nixery
nixpkgs
Our great sponsors
nixery | nixpkgs | |
---|---|---|
18 | 974 | |
1,685 | 15,656 | |
- | 5.3% | |
4.8 | 10.0 | |
2 months ago | 4 days ago | |
Go | Nix | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nixery
- Way to get NVM working in CI/CD systems
-
What's your favourite Docker Image, and why?
The ones from https://nixery.dev/
-
k8s docker image with basic troubleshooting tools
You can build your own with https://nixery.dev/
-
Crafting container images without Dockerfiles
I built a service for doing this ad-hoc via image names a few years ago and it enjoys some popularity with CI & debugging use-cases: https://nixery.dev/
-
Nixpacks takes a source directory and produces an OCI compliant image
name is eerily similar to `nixpkgs`, i.e. the monorepo that defines all packages and one of the underlying technologies here. i get the play on buildpacks, but still, as a nix user it makes me do a double take reading the name
this is neat though, and in political terms, the elevator pitch mentions nix itself as an implementation detail in passing. hopefully, if this catches on, it'll function as a non-threatening gateway drug to nix itself, when users inevitably go digging into the weeds
for anyone interested, prior art on the nix container front: https://nixery.dev
-
Ask HN: Have You Left Kubernetes?
Wow, this is excellent! At a previous job, we had been using k8s + knative to spin up containers on demand, and likewise were unhappy with the delays. Spawner seems excellent.
One question: have you had to do any custom container builds on demand, and if so, have you had to deal with large containers (e.g. a Python base image with a few larger packages installed from PyPI)? We would run up against extremely long build image times using tools like kaniko, and caching would typically have only a limited benefit.
I was experimenting using Nix to maybe solve some of these problems, but never got far enough to run a speed test, and then left the job before finishing. But it seems to me some sort of algorithm like Nixery uses (https://nixery.dev) to generate cacheable layers with completely repeatable builds and nothing extraneous would help.
Maybe that's not a problem you had to solve, but if it is, I'd love your thoughts.
-
Hacker News top posts: Apr 19, 2022
Nixery – Docker images on the fly with Nix\ (38 comments)
- Nixery – Docker images on the fly with Nix
nixpkgs
- Maintainers Leaving
-
Air Force picks Anduril, General Atomics to develop unmanned fighter jets
https://github.com/NixOS/nixpkgs/commits?author=neon-sunset
-
Eelco Dolstra's leadership is corrosive to the Nix project
I see two signers in the top 6 displayed on https://github.com/NixOS/nixpkgs/graphs/contributors
-
3rd Edition of Programming: Principles and Practice Using C++ by Stroustrup
For a single file script, nix can make the package management quite easy: https://github.com/NixOS/nixpkgs/blob/master/doc/languages-f...
For example,
```
- NixOS/nixpkgs: There isn't a clear canonical way to refer to a specific package
-
NixOS Is Not Reproducible
Yes, Nix doesn't actually ensure that the builds are deterministic. In fact it works just fine if they aren't. There are packages in nixpkgs that aren't reproducible: https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aiss...
-
The xz attack shell script
I'm not familiar with Bazel, but Nix in it's current form wouldn't have solved this attack. First of all, the standard mkDerivation function calls the same configure; make; make install process that made this attack possible. Nixpkgs regularly pulls in external resources (fetchUrl and friends) that are equally vulnerable to a poisoned release tarball. Checkout the comment on the current xz entry in nixpkgs https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/comp...
-
Debian Git Monorepo
NixOS uses a monorepo and I think everyone's love it.
I love being able to easily grep through all the packages source code and there's regularly PRs that harmonizes conventions across many packages.
Nixpkgs doesn't include the packaged software source code, so it's a lot more practical than what Debian is doing.
https://github.com/NixOS/nixpkgs
-
From xz to ibus: more questionable tarballs
In this specific case, nix uses fetchFromGitHub to download the source archive, which are generated by GitHub for the specified revision[1]. Arch seems to just download the tarball from the releases page[2].
[1]: https://github.com/NixOS/nixpkgs/blob/3c2fdd0a4e6396fc310a6e...
[2]: https://gitlab.archlinux.org/archlinux/packaging/packages/ib...
-
GitHub Disabled the Xz Repo
True, but irrelevant -- _some packages_, _somewhere_, do depend on xz, which, if built, requires pulling the source from GitHub (see the default.nix: https://github.com/NixOS/nixpkgs/blob/nixos-23.11/pkgs/tools...)
It's not the vulnerability that's a problem right now (NixOS was protected by a couple of factors) but rather GitHub's hamfisted response.
That is the problem.
What are some alternatives?
BirdNET-Pi - A realtime acoustic bird classification system for the Raspberry Pi 4B, 3B+, and 0W2 built on the TFLite version of BirdNET.
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
template-nix - The nix template, configured for Gitpod (www.gitpod.io) to give you pre-built, nix based ephemeral development environments in the cloud.
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
niv - Easy dependency management for Nix projects
git-lfs - Git extension for versioning large files
jib - 🏗 Build container images for your Java applications.
easyeffects - Limiter, compressor, convolver, equalizer and auto volume and many other plugins for PipeWire applications
plural - Deploy open source software on Kubernetes in record time. 🚀
spack - A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
Moby - The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.