F44 Change Proposal: Nix package tool [SelfContained]

F44 Change Proposal: Nix package tool [SelfContained]

Wiki

Announced

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Add the [GitHub - NixOS/nix: Nix, the purely functional package manager nix] functional package manager developer tool to Fedora.

Owner

• Name: [[User:Petersen| Jens Petersen]]
• Email: petersen@redhat.com
• Name: [[User:zbyszek| Zbigniew Jędrzejewski-Szmek]]
• Email: zbyszek@in.waw.pl

Detailed Description

Nix is a cross-platform package manager for Unix-like systems with its own package ecosystem.
It is also the package manager for the NixOS Linux operating system.
The nix package tool provides access to the [GitHub - NixOS/nixpkgs: Nix Packages collection & NixOS nixpkgs] ecosystem with over 100,000 [NixOS Search packages].
Packages and environments can be specified in nix’s declarative functional programming language using so-called derivations. Nix [Flakes - NixOS Wiki flakes] provide a newer way to specify these project development environments.

Nix has two main modes of installation/setup: multi-user mode (with nix-daemon) and single-user mode
(below these are abbreviated as “multiuser” and “singleuser” respectively). The Fedora package tries to support both of them, though multiuser mode setup where available is more seamless. It does this by providing nix-daemon and nix-system subpackages which both require nix-filesystem. The /nix toplevel directory is defined with tmpfiles.d and can be a Btrfs subvolume if setup.

Feedback

Benefit to Fedora

Some developers and upstream projects now prefer or use nix for development and reproducible build environments.
Just as we have apt packaged in Fedora, this change adds a nix package allowing access to its ecosystem from Fedora.

With the implementation of this Change, Fedora users will be able to install nix easily on their system and leverage it in development projects that may require nix. They will also be able to easily try out some of the many packages in nixpkgs for testing or experimenting, etc.

For some time I have maintained a nix [petersen/nix Copr copr repo] which is quite popular (see the download numbers and note a number of other nix copr repos also exist), but it will be easier for Fedora users to have the nix package directly available from Fedora repos.

Scope

• Proposal owners:
  ** prepare the [Making sure you're not a bot! package] of nix version 2.31 or later [[2388768 – Review Request: nix - A purely functional package manager pkgreview]]

• Policies and guidelines:
  ** We have received an [Making sure you're not a bot! exception approval] from FESCO to allow the nix package to use /nix toplevel directory at runtime, as it is needed to make full use of nixpkgs and cachix binaries, etc.
  ** The approved exception still needs to be documented
  ** To be clear: nix and its subpackages will remain optional development packages that Fedora users can install manually if they wish, and in particular /nix is not to be used for Fedora Linux development.

• Trademark approval: N/A (not needed for this Change)

• Alignment with the Fedora Strategy:

Upgrade/compatibility impact

Early Testing (Optional)

N/A

How To Test

Copr builds are available from petersen/nix Copr.

Installation/setup:

Either:

• Multiuser daemon mode:
  ** sudo dnf install nix
  ** sudo systemctl enable --now nix-daemon

or

• Singleuser mode
  ** sudo dnf install nix --exclude nix-daemon
  ** sudo usermod -G nixbld -a $USER

See also /usr/share/doc/nix/README.fedora.md or Making sure you're not a bot!.

Then try out the tool:

• nix-shell -p hello
• try the *.nix examples in Making sure you're not a bot!
• nix search nixpkgs <package-regexp>
• try online documentation examples or projects

Notes:

• Upstream recommends using the nix-daemon and multiuser mode.
• However /nix is incompatible with ostree (it can probably be used in bootc Image Mode): so on ostree systems one should use it within a toolbox instead.
• Since containers and toolbox normally do not have functioning systemd: it is not possible to use nix-daemon inside containers by default
  ** instead install the nix-singleuser subpackage
• Be warned that nix can easily use up ‘‘large amounts of diskspace’’. You can use nix-collect-garbage to clean up or clear /nix/store/. In the worst case it should be safe to remove rm -r /nix/store/* completely. The /nix tree can also safely be removed after uninstalling nix.
• Please use nix and nixpkgs etc at your own risk, as you would other upstream package ecosystems.

User Experience

Fedora users can now seamlessly install and use the Nix package manager for development or running its packages locally on their system.

Dependencies

There are no blocking dependencies. However:

• newer boost library would allow shipping latest nix 2.32 [in progress]
• mdbook (rust-based documentation tool) would probably allow building the documentation (and manpages) [under review]

Contingency Plan

Documentation

See Nix reference manual — nix.dev documentation.

Release Notes

• The Nix package manager developer tool has been packaged in Fedora for users.

Last edited by @alking 2025-10-28T12:33:45Z

Last edited by @alking 2025-10-28T12:33:45Z

How do you feel about the proposal as written?

If you are in favor but have reservations, or are opposed but something could change your mind, please explain in a reply.

We want everyone to be heard, but many posts repeating the same thing actually makes that harder. If you have something new to say, please say it. If, instead, you find someone has already covered what you’d like to express, please simply give that post a instead of reiterating. You can even do this by email, by replying with the heart emoji or just “+1”. This will make long topics easier to follow.

Please note that this is an advisory “straw poll” meant to gauge sentiment. It isn’t a vote or a scientific survey. See About the Change Proposals category for more about the Change Process and moderation policy.

This sounds like a great change - I’ll all for it.

More packages?
Who could say no.

What level of testing will go in to Nix?

Are there any security implications?

The testing will be in upstream in the Nix project. I would consider this addition to be similar to flatpak, npm, or similar external site which has packages which are available but not looked at by Fedora.

Security and testing implications are the same as using those also. [Yes the code can be repeatably compiled.. if it is a rootkit, it will remain a rootkit whether it is a flatpak with no sandbox, an npm, a pip or a nix. If that is a concern, please engage with the upstream to make sure any problems are found and removed.]

@smooge’s answer is correct.

But to add a little: there are some advantages of course of moving the nix package from Copr into Fedora proper in that we have more formal processes and review around our packages: there is CI, testing repos, and bugzilla for reporting, etc. Not to mention PRs, so it will be easier for fedora nix users to file bugs or suggestions about the Fedora packaging. But yeah upstream issues (in nix) will be left to be addressed upstream (and nixpkgs bugs are basically out of our scope). In some cases we could backport some needed nix patch, specially if we can’t rebase the version for some time (this has already happened). But yeah this package will only be best effort like most fedora packages. Nix is not terribly easy to setup by hand oneself, so having a native package is good, specially if one doesn’t like running installer shell scripts from the internet which use sudo…

How is Nix deployed - do the packages come from Fedora infra - or by way of Nix’s infra, if so do they use a CDN?

The Fedora nix package will use the standard upstream nixpkgs: no special fedora configuration or repos. Apparently Fastly provides nix’s CDN (for nixpkgs and channels I believe).

Please give it a try.

They come from Nix.. and have nothing to do with Fedora Project infrastructure. You treat it like homebrew or grabbing debian packages with apt. It may work great.. it may not.

Caveat Emptor

I added a note to the change page to clarify this (Changes/Nix package tool: Difference between revisions - Fedora Project Wiki).

Where will the nix packages be installed to? I guess not in the regular `/usr` space managed by rpm? Is this the `/nix` folder? If yes, does it get added to PATH?

Will the packages be installed system wide, or per user, or is both possible?

Will there be integration for nix packages in GNOME software or the KDE equivalent?

Or is there a mechanism in place that can take care of automatically updating nix packages?

@genodeftest Please think of this as more something like cargo, npm or pip (or modern equivalents), etc: no special predefined nix integrations are provided - users are of course free to use nix how they wish (as is true today if they install it themselves). Nix “installs” packages for the user not system by default anyway. By default the packages are stored under /nix/store/ as usual. For nix, actual “installation” really means symlinks in a nix profile. Also no nix channel is predefined currently.

Good question about PATH. It is actually a little complicated, since there are different ways of using nix. But right now ~/.nix-profile/bin and /nix/var/nix/profiles/default/bin are getting added by /etc/profiles.d/nix.sh it seems. We can certainly think about that. (My own nix profiles are empty…)

I am thinking of this nix package as primarily a development tool: running nix flakes and shells, etc. But just as you can build or download and run software yourself, you can also run programs from nix packages of course.