Nix at Mozilla

Jan 2017

London Nixos Usergroup

@garbas

What is Nix?

• a build tool
• a language
• a package manager
• extends to whole Linux distro

How to introduce Nix at work?

• Solve your own problem first (eg. your own development environment)
• Teach nix
• Start to package projects as you come by them
• Put infrastructure in place (Travis + S3 bucket is enough)
• Teach nix
• Volunteer to solve hard problems only Nix can solve
• Teach nix
• Point out problems (laud) which other tools are not considering

• Create default.nix for all your projects
• Time to create first PRs to share default.nix with others
• Talk with coworkers about Nix (to remove the fear)
• In worse case you can keep you default.nix and people will eventually look at it.

Solve your own problems first

Start to package other projects

• create an overlay repository (eg. nixpkgs-<company>)
• https://github.com/mozilla/nixpkgs-mozilla
• https://garbas.si/2016/updating-your-nix-sources.html#extending-nixpkgs
• show that you coulud improve current situation of your tooling. best to do it is by example. eg. automatic security checks using vulnix (per project), automatic updating of sources/version

Put infrastructure in place

• This is needs to help the future growth. you want your coworkers to get binaries and not to compile.
• Travis + S3 bucket is all you need
• https://github.com/mozilla-releng/services/blob/master/.taskcluster.sh
• Do not use Hydra! It is not bad, but switching to many thing scares people. Be patient and move step by step.

Volunteer to solve hard problems

• Package old projects
• https://github.com/NixOS/nixpkgs/pull/21355
• Build reproducible docker images (no other tool can do this)
• Reproducibility as a productivity tool
• https://garbas.si/2016/reproducible-builds-summit-in-berlin.html
• Create Nix recipe for puppet/chef/ansible/... and when time comes (we need a X version which is not packaged for a distro) step in to solve it with nix

Teach Nix

• No idea how best to do it. There are no good resources. With attention that Nix is getting this should get fixed soon.
• Pair programming session, write down questions and make sure you document the answers.
• Nix + Python + Docker session: https://docs.google.com/document/d/1d66PQmsFgJLn9Dck4e1d_2yvmIoDLUsws4vDMOh7RDA/edit?usp=sharing
• https://docs.mozilla-releng.net/prerequirements.html

Bonus: Updating sources

(coming soon to nixpkgs - partially is already in)

{ stdenv, ... }:

stdenv.mkDerivation {
  name
  src = fetchFromGithubWithUpdate {
    owner = "gutschke";
    repo = "pdf2odt";
    branch = "master";
    path = "pkgs/tools/typesetting/pdf2odt/src.json";
  };
  ... or ...
  src = fetchFromGitHub (stdenv.lib.importJSON ./src.json);
  passthru.updateScript = updateFromGitHub {
    owner = "gutschke";
    repo = "pdf2odt";
    branch = "master";
    path = "pkgs/tools/typesetting/pdf2odt/src.json";
  };
}

----

nix-shell maintainers/scripts/update.nix --argstr package pdf2odt

Bonus: NixOS weekly

https://weekly.nixos.org

Help shape next release (07.02.2017)

https://github.com/NixOS/nixos-weekly/issues/14

Bonus: Python + Nix

https://github.com/garbas/pypi2nix

pypi2nix -r requirements.txt

nix-build -A requirements.nix -A interpreter

https://github.com/garbas/nixpkgs-python

TODO: copy how pelican set was integrated in nixos-weekly

Thank you

@garbas