I honestly have an easier time installing software on windows than I do on Linux. This is in general when it comes to many tools. I know package management seems like a solved or "mostly" solved problem on Linux as opposed to windows, but its not all rainbows and butterflies.
Just a small example I encountered just recently: Look at the install page for docker. Curl, pipe to some random folder, mix in some sudo access, then finally can I "install" the docker package.
That is mostly due to the company (Docker) not doing it the usual way. Normally they should have a build server, and then have a few line install. First is to add their repository, second is to install the software. From then on you just use your normal distributions update system. (Such as for example https://software.opensuse.org/download.html?project=hardware....) The real issue is that many companies choose to not do it the right way, and instead come up with weird new installation ways. When they do the same on Windows it just works because there is only one Windows, but there are multiple Linux distributions. As Windows begins to support Arm, and Apple moves to Arm (meaning more targets to support), I suspect that currently Linux specific issues will become more universal.
I totally agree. I'm amazed by how opaque and difficult to understand the process to create debian packages is because of all the various layers/helpers/tools that can/should be used in different cases and the difficulty in customizing things. There's a slew of interacting tooling (`dpkg`,`dpkg-buildpackage`, `debhelper`, each of the debhelper `dh-*` helpers, `sbuild`, `pbuilder`, `git-buildpackage`) that all has different documentation of varying quality, some of it replaces other pieces, etc.
My best experiences with packaging on linux have been gentoo ebuilds & arch pkgbuilds. These keep the build model pretty straight forward if the goal is to "just build a package".
That said: creating a dpkg is not an impossible thing to do. It's just more painful than it needs to be
1. Docker doesn't have to create anything ‘from scratch’ to package for Debian, Ubuntu, etc.— it's already in Debian
2. They are running their own apt repos already anyway! The thing the grandparent commenter is complaining about is part of normal apt usage. It's not a manual installation of some piece of Docker, just a normal part of configuring apt in order to install something that is, in fact, properly packaged.
> . Docker doesn't have to create anything ‘from scratch’ to package for Debian, Ubuntu, etc.— it's already in Debian
But the version is fixed per Debian release, which means that by its EOL it will be obsolete ( it's Docker, not a database, having the latest and greatest is a huge bonus). The whole point of custom repositories is to ship independently of the OS release cycle.
This is where Flatpak and Snapcraft can help you out. Just bring all dependencies with the binaries. But then people complain that dependencies aren't up2date and how they're a security nightmare because they aren't packaged by the Debian team.
That's the same as the version in the latest nixpkgs unstable:
nix search nixpkgs '^docker$' 15:41:11
* legacyPackages.x86_64-linux.docker (20.10.2)
An open source project to pack, ship and run any application as a lightweight container
Also, afaict Nixpkgs doesn't expose any unit files for the Docker daemon, so it'd take a bit of monkeying around with a new package definition to expose the one from the Moby source so that you could use it on some random distro (or you could write your own). Nix doesn't currently have any system-wide module system for managing services on non-NixOS Linux, unfortunately.
Both docker and flatpak are quite new in comparision to APT. Nix isn't really new, but gained traction lately, so in comparision to APT i would say It too is "new". We're not there yet, but i i believe shipping your dependencies with your application is how it'll all pan out for a lot of things. Even if it's a security nightmare not being able to update the dependencies for the entire system.
EDIT: And being new, there facilities aren't as mature, userbase smaller, so not enough work is put into packaging the latest versions. Since they also take on the goal of sandboxing the barrier for entry might be higher.
In general, Nixpkgs is very up to date. I'm a little surprised that the latest point release of Docker isn't in the master branch already. Maybe that's because emphasis is elsewhere for the upcoming NixOS 21.05 release at the moment.
But I think the main barrier to running Docker from Nix on non-NixOS is the lack of a systemd unit file or other init system configuration in Nixpkgs. Nixpkgs just doesn't have any facilities for that atm and afaict no one is working on them right now. There are definitely precursors to that functionality in:
• the NixOS module system, which provides exactly this functionality for NixOS, where the module system is in charge of configuring systemd
• nix-processmgmt, an experimental Nix framework for writing Nix expressions to describe services to be managed by a range of process managers that may or may not be PID 1 (which means the could be usable on non-NixOS): https://github.com/svanderburg/nix-processmgmt
• nix-darwin, a module system for macOS that provides some NixOS functionality, including managing services: https://github.com/LnL7/nix-darwin
The discussion on the service abstraction layer for Nixpkgs/NixOS is also very relevant. It shows that there has been interest in something like this for many years, but it's never quite come together: https://github.com/NixOS/nixpkgs/issues/26067
I wouldn't assume it's just around the corner or inevitable. It is a really exciting possibility, though, and the nix-processmgmt framework seems like something that could evolve into a service abstraction layer for Nixpkgs that could make facilities for managing services available in a uniform way even on non-NixOS Linux.
... yeah, maybe it's a mess on linux too heh. at least it's a mess you can interact with via version controllable text files and scriptable cli tools though...
in the section labeled ‘Add Docker’s official GPG key’, where you download a GPG keyring for Docker's apt repository and install it to /usr/share/keyring?
But overall, that sentence you quote of mine was me trying to condense my general feel of the instructions in a bit of an exaggerated tone. Let's be honest, not all of the instructions there are super obvious if you're not comfortable with the Linux ecosystem. Most people will just copy paste everything on that page till docker works, ignoring the big fat warning saying "Always examine scripts downloaded from the internet before running them locally.".
I guess if you're a developer and you just picked up some laptop pre-loaded with Ubuntu and you've never used the command line in your life, it would be better for you to download some file with metadata for apt to consume, and a default file association that gives you a GUI prompt asking you if you want to add the repository. It is kinda lame that Ubuntu doesn't have that. (openSUSE does have GUI facilities for adding repositories, although it's been a long time since I've used them. I wonder if Fedora has something like that, too.)
If you're using Docker to develop applications for Linux servers, the bash builtin `echo` and `tee` are probably among the absolute minimum basics of the command line you ought to learn ASAP. And if you're gonna run Ubuntu at all, the format and use of `/etc/apt/sources.list.d/*` is part of your absolute minimum curriculum, too. I don't think the confusion of folks who are unwilling to do those things is a huge problem in this specific use case.
But you are right in general: it's unusual among desktop operating systems that in the Linux world, users are expected to know about how the configuration for the system is stored. And while I don't think that's necessarily a problem, it would be better if for extremely common use cases (like adding an external software source), users could always use tools (including command-line tools!) that didn't confront them with implementation details such as configuration file paths or lines to be appended to them and instead summarized what was to be done in human terms and asked them if they wanted to do it.
The Debian-based tooling is especially weak here, and especially at the moment, since `apt-key` has been deprecated for security reasons but there's no convenient tooling to replace it at the moment. :-\
Just a small example I encountered just recently: Look at the install page for docker. Curl, pipe to some random folder, mix in some sudo access, then finally can I "install" the docker package.
https://docs.docker.com/engine/install/ubuntu/