[sally_glance]

Coming from Ansible with hand-written config templates this was honestly a friction point for me - I felt like NixOS is trying to actively hide what it's actually going to configure. It's gotten better now that I read some nixpkg service sources but from time to time I still feel the urge to just directly manage my systemd units, sshd configs and whatnot. Like, sure it simplifies the setup but at the same time also puts another abstraction between me and the software I'm using.

[hombre_fatal]

You always have the option to do your own custom thing like use nix config to manage /etc/iptables.rules.

NixOS does you one thing better by giving you the option to configure things without caring about the underlying implementation, like whether the firewall uses iptables or nftables or something else.

[frantathefranta]

I agree with the many levels of abstraction, but at the same time, directly managing systemd units is also so much easier with Nix then any other distro I've tried.