I really like using Nix to build and manage my computers. Declarative machine definitions are incredibly powerful, and NixOS actually achieves what tools like Ansible and Chef have tried to reach for.
This web site is served from a NixOS machine, and is a collection of
static files which get copied across by nix copy when it
sends the built NixOS expression to the server. Until recently, my built
website lived in a single derivation, which meant that any time I
changed anything, a full rebuild of the site would get sent up my terrible
internet
connection.
I have written a tool to split up the big derivation called nix-freeze-tree
(Hackage).
It lets me split the website derivation down to individual files, and
symlink them together back into the tree I want. The individual
derivations are fixed-output
derivations, which means that Nix knows the hash of the files before
it builds the derivation, and can check the hash of the files to copy
and skip files that haven’t changed.
If you’re reading this, then I’ve successfully wired
nix-freeze-tree into my site build pipeline and deployed
it.