Curious what the driver for nixos and packages over docker was. Docker was the huge step up for me in making the homelab easy to run, update, and recover when things failed. It also made managing services endpoints and ports remote easier than when they all lived on the operating system. Wish this was delved into a little more in the post.
I can touch on it more. Docker and compose files are great for getting things going, contained, and keeping everything declarative
But I found the more services I used with Docker, the more time it took to update. I didn't want to just update to latest, I wanted to update to specific version, for better rollback. That meant manually checking and updating every single service, bringing each file down, and then back up. It's not entirely unmanageable, but it became enough friction I wasn't updating things consistently. And yes, I could have automated some of that, but never got around to it
NixOS, in addition to the things I mention in the post, is just a two step process to update everything (`nix flake update` and `nixos-rebuild`). That makes updating my OS and every package/service super easy. And provides built in rollback if it fails. Plus I can configure things like my firewall and other security things in NixOS with the same config I do everything else
Also, Nix packages/services provides a lot of the "containerization" benefits. It's reproducible. It doesn't have dependency problems (see this for morehttps://nixos.org/guides/how-nix-works/). And most services use separate users with distinct permissions, giving pretty good security.
It's not that Docker can't do those things. It's that Nix does those things in a way that work really well with how I think
