NixCon 2024

To see our schedule with full functionality, like timezone conversion and personal scheduling, please enable JavaScript and go here.
09:00
09:00
30min
Opening

Keynote

Arena
09:30
09:30
25min
Nix State of the Union 2024
Ron Efroni

Cover the dynamic landscape of Nix's growth, innovation, and future possibilities. This session will provide a comprehensive overview of the major milestones Nix has achieved over the past year, the challenges we've faced, and the exciting developments on the horizon together with various Nix community leads!

Arena
09:55
09:55
10min
Buffer
Arena
10:05
10:05
240min
Lecture #1 - An Introduction to Nix (2023-2024 - Flox University)
Bryan Honof, Thomas Bereknyei

We know how daunting it can be to start hacking with/on Nix.
Let's teach you the first steps on your road to declarative greatness in this lecture style workshop.

Woanders
10:05
25min
NixOS Facter: Declarative hardware configuration for NixOS
Brian McGee

A quick overview of https://github.com/numtide/nixos-facter, discussing why it was created and the problems it aims to solve.

Arena
10:30
10:30
10min
Buffer
Arena
10:40
10:40
25min
Kubenix: Leveraging NixOS modules to generate Kubernetes manifests
Pim Kunis

In this talk, we take a look at the Kubenix project. Using Kubenix, you can generate Kubernetes manifests with Nix. We will dive into the technical details how Kubenix uses Kubernetes' OpenAPI spec to generate NixOS modules. I will also show you how to use Kubenix to deploy resources in your own cluster. No more templating YAML!

Arena
11:05
11:05
10min
Buffer
Arena
11:15
11:15
25min
Deploying random AI models: from pip nightmare to dream2nix
Yorick van Pelt

Or: how I stopped worrying and learned to love docker images

Arena
11:40
11:40
10min
Buffer
Arena
11:50
11:50
25min
Tvix
flokli

Tvix is a modern design and implementation of the Nix package manager (GPLv3). It brings a modular architecture in which components such as the build environment or package store are replaceable, which enables new use-cases and platforms.

Arena
12:15
12:15
10min
Buffer
Arena
12:25
12:25
60min
Lunch Break
Arena
13:25
13:25
25min
Clan: Fully-automated distributed NixOS management
Jörg Thalheim, Kenji Berthold

Self-hosting services empowers you with greater control and flexibility over your data. However, maintaining such systems today often comes with significant technical challenges, including firewall/NAT configuration, data loss prevention, and security management.

The Clan project aims to lower the technical barriers of self-hosting with NixOS, making it accessible even to non-technical users. Our goal is to simplify the installation and maintenance of NixOS machines.

In this talk, we will present the new NixOS extensions we've developed to scale self-hosting, including VPN integration, backup management, secret management, a unified CLI for installation and updates, and an inventory system for managing clusters of machines.

We will also provide a sneak preview of the upcoming graphical user interface.

Arena
13:50
13:50
10min
Buffer
Arena
14:00
14:00
10min
hashes all the way down
Martin Schwaighofer

Nix and similar systems are based on hashing their inputs.
I took a really close look at how this works, and I'd like to help you understand it better as well.

Arena
14:10
14:10
10min
Buffer
Arena
14:20
14:20
30min
Deterministic Firmware with Nix
Óli

This talk explores the application of Nix's deterministic build principles to firmware development, with a special focus on integrating hardware-in-the-loop (HIL) testing into CI/CD pipelines. We'll discuss how Nix can enhance firmware reliability, security, and reproducibility by ensuring consistent builds across different environments.

Arena
14:20
120min
Mastering NixOS Integration Tests: Advanced Techniques for Multi-Host Scenarios and Fast and Robust Integration Testing
Jacek Galowicz

In this hands-on workshop, we’ll take a deep dive into the powerful NixOS Integration Test Driver and its capabilities. Over the course of two hours, you’ll learn how to leverage the test driver to simulate complex networked environments with multiple NixOS hosts and different virtual networks. We’ll also explore the interactive mode for debugging and present best practices to avoid flaky tests, ensuring reliable results in real-world scenarios. If you’re looking to enhance your NixOS testing expertise and streamline your CI/CD pipelines, this session is for you!

Woanders
14:50
14:50
10min
Buffer
Arena
15:00
15:00
25min
Nix as the Swiss Army Knife in Cloud Development Environments
Raffaele Di Fazio

In cloud-based development environments, flexibility and on-demand access to the right tools are essential. While many people think of Nix in terms of reproducibility, I use it in a different, somewhat weird way—to get exactly what I need, when I need it.

In this talk, I’ll demonstrate how Nix can be a "Swiss Army knife" in GitHub Codespaces, allowing me to manage complex development environments on the fly without much burden. This talk will use Codespaces as an example, but the same techniques can be applied to any remote environment.

Join me in a discovery of how Nix saved my day many times when contributing on many projects I don't normally work on.

Arena
15:25
15:25
10min
Buffer
Arena
15:35
15:35
25min
Scalable and secure NixOS deploys on AWS
Arian

In this talk you will learn best practices on how to build your own NixOS images and securely deploy them using autosaling groups, IAM roles and AWS Systems Manager , terraform and GitHub actions as an alternative to NixOps

Arena
16:00
16:00
10min
Buffer
Arena
16:10
16:10
25min
Thymis - Web Front-end for Managing Multiple NixOS Devices
Eli Kogan-Wang, Adrian Block

We want to show the community https://github.com/Thymis-io/thymis which is a web front-end for managing multiple NixOS devices.

Arena
16:35
16:35
10min
Buffer
Arena
16:45
16:45
10min
Introduction to nix-bitcoin
João Thallis

In this talk, we will explore nix-bitcoin, a project that leverages the power of NixOS to simplify the deployment and management of Bitcoin nodes securely.

During the presentation, we will see how to use krops to deploy NixOS systems

Arena
16:55
16:55
10min
Buffer
Arena
16:55
80min
Speed Dating
lassulus

Looking for work? Looking for someone to work for you? This is the place to meet
Looking for a maintainer for a project? Want to maintain a project? This can also be done here!

Woanders
17:05
17:05
45min
rebuilding builders instead of trusting trust
Martin Schwaighofer

The key principles Nix is built on are great for supply chain security.
Those principles could take us much further, if we extended or replaced the signatures that provide transport security for binary caches today, in favor of a more powerful mechanism.
A mechanism that works end to end from builder to user, includes provenance data about the builder, and ideally makes that provenance data verifiable.

Arena
17:50
17:50
10min
Buffer
Arena
18:00
18:00
25min
The C API is Surprisingly Fun
Thomas Bereknyei, Yannik Sander

Presenting the C API to Nix

Arena
18:25
18:25
10min
Buffer
Arena
18:35
18:35
15min
buildbot-nix: A modern open-source Nix-native CI/CD
Richard Brežák

Started during a Mob-programming session at NixCon 2023,
buildbot-nix has evolved into a full-featured CI/CD system for Nix, based on Buildbot.
Buildbot is a mature continuous integration framework used by major software projects such as Python, LLVM, and OpenZFS.

Buildbot-nix introduces a zero-configuration setup for flake-based repositories, featuring parallel evaluation, binary cache integration, build failure caching, Gitea/GitHub integration, and continuous deployment support based on Hercules-CI effects.

We have deployed buildbot-nix in the nix-community GitHub organization to provide fast CI for numerous projects.

In this talk, we will showcase the current features we support and share our plans for the next year.

Arena
18:50
18:50
10min
Buffer
Arena
19:00
19:00
25min
Introducing nix-make
Tobias Mayer

nix-make[1] is a C and C++ build system supporting incremental compilation. It
implements a thin layer of dependency graph construction in nixlang and lets
Nix do the heavy lifting.

[1] https://codeberg.org/tobim/nix-make

Arena
19:25
19:25
10min
Buffer
Arena
19:35
19:35
35min
Lightning talk block #1
Nitin Passa, Arnout Engelen, Shivaraj B H, Roland Coeurjoly, Bryan Honof, Thomas Bereknyei

Block for lightning talks with minimal break in between. Order will be determined shortly before it starts, and every speaker should be present at the beginning of the talk!

Arena
09:00
09:00
25min
Nix Constitutional Assembly Panel
Ron Efroni

Join us for a 25 minute panel conversation with the NCA members who drove the latest improvements and evolution of Nix governance. We will cover key topics, take questions live and reach out to the community ahead of time for top questions!

Arena
09:25
09:25
10min
Buffer
Arena
09:35
09:35
25min
Becoming a Nixpkgs Contributor
Thomas Bereknyei, Jacek Galowicz

This talk provides a roadmap toward becoming a Nixpkgs contributor. The format will be a discussion and demonstration.

Arena
09:35
60min
NixOS Wiki Meetup
lassulus

A Meeting for the Wiki Users, Admins, Moderators

Woanders
10:00
10:00
10min
Buffer
Arena
10:10
10:10
25min
Signed Nix Expressions
Finn Landweber

Nix build expressions will often rely on other expressions as dependencies, most commonly Nixpkgs. However, those could be modified by machine-in-the-middle attacks. Providing users with the means to verify cryptographic signatures on expressions could relieve this attack vector and strengthen Nix' resilience.

This talk will discuss update verification for Nix and NixOS with a focus on Git signatures. It will explain Guix' authentication mechanism and RFC 100 as an attempt to bring it to Nixpkgs. Subsequently, it will sketch out potential paths forward, considering use cases and additional burdens on developers.

Arena
10:35
10:35
10min
Buffer
Arena
10:45
10:45
25min
Nix as a Static Site Generator for My Blog (only mildly cursed!)
Patryk Wychowaniec

Since a Nix derivation can be anything, from a text file up to a directory tree, then what's stopping us from implementing a static site generator using Nix? Certainly not the police!

I've been using Nix as a generator for https://pwy.io (source code) for almost two years now - in this talk I'd like to show you how it works, go through pros and cons, and hopefully inspire you to see Nix as more than "this funny language used in nixpkgs".

Arena
11:00
11:00
120min
Deploy NixOS remotely with nixos-anywhere & disko
phaer

An introduction into nixos-anywhere and disko, followed by a demo of using both to deploy NixOS with ZFS on a remote Ubuntu host. Ending by a hands-on support/Q & A session for the remaining time slot.

Woanders
11:10
11:10
10min
Buffer
Arena
11:20
11:20
25min
Nix and Bazel - match made in heaven or hell?
Aleksander Gondek, Artur Stachecki

The premise of combining Nix and Bazel is really appealing and powerful - one gets the full reproducibility stemming from Nix (alongside all definitions from its rich ecosystem) and the fast incremental builds that are the hallmark of Bazel. Truly a bliss. Practicalities however beg to differ - the road towards such a combination is full of unexpected surprises, ill-implemented features and design decisions that break everything.

This talk is a journey of discovery of things that go wonderfully wrong if Nix and Bazel are being used together. The third ingredient to the Nix and Bazel cocktail are footguns. A lot of them.

We want to share them, so others do not have to get burned on them.

Arena
11:45
11:45
10min
Buffer
Arena
11:55
11:55
60min
Lunch Break
Arena
12:55
12:55
40min
devenv is switching to Tvix
Domen Kožar

We'll be looking into what kind of limitations we've hit using C++Nix and how Tvix solves them.

Arena
13:35
13:35
10min
Buffer
Arena
13:45
13:45
40min
Enabling incremental adoption of NixOS with module contracts
Pierre Penninckx

I personally believe NixOS to be the ultimate server management tool. But how to convince others? We must let them try NixOS!

Currently, the only way to try out NixOS is to go all-in. There's no way to get a feel for it by just replacing one small piece of an existing infrastructure. To ease and accelerate adoption of NixOS, this must change.

This talk goes over why module contracts is the essential and (yet!) missing piece that will help us spread adoption of NixOS.

Arena
14:25
14:25
10min
Buffer
Arena
14:35
14:35
35min
Call-by-hash
Julian Kirsten Arni

If we were to design a cloud based on a fundamental principle of Nix, namely hash-based addressing, what would it look like? What would be it's benefits? We did just that at garnix; this talk is about the big picture, and the details, of that idea.

Arena
14:35
20min
Infecting Your Server with NixOS
João Thallis

Installing NixOS on a server can be a challenge for beginners or take a long time if you need to install it on several machines. In this workshop, we will see how it can be simple and what tools we can use to achieve that.

Woanders
15:10
15:10
10min
Buffer
Arena
15:10
90min
Developer environment for a web project using devenv.sh
Domen Kožar, Sander Melnikov

We'll guide you through Nixification of a project using devenv.sh

Woanders
15:20
15:20
25min
FUSEd with nix: deploying nix apps to k8s in images weighting as little as 500 KBs
Aleksander Gondek, Artur Stachecki

Deploying nix-built applications to a Kubernetes cluster can be an exercise in frustration - even though nix has built-in support for creation of container images, the outcome is usually a quite sizable tar archive. Propagation, caching and updating of such images takes time, bandwidth and storage space. One is essentially packaging little slices of a nix store, every time an application needs to be delivered. There has to be a better way!

We want to present a FUSE-based way of attaching a shared /nix/store to container images and thus allowing them to only contain metainformation required to run the application. Even complex k8s deployments are reduced to very thin updates of data!

Arena
15:45
15:45
10min
Buffer
Arena
15:55
15:55
25min
Integrating Nix and Buck2 for fun and profit
Claudio Bley

In a large code base you want a tool that is able to build your project quickly by leveraging features such as a distributed cache and remote execution. At the same time it is important that your build is correct and thus reproducible.

In this talk I will present how we integrated Nix with Buck2, an open source build system developed by Meta, in order to achieve highly granular, reproducible builds for a large Haskell code base and how we were able to use Buck2's remote execution with Nix.

Arena
16:20
16:20
10min
Buffer
Arena
16:30
16:30
25min
Learning to Nix: Our Summer of Nix Experience
Enric Morales, Alberto Merino

In this talk, we’ll be sharing our journey through the Summer of Nix 2024 mentorship program giving a detailed look at our experiences and contributions. From the interesting projects we worked on to the challenges we faced and tackled. We’ll provide a an overview of how this initiative our understanding of Nix and contributed to the community. You’ll hear about the projects we've worked on, technical challenges and interesting rabbit holes we jumped into, and some honest feedback on how we can continue to improve. Whether you’re deeply involved in Nix or just curious about the program, I hope to offer valuable insights and inspiration for both current contributors and those looking to get involved.

Arena
16:55
16:55
10min
Buffer
Arena
16:55
120min
NixOS on garnix: Production-grade hosting as a game
Sönke Hahn, Julian Kirsten Arni, Evie Ciobanu, Jean François Roche

In this workshop we'll play a game based around deploying clusters of NixOS machines more quickly and smoothly than anyone else, and learn how garnix hosting works in the process.

Woanders
17:05
17:05
45min
Llamafiles plus RAG to have a chat with NixOS documentation running locally
Jose Quesada

Picture this: you're on a remote tropical island, with limited internet access and only your ultraportable laptop, which lacks a dedicated GPU. Now imagine you need to search resources like nix.dev, various GitHub configurations, or books like NixOS in Production. Basic indexing and grepping just won't cut it for handling docs, code, and especially PDFs. Plus, relying on exact matches feels outdated. What you really want is to ask natural language questions about the problems you're solving, and get comprehensive, detailed responses—using only the latest, most relevant docs and references.

Until recently, this idea was pure science fiction. But with the rise of large language models (LLMs), it's become reality. However, the usual suspects like ChatGPT have their drawbacks: they don't provide source links, tend to hallucinate, and require careful fact-checking. On top of that, running them is computationally expensive. Most ultraportable laptops lack the necessary GPU power, or, if they have one, it's energy-hungry or inadequate for LLMs. This effectively rules out using LLMs in the tropical laptop scenario. Even with enough compute power, setting up an LLM can be a headache, partly due to the notorious challenges of getting Nvidia CUDA to work smoothly on Linux.

Enter Justine Tunney's llamafile. It's a game-changer: a single zip file that runs on CPUs and across multiple architectures, built on the llama.cpp library, which is a C/C++ implementation of LLM evaluation for various model architectures. This simplifies running LLMs on CPUs by allowing existing model weights to be used without needing a GPU. Combine this with retrieval-augmented generation (RAG), which pulls relevant information from your chosen docs and GitHub repositories, and you've got an offline, fully functional setup for querying NixOS-related content—right from your beachside ultraportable laptop.

Arena
17:50
17:50
10min
Buffer
Arena
18:00
18:00
10min
Monitoring Your System Using NixOS
João Thallis

System monitoring is essential for maintaining infrastructure stability. In this talk, we will explore how NixOS can be used to configure and manage system monitoring for your applications and your NixOS system using Prometheus and Grafana.

Arena
18:10
18:10
10min
Buffer
Arena
18:20
18:20
10min
Comin: GitOps for NixOS Machines
lewo

comin is a NixOS deployment tool operating in pull mode. In this short talk, I will describe what GitOps is, how comin works and its main features.

Arena
18:30
18:30
10min
Buffer
Arena
18:40
18:40
45min
Lightning talk block #2

Block for additional lightning talks. If during the NixCon you decide that you would like to do a lightning talk, you can do it in this block.
Just contact anyone from the staff to let us know.

Arena
19:25
19:25
30min
Endnote

Endnote

Arena