Homebrew has become the default package manager on macOS, but Nix has quietly built a loyal following among developers who care about reproducible environments, isolated dependencies, and rollback support.
The downside? It looks intimidating.
Let’s see what it actually does differently.
Homebrew vs Nix Philosophy
Homebrew installs software into locations like:
/opt/homebrew
/usr/local
Applications often share libraries and dependencies.
Nix takes the opposite approach.
Every package lives inside:
/nix/store
Each package directory contains a cryptographic hash.
Example:
/nix/store/9yx9n4xv3l4i-python3-3.13.2
Nothing gets overwritten.
Multiple versions happily coexist.
What Does the Nix Directory Look Like?
A typical installation contains directories similar to:
/nix
├── store/
├── var/
├── profiles/
└── gcroots/
store
Contains every installed package.
profiles
Represents “generations” of installed environments.
gcroots
Prevents packages currently in use from being garbage collected.
var
Stores metadata used by the package manager.
Unlike Homebrew, binaries aren’t scattered throughout the filesystem.
Why Are Paths So Weird?
Those long hashes aren’t random.
They’re calculated from things such as:
- package version
- compiler
- dependencies
- build options
If anything changes, the hash changes.
That makes every package effectively immutable.
Reproducible Development Environments
Instead of writing setup instructions, projects can include a configuration file.
For example:
nix develop
creates an isolated shell with the exact compiler, libraries and tools defined for that project.
Two developers can work on different versions of Python, Rust or Node without interfering with each other.
What Permissions Does Nix Need?
This is one of the biggest differences from Homebrew.
During installation, Nix usually:
- creates the /nix directory
- installs a background daemon (multi-user installation)
- creates dedicated build users such as
_nixbld1,_nixbld2, etc. - updates shell configuration
- may enable the daemon through macOS launch services
Because these are system-wide changes, the installer typically asks for administrator privileges.
After installation, day-to-day package management usually does not
require running every command with sudo. The daemon performs
privileged operations while regular users interact with it through the
Nix client.
Why Does It Create Build Users?
The build users are intentional.
Packages are built inside isolated environments using dedicated system accounts.
Benefits include:
- improved isolation
- fewer accidental writes outside the build
- better reproducibility
- reduced impact if a build script behaves unexpectedly
This design is very different from traditional package managers.
Does Nix Modify macOS?
Much less than many people expect.
It doesn’t replace system libraries.
It doesn’t overwrite Apple-provided software.
Most changes are concentrated in:
/nix- shell configuration
- daemon configuration
- launchd service registration
Your actual macOS installation remains largely untouched.
Rollbacks
Every environment is stored as a generation.
If an update breaks something, switching back is straightforward.
That’s a feature many developers don’t appreciate until they actually need it.
Can Homebrew and Nix Coexist?
Yes.
A common setup is:
- Homebrew for GUI apps and miscellaneous utilities
- Nix for programming languages and project environments
Many experienced macOS developers run both without issues.
Downsides
Nix isn’t perfect.
Expect to learn concepts like:
- flakes
- derivations
- channels
- generations
- garbage collection
The learning curve is significantly steeper than Homebrew.
Final Thoughts
If you simply want to install wget or ffmpeg, Homebrew remains the
easiest choice.
If you frequently switch between projects, maintain multiple language versions, or want every developer on your team to use identical environments, Nix offers advantages that are difficult to replicate with traditional package managers.
It isn’t necessarily faster.
It isn’t necessarily simpler.
But it is one of the most interesting approaches to package management available on macOS today.