you mean they got the date wrong on a release? that’s not a security issue

Packages in nix are in the store directory, each package in a dir named after the package hash. So you can have 15 versions of firefox installed, for instance, and the different versions go in different folders with different hashnames.

When it’s time to set up a user env, their specific version of firefox is (conceptually) symlinked into the users profile. When that user executes firefox it gets one out of the 15 versions. Another user may get a different one.

Anyway, the package store is off limits to users, and a real bad idea to modify for root too.

is nixos considered immutable or mutable? kind of has characteristics of both.

One thing I kind of miss is autohotkeys on windows. It was relatively easy to do things like set keyboard keys to act as mouse keys. I did that once when I was getting over tendonitis.

These days I have a keyboard with mouse keys on it and a trackball also with mouse keys. I can use the middle button on the trackball and scroll with it, but I can’t use the middle button on the keyboard and scroll with the trackball, which would be more ergonomic for me. Haven’t figured that one out yet.

That said, I mostly don’t miss GUI stuff. I use a tiling window manager and command line utilities to do most things on my system. Its kind of primitive I guess, but the benefit is it works exactly the same on remote systems, headless servers, etc.

can’t say about forms, but I use xournal all the time for signing pdfs.

XFCE + xmonad

Recently updated a nixos machine that was on the shelf for five years or so. A few options and packages had been renamed, fixed those, upgrade completed with zero problems.

Looks like they do have both openvpn and wireguard configs. Is it true that for torrenting openvpn is preferred? That’s basically the only reason I use vpn.

I was maybe doing it wrong, but it never worked for me while openvpn did. Glad it works for someone!

interesting. proton has example openvpn configs on their site which was hugely helpful to me. dunno if they have wireguard equivalents, or if those are needed.

I dunno what the best is, but if you choose nixos configure openvpn instead of trying to use the protonvpn package.

As far as stability goes, its hard to beat my nixos setup. I use the venerable xmonad with xfce in no-desktop mode, and the command line for things like wifi and etc. Because I do most stuff with the command line I can get around fine on servers with no GUI. There’s no bling and hardly anything ever changes.

I used to fancy up my desktop and so forth, but those things break eventually and don’t really help me get work done. I don’t want to waste time on that anymore.

That said, getting it set up has been a gradual evolution and there have been awkward times. Like zoom screen sharing goes kind of insane with a tiling window manager (stop helping, zoom). And of course nixos itself is fantastic if what you need is already packaged and ready to go, and doesn’t do anything weird like download binaries. Stuff outside the norm, well now you have two problems - understanding how the software expects to be installed on debian or the like, and understanding how to subvert that process to make it work on nix.

I don’t see nixos in there!

Xmonad with XFCE in no-desktop mode.

I can use the xfce tools to configure things like mouse and screen settings, but visually it’s just xmonad.

I think nixos is still niche, but seems to be gaining momentum. It has some unique features:

• Every package has its own dependencies, so you can install a 7 year old firefox alongside the latest, and have no interference.
• Packages with dependencies in common still share them (for space savings).
• Abandons the HFS, but can still fake it for apps that need it.
• Can make dev environments that are exactly reproducible across machines, and only exist within a specific shell session. So you can have a project that relies on an out of date version of a compiler, and another that uses the latest, and run both at the same time.
• Make your own packages that other people can install using a git repo address.
• The package language can also describe a machine’s configuration; systemd services, default packages, user accounts, etc.
• You can build and remotely deploy a machine config in one line.
• You can cross compile a machine config for another cpu architecture, like ARM.
• OS upgrades are atomic, and reversible. If it doesn’t work out, you can go back to the previous config.
• No reason to ever reinstall. Recently upgraded a machine that had sat in a closet for 5 years to the newest release. Flawless upgrade.
• Nixos boasts more packages than any other distro, over 100,000.

There are certainly downsides - poor docs, confusing core language. Instructions for installing something on say debian will not work on nixos. I do think this style of package management is the future, if perhaps not this specific implementation. It can be a pain but its also super solid.