peer-to-peer connections don’t give you the low-latency or throughput of a good backbone.

The NixOS ideal is that every detail of the system is configured through Nix expressions so that the system is completely reproducible. But in practice there are some details you might want to configure directly.

With users.mutableUsers = false you are in the “ideal” declarative mode where users and groups are supposed to be fully represented in configuration.nix including passwords (or hashed passwords). In this mode the Nix config overrides everything in /etc/passwd. If the Nix config doesn’t specify passwords I think the default is to leave the account without a password, disabling login for that account.

With users.mutableUsers = true NixOS respects changes to user and group accounts made outside of configuration.nix. Accounts configured through Nix will be added to /etc/password if they aren’t already there. But NixOS won’t remove accounts, and won’t modify or unset passwords. In this mode the default of leaving the password unset makes sense because you’re expected to set a password by running passwd. This is the typical choice because there are security problems with putting passwords in configuration.nix.

You can set passwords in the Nix config using the password, passwordFile, hashedPassword, or initialPassword options. If mutableUsers is true these options only set the password the first time the user account is created. I checked to see if there are any options that implicitly disable mutable users, but I didn’t find any.

Could this have happened if users.mutableUsers was set to false? I see a warning in the manual saying in that case users and groups will be replaced on system activation.

Oh, I forgot to do my fanboy plug. I’ve had the easiest time setting up Proton dependencies on NixOS. It unifies configuration with package management, so the Steam configuration module can reference your installed hardware, and load the appropriate graphics packages automatically.

Basically you opt into unfree packages, and put programs.steam.enable = true in your NixOS config, and that’s it.

I don’t know what the issue is; but something to try if you haven’t already is to go through the setup instructions on the Arch Wiki, paying special attention to making sure that you have the correct 32-bit graphics dependencies installed.

I’ve seen admins asking for more fine-grained moderation tools. Maybe eventually things will work the way you’re hoping. Here’s a quote from a Beehaw admin,

an unfortunate reality we’ve also found is we just don’t have the tools or the time here to parse out all the good from all the bad. all we have is a nuke and some pretty rudimentary mod powers that don’t scale well.

Defederating prevents trolls on another instance from coming into comments in local communities to harass people. From an admin/mod perspective you have to take some kind of action to stop that.

Plastics? No, wait…

Oh, forgotten memory unlocked. I listened to that one a lot in high school

That’s good info, thanks!

These are all great ideas, thanks!

Thanks for the heads-up about powerline. My house is oldish, and the wiring might not be amazing. It’s good to be warned before I put money into that option.

I’m not sure what you mean by a healthy uplink? Like put a Wi-Fi device in a spot with a better signal, and run a cable there?

You make a good point about 2.4GHz; that would probably be more reliable, but slower. It’s kinda disappointing to have a gigabit connection, but lose 70% of the speed at the last-meter connection. But 5GHz also loses most of the upstream speed.

Maybe rolling up my sleeves and putting in a cable is the way to go. I have a thought about going into the furnace closet, snuggling the cable alongside the insulation of a duct into the crawlspace, and coming up out the wall through a modified electrical outlet plate. I might be able to pull it off.

Thanks for the ideas!