MixRank has been using nix in production for over 3 years now. We're just using the nix package manager on Ubuntu and MacOS, not nixos. Easily one of the best technical decisions I've made.

Here's a comment I left on it's benefits: https://news.ycombinator.com/item?id=10714102

What do you mean by: "The fork is then squashed as a git subtree into our main repo"? I don't grasp what actually happens there, between the two repos (the nixpkgs fork repo vs. your main repo)?

What's the benefit of using Ubuntu instead of NixOS if you choose nix package manager instead of apt-get?

There are a few outstanding issues that are keeping me from using it in production but it's pretty stellar as a home system. There are a few companies using it though. Biggest issues I have at the moment relate to secrets/keys not being storable in a sensible way. That and the dev environment is in my opinion so different than the norm that it seems to break some tools like spacemacs and some embedded arm tools in my case

I've had no trouble with spacemacs on nixos: I just let spacemacs manage its own elpa/melpa packages. Works the same as on any other system.

What's the issue with keys/secrets you've had?

The trouble I had with spacemacs was it didn't see programs that were part of the nix-shell path which was incredibly annoying. As an example having a rust development environment, spacemacs couldn't find cargo, but it was clearly in my shells path.

I am most likely explaining this wrong, but because building derivations are isolated from the global environment variables, any way of accessing configuration options seems like a kludge.

We ended up adding a hashicorp vault server to our deployment, but that felt like adding a lot of complexity for a very basic part of the deployment process.

A blessed solution for a common setup that doesn’t involve checking in secrets into the repository would be very useful. Better yet, some first-party support through nixos or nixops.

Yes, we use it for all our customer-facing web services at Zalora! It works as advertised and is rock-solid. I also run it on all my Linux laptops (2 personal + 1 work).

Curious as well. Particularly regarding:

- how do you provision & manage systems/instances?

- relative to any other ways you've done this, how much effort goes into standing up the first server, any additional servers, and ongoing maintenance/management?

Also: how do you upgrade the system? Do you jump between "releases"/stable channels, or do you somehow chase the nixos-unstable channel? Do you do some kinds of pinning of nixpkgs?

Just in case you didn't see since they commented after you, smilliken describes the nix process at their company https://news.ycombinator.com/item?id=10714102

our hoster offers Nixos VMs only; flyingcircus.io