I experimented with several ways to run my services:
- “regular” systemd services (
services.glance = { ... };) - nix containers (
containers.glance = { ... };) - podman containers (
virtualisation.oci-containers.containers.glance = { ... })
and I must say I’m starting to appreciate the last option (the least nixos-y) more and more.
Specifically, I appreciate that:
- I just have to learn the app/container configuration, instead of also backwards-translating from their config into the various nixos options (of course the
.yamlor whatever configuration files are still generated from my nixos config, I just do that in a derivation instead on relying on a module doing it for me) - Services are sometimes outdated in nixpks (even in unstable - and juggling packages between stable and unstable is yet another complication)
- I feel like it’s more secure (very arguable and also of very little consequence since everything is on my homelab… it’s mainly for the warm fuzzies)
Do you guys use one of the options above? Something different?
I lean on nixos modules first, but half the time it either doesnt exist or its too complicated at first glance. So I will manually create an oci-container configuration by referencing a docker compose on the projects site. For simple compose files this is easy. Sometimes its not easy, and I dont end up deploying it.
I’ve been wanting to find or build a method that lets me drop a compose alongside ny config and have nix load the yaml and build the oci-container configuration for me. That would be nice since Im familiar with compose syntax and it’s usually easier to write imo.
Maybe https://github.com/aksiksi/compose2nix will help you out!