Quite the contrary. Home-manager is literally the only thing that's worth using Nix. Anything beyond that is far too esoteric, unsupported, non backward compatible and continuously broken.
My dotfiles managed by nix(-darwin) and home-manager breaks every time I update my pins, and I find myself having to bisect which commit introduced the issues. Given that, I just don't see how that would scale to a full OS, let alone to a team at work. 1000% better simpler with understandable Dockerfile and Kubernetes YAML manifests, or with Ansible YAML. At least every folk can StackOverflow and ChatGPT it to a working state, and have it work for a considerable amount of time without further maintenance.
Unless I'm misunderstanding something, this is precisely why I don't use Home Manager. I've literally never had my NixOS setup break over the course of many years.
Ya their comment does not match up to my experience at all. When I update my lockfile it very rarely breaks and if it does I just roll back a commit and wait a day and it's usually fixed.
This is... sort of the point, too. Rolling back is insanely easy - and it's version controlled so even if something obnoxious happened you (should) know the exact commit that broke something as well.
In the very worst case, you update components individually until you find the offending one.
I've used both NixOS and nix-darwin for 2 years professionally now as daily drivers, and have had generally nothing but great success. I'm not fearing an OS update actively breaking my environment (which I can't say the same for macOS, as much as I am a fanboy of Apple).
Sorry for the harsh words but you don't have any idea what you are talking about.
Some examples: managing patches for applications is doable with NixOS. With overlays they survive updates and if they no longer apply, build fail before they can have production impact. Doing the same with docker is a nightmare and different for every dockerfile without a common interface around it.
Ansible takes the previous state of the system into account which is terrible if you want to manage it fully declarative. Worst case in NixOS you do a reboot and your config applies almost no matter the previous state.
And that you can leave something running without maintenance is naive and it will start to slowly rot.
I think there’s a consensus around a gap Witt respect to documentation, forums, porcelain, etc. in Nix world.
But with all due respect, asserting that everything outside of home manager is “not worth using” is fertilizer.
The fact that smart companies (TailScale and Shopify come to mind, but there are zillions) are willing to cope with those (obnoxious) gaps is very, very strong evidence that there’s a lot worth using.
git was considered too hard, inadequately documented, maliciously baroque for years before GitHub happened.
Nix solves a harder (and more important) problem in a similar way.
Debian documentation has usually the same gap but there are many resources out there how to get things done but not necessarily the way debian intended which can break things on updates or name them unnecessarily hard.
My dotfiles managed by nix(-darwin) and home-manager breaks every time I update my pins, and I find myself having to bisect which commit introduced the issues. Given that, I just don't see how that would scale to a full OS, let alone to a team at work. 1000% better simpler with understandable Dockerfile and Kubernetes YAML manifests, or with Ansible YAML. At least every folk can StackOverflow and ChatGPT it to a working state, and have it work for a considerable amount of time without further maintenance.