It’s pretty minimal out of the box (a bit like Arch). Unlike Fedora with SELinux or Ubuntu with AppArmor which come configured and enforcing out of the box.
Nix is a programming language, and a complex one at that. There are plenty of ways to achieve the same goal. But as a novice or even intermediate user, it’s hard to know which is the best way. It also doesn’t help when you go with Way A and later want to do something else, but you find someone’s setup that uses Way B. Should I switch to Way B too? Or should I try to combine both ways into Way C?
Flakes. First off, it’s annoying to have everyone say that NixOS is declarative and reproducible. Then you look into it a bit more and the story changes to “oh actually you need to enable this experimental feature to get better reproducibility”. But the part that actually annoys me is how everyone uses flakes and expects you to too, but it’s been an experimental feature forever and doesn’t seem any closer to becoming not-experimental.
Linking issues. Say I install something like nvim with nix, then an nvim plugin wants to install something. That plugin isn’t aware of nix and tries to do things the Unix way, but that breaks. I know there are two solutions/workarounds to this problem; some packages are patched to avoid this and there’s something you can put in your configuration that “emulates” a more traditional environment that’s more compatible.
I like sandboxing so I would use flatpak in NixOS. But there was some issue with fonts and icons I believe. I can’t remember if this PR fixed it or not: https://github.com/NixOS/nixpkgs/issues/119433
Not the best UX out of the box. It’s common to find people with nix caches of hundred of gigabytes large because the system doesn’t automatically clean things up.
Would you mind elaborating on that? I do have some suspicions but I would love to hear what bothered you about it.