Introduction to nixos-rebuild-ng: A Rewrite of nixos-rebuild

# nixos-rebuild-ng Work-in-Progress rewrite of [`nixos-rebuild`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh). ## Why the rewrite? The current state of `nixos-rebuild` is dire: it is one of the most critical pieces of code we have in NixOS, but it has tons of issues: - The code is written in Bash, and while this by itself is not necessary bad, it means that it is difficult to do refactorings due to the lack of tooling for the language - The code itself is a hacky mess. Changing even one line of code can cause issues that affect dozens of people - Lack of proper testing (we do have some integration tests, but no unit tests and coverage is probably pitiful) - The code predates some of the improvements `nix` had over the years, e.g., it builds Flakes inside a temporary directory and reads the resulting symlink since the code seems to predate `--print-out-paths` flag Given all of those above, improvements in the `nixos-rebuild` are difficult to do. A full rewrite is probably the easier way to improve the situation since this can be done in a separate package that will not break anyone. So this is an attempt of the rewrite. ## Why Python? - It is the language of choice for many critical things inside `nixpkgs`, like the `NixOSTest` and `systemd-boot-builder.py` activation scripts - It is a language with great tooling, e.g.: `mypy` for type checking, `ruff` for linting, `pytest` for unit testing - It is a scripting language that fits well with the scope of this project - Python's standard library is great and it means we will need a low number of external dependencies for this project. For example, `nixos-rebuild` currently depends on `jq` for JSON parsing, while Python has `json` in standard library ## Do's and Don'ts - Do: be as much of a drop-in replacement as possible - Do: fix obvious bugs - Do: improvements that are non-breaking - Don't: change logic in breaking ways even if this would be an improvement ## How to use If you want to use `nixos-rebuild-ng` without replacing `nixos-rebuild`, add the following to your NixOS configuration: ```nix { pkgs, ... }: { environment.systemPackages = [ pkgs.nixos-rebuild-ng ]; } ``` And use `nixos-rebuild-ng` instead of `nixos-rebuild`. If you want to completely replace `nixos-rebuild` with `nixos-rebuild-ng`, add the following to your NixOS configuration: ```nix { ... }: { system.rebuild.enableNg = true; } ``` This will set `config.system.build.nixos-rebuild` to `nixos-rebuild-ng`, so all tools that expect it in that location should work. ## Development Run: ```console nix-build -A nixos-rebuild-ng -A nixos-rebuild-ng.tests.linters ``` The command above will build, run the unit tests and linters, and also check if the code is formatted. However, sometimes is more convenient to run just a few tests to debug, in this case you can run: ```console nix-shell -A nixos-rebuild-ng.devShell ``` The command above should automatically put you inside `src` directory, and you can run: ```console # run program python -m nixos_rebuild # run tests pytest # check types mypy . # fix lint issues ruff check --fix . # format code ruff format . ``` ## Breaking changes

nixos-rebuild-ng is a work-in-progress rewrite of the original nixos-rebuild tool, aiming to address its issues such as being written in Bash, lack of proper testing, and being difficult to refactor. The rewrite is done in Python for better tooling and maintainability. The goal is to be a drop-in replacement, fixing bugs and making non-breaking improvements. The document provides instructions on how to use and develop with nixos-rebuild-ng, including running tests and linters.