>Unless you're willing to throw it all out and use NixOS you're not going to solve that problem.
Well, I have been running NixOS systems for nearly a decade, and now have it deployed across 3 cpu archs in 3 continents. :) Tailscale also uses NixOS in prod, etc.
Not to mention, NixOS means: no docker hub/repo, all you need is a dumb blob store, no container signing, no complicated tooling for BOM or source provination, or tooling for version dep analysis. Much of the entire Golang/K8s devops-startup-chasing/adjacent ecosystem is obliviated by first-order Nix features. You don't have to think about container bloat, or container optimization, storage on nodes is cheaper; it's really hard to name an area that isn't strictly better other than "yes, you have to learn more than running an imperative bash script and capturing the tar filesystem". But, maybe there's good reasons for that. I've personally also sheparded probably half a dozen or more users into full-time contributors, so I know it's not impossible.
When Tvix hits with their NAR alternative, a number of other benefits are just going to start appearing for Nix users that try to adopt it. Much, much faster path downloads, significantly more on-disk de-duplication "for free", much better options for potential P2P replication, etc.
Well, I have been running NixOS systems for nearly a decade, and now have it deployed across 3 cpu archs in 3 continents. :) Tailscale also uses NixOS in prod, etc.
Not to mention, NixOS means: no docker hub/repo, all you need is a dumb blob store, no container signing, no complicated tooling for BOM or source provination, or tooling for version dep analysis. Much of the entire Golang/K8s devops-startup-chasing/adjacent ecosystem is obliviated by first-order Nix features. You don't have to think about container bloat, or container optimization, storage on nodes is cheaper; it's really hard to name an area that isn't strictly better other than "yes, you have to learn more than running an imperative bash script and capturing the tar filesystem". But, maybe there's good reasons for that. I've personally also sheparded probably half a dozen or more users into full-time contributors, so I know it's not impossible.
When Tvix hits with their NAR alternative, a number of other benefits are just going to start appearing for Nix users that try to adopt it. Much, much faster path downloads, significantly more on-disk de-duplication "for free", much better options for potential P2P replication, etc.