Does anyone know if Ansible works on NixOS? I understand that Ansible requires a working Linux system before it can operate, but it would be nice to use some of my existing Ansible playbooks rather than rewriting everything in Nix.
Ansible would work, but to use NixOS properly or would have to only modify /etc/nixos/configuration.nix and run nixos-rebuild switch after that.
Any other changes are not recommend, unless it is home directory and you don't use home-manager.
At that point you would correctly wonder why would you use ansible it is like running ansible to run saltstack.
NixOS essentially makes these tools redundant. It is also more powerful. Imagine that you wanted to for example use libressl instead of openssl with python, because it is more secure, or maybe introduce your custom patch put use different configure option. With other tools like ansible, you would start with building custom package(s), then place that package in repo like artifactory. Then write your ansible definitions, you would add artifactory to the OS uninstall the old package install a new one (also worry that replacing your Python package with a custom version could break other stuff, you might end up installing your Python under a different path). If you want to revert it, removing these steps is not enough, you would need to write steps that would revert it.
In Nix, you make change to the disk that is being installed. If nix won't find precompiled package in its repo it will automatically pull compiler and compile it. If you configure caching after finishing it it would populate the cache so other machines no longer would need to compile it. And if something else is using old Python version it won't be affected at all, it will continue using what it was using. If you remove your change nix will restore back the previous state, no need writing rules about restoring it.
Another killer feature is that nix will never leave your packages in half state, everything is atomic. So if you incorporate many changes you either get all or nothing. It also guarantees that all machines using particular configuration are identical, I often seen rules working on one machine and not working in another (different OS version, maybe previous state was not applied everywhere or somebody made changes by hand).
These are good points, but one reason to use Ansible to configure NixOS is if you must continue using Ansible to configure other computers / cloud instances that are not running NixOS. It would be easier to adopt NixOS if you could do it incrementally rather than replacing everything.
I suppose one could use Nix to configure computers that are not running NixOS? Switching all of my Ansible playbooks to the Nix package manager is non-trivial, but perhaps less effort than changing every OS at the same time?
But can you use Nix to interact with the cloud? I currently use Ansible to spin up virtual servers on Linode using their web API, for example, and I expect to have to interact with AWS or Google Cloud in the near future.