Immutable Operating Systems: Yay or Nay?

In my opinion: Yay for people not tech savy, so they can't bork their system, and it prevent most malware to do damages. Or for special devices, like the Steam Deck!
Nay for thinkerer like me, if I want to uninstall the boot loader, I need the option!!
- so they can’t bork their system
  not tech savy people: you underestimate my power
  
  It's just a single command you need to copy and paste to make the filesystem mutable so it won't stop a lot of people.
  
  you build an idiot-proof system, somebody will build a better idiot
- Yeah that's my feeling on it too. I think an immutable OS would be great for something like an office, where you can have everyone on the exact same setup that's way harder for non-techie people to break, and presumably if something does go wrong then the fix will work for everyone.
  But yeah I'm too much of a tinkerer to use one on my personal machine.
- I don’t like being essentially locked out of the internals. I can understand a lot of developers don’t have an interest in system administration as long as it works for them.

I use NixOS, which is kind of a middle thing. The OS is generally immutable, except through one central config. This allows to tweak the OS to exactly the way you want it, whilst preventing any accidental changes and allowing atomic rollbacks.
Learning Nix configuration syntax is a bit of a bump in the road, but once you've got that it's smooth sailing
- How long did it take you to migrate from the distribution before and what's your experience in this space in general?
  I like the idea of a declarative configuration, but I find it hard to justify when Ansible has the potential to do the job 99% as effectively.
  Also, what do you feel are the most "killer features" in nixOS?
  
  I've recently switched over to NixOS in gradual rollouts to my systems:
  Stage 0 (~2h):
  Installed NixOS with Gnome on my Laptop for testing an getting a feel for it (I prefer testing on bare-metal initially)
  Tweaked it a bit via the config: removed gnome apps that came with the preset, installed all programs I needed and tested them
  Stage 1 (~3d):
  Installed NixOS minimal on my primary system
  Set up sway according to the wiki
  Bodged together something similar to my previous arch setup, mostly my linking old config files with nix to programs installed with nix
  Stage 2 (~4d):
  Moved all configs I could from my linked config files to the nix module declarations
  Seperated config file into files ordered as like config-tree
  Achieved a similar working state to my previous arch install
  Moved channel from 22.11 to unstable (rolling release)
  Stage 3 (~7d):
  Set up home-manager
  Finally moved all config declarations into nix modules, no non-nix files left in my config
  Also copied the config to my laptop, a single activation and I switched from gnome to sway without any problems
  Stage 4 (~21d):
  Looked at a bunch of other peoples system configs
  Recreated everything as a flake, similar to dunklecat's config from sourcehut
  Applied the config to my primay system and laptop
  Wrote a bunch more config modules
  Stage 4.5:
  Wrote some tools to make moving around nix easier for me, but mostly to get accustomed to the ecosystem
  Stage 5 (~6d):
  Created and applied further system configs for a hetzner server & VMs
  Stage 6 (tbd):
  Refining my config
  Adding further modules
  Edit 1 (added personal experience): I'm a computer science student and have been using *nix as a daily driver for half a decade, my previous daily driver was arch for about two years. I spend ~1000h/y coding on non-University or Work related projects. I'm at a point where I can typically pick up a the basics of a new language in two to three weeks and write simple programs with it -> library/specific knowledge comes with usage.
  
  I like the idea of a declarative configuration, but I find it hard to justify when Ansible has the potential to do the job 99% as effectively.
  From my point of view, the strength of NixOS compared to sensible is not that it does the stuff you declared in your configuration. It's knowing that the description is complete and your system does nothing else (because it's basically selectively built at boot). Sure, some options have implications that might not be visible at first glance, but nothing can hide in the long term. You have no such guarantee with Ansible.
  Ansible is a good solution, but it doesn't do as much as nix on NixOS.
- This! ⬆️

The only immutable "distro" I use is SteamOS on the Steam deck, and already knowing that I will have to re-install networkmanager-openvpn annoys me.
- I put together an Ansible playbook to "recover" from SteamOS updates. I use mine for gaming and some software development, and trying to get back Arch packages would be a huge pain without my playbook.

I've been running Silverblue for 2 years. Apart from the hiccups mostly at the beginning of that time, things have been running very smooth and I haven't had any issues worth mentioning. Things that have been and still are hassles are e.g. missing media codecs (ffmpeg and friends) and kernel configs & modules (e.g. drivers such as nvidia). I had to learn a few new tricks with flatpak but my major use case - Steam - runs as flawless as it does on other platforms.

I've been using uBlue (https://ublue.it/)for a couple of weeks now and I've been loving it.
Most software exists as a flatpak, and if not, I can just run a distrobox for it. Can't complain.
- Im also on Ublue right now, used the 'make your own' guide to craft a Hyprland flavoured system. Which basically just means creating a github repo where you put the desired packages in a yaml file then github builds the immutable image for you (on top of the work ublue devs do ofc). Would highly recommend Ublue.

I have very little familiarity with most immutable distros and I don't know how difficult they are to make necessary configurations to system files. If I can't change things that need to be changed, that's an issue for me.
That said, I've just started looking at NixOS, which is immutable from my understanding. It looks incredible, because you preconfigure everything exactly how you like in a config file then build the system from that config. It seems like the best of all worlds - total control over your system to configure it how you want, multiple easy fallbacks if you mess something up, no worries about forgetting what changes you've made or how to replicate/undo them, and the security and unbreakability of an immutable filesystem. For the first time since I started daily driving Linux, I think I'm going to distro hop.
- I'm using NixOS currently on both my gaming pc and my laptop, you should absolutely try it it's as good as it sounds
  Takes a bit of learning if you want to use it to its fullest but it's great out of the box too provided you read the getting started guide
  If you do make the switch I would highly recommend putting your NixOS configuration file(s) in source control of some kind, it'll let you revert to previous builds out of the box but afaik you can't revert the config file itsself
  
  I am looking at switching but gaming is a potential pain point.
  Does Steam. Heroic and proton all work?

Been using Silverblue for about a year now with no issues, recently rebased to ublue Nvidia for extra stability and some other perks. For my use case (web browsing, document viewing and editing, coding) it's been perfect. My coding environment lives in an arch linux container, all my other apps are flathub flatpaks

I really wanted to try an arch-based immutable OS. I came across what is now known as "ashos". It was (and still is) in early development. It relies on btrfs snapshots for its anti-hysteresis properties. The code is mostly Python, but it just uses os.system calls everywhere and often doesn't do anything to verify exit codes before continuing to the next command. The main developer doesn't seem very interested in following best-practice conventions of the language he's working in, so that's where my interest unfortunately ended.
I follow Jorge Castro on fedi, and I see a lot of the points he makes in promoting not only ublue but also immutable distros and related containerization tech in general. To me, it seems like a lot of added complexity and excitement to work around distro-specific problems that I do not have.
Would it be cool to be able to instantaneously re-deploy my machine's entire environment? Sure, but I can count on one hand the number of times I've borked an Arch install in the thirteen years I've been using it: That number is zero.

I'm keeping a close eye on the various immutable distros. I've tried NixOS a couple of times now, but I ran into issues with software compatibility. My development tools would constantly have issues, which if I put in a ton of work I could generally workaround... Then there was some software that I just couldn't run, and you can't just run a standard "Linux" binary because all of the libraries that most binaries would expect, such as libc, libssl, etc are not in /usr/lib, but rather they are in the Nix store so those binaries need to be patched to search for their required libraries in the correct place.
The final nail in the coffin for my last go around at NixOS was I need to use a specific piece of software that does time keeping for work, and it operated fine until one day it signed me out and the button to sign back in did nothing. Even when I started the program from the CLI, there were no errors. If I can't sign in, I'm effectively not "on the clock" so that is an absolute show-stopper for me. I replaced NixOS with Fedora, and it worked perfectly fine after that. It is a shame because I quite enjoyed the idea of having a reproducible system that allowed me to blow away the system, then reinstall it, point it to a flake I built, and run a command resulting in everything being back the way it was.
I've been wanting to give VanillaOS and Silverblue/uBlue a try, but to my knowledge neither of them support a dual-boot setup, and I run Windows alongside Linux for the occasional game that doesn't work in Linux (as well as a backup environment to be able to access my tools for work, such as the scenario I mentioned earlier). I've heard that you can somewhat get around this by having separate drives and while my Windows install is technically on a different drive, the drive that I use for Linux also has a partition for games in Windows, as that boot drive is only a 240GB drive and I believe both of those distros require that you dedicate the whole drive to it.
- it's nice to see someone who actually used it not go in the speech script throwing "deterministic" and "declarative" every sentences without ever giving a sensible use case
  
  Heh, yeah... don't get me wrong, I think that immutable distros have an attractive appeal to them the way that they're often sold - however in my experience its been very rare to come across anything that comes with significant improvements yet doesn't have any trade-offs or a "price to pay" especially when it comes to computing and software.
  Do I think the rough parts will shrink over time? Potentially. I mean, macOS has been basically doing this for quite a few years now with its "System Integrity Protection" and it seems to do fine... but at the same time, aside from homebrew shenanigans I never really needed to modify things outside of /Users and /Applications when I used macOS.
  I certainly would like to hear more experiences about these distros that aren't just evangelizing immutability and mention more about their pain points like I did.
- I'm actually dual-booting ublue (rebased to it from silverblue) and windows right now. When setting it up I didn't even know about any potential troubles lol. On my laptop they live on two separate drives with two separate EFI partitions, grub detected the windows bootloader and it's been working perfectly (no broken bootloaders, no windows getting before grub in boot order) for about a year now
  
  Interesting! I'll have to take another look at it then. Earlier I had tried installing regular Arch (just for something quickly to install) into a VM, leaving the virtual disk some empty space (20GBs) and then tried to tell uBlue to install in that empty space (there was an option labeled "Create the new partitions for me" or something along those lines), and while it accepted that as a valid partition scheme when I actually tried to proceed with installation it failed right away giving me the error message at the bottom of this page.
  Perhaps then the key might be trying out regular Silverblue, and then rebasing that to uBlue instead of a clean install!

I've been using the same Silverblue installation for about two years (maybe even more than that). Initially, I did a lot of tweaking because I didn't really know how to approach toolbox and flatpaks, especially because I don't use Gnome as my desktop environment, so this system went from standard Silverblue to Silverblue+i3 overlayed, then to Silverblue+sway overlayed, recently it got rebased to Sericea and it's still running like day one. It also got upgraded from version 35(-ish) to 38 still without any issues (well, I did have some issues, but I simply rolled back and that fixed it).
I'm also deploying several Fedora CoreOS servers with a similar level of success, but those mainly tend to just run some containers, so I would say I mess way less with those, it's been mostly just update/upgrade to the latest, check if podman is still running my containers and let them be.

I've been daily driving openSUSE Aeon/Kalpa for the better part of two years now. I don't see any good reason to return to a traditional distribution for a desktop machine. I very much know what I'm doing as a linux user/admin, having been using it for years, and the no-fuss/no-hassle nature of an immutable system is exactly what I want for my workstations. And ultimately my servers.

It's not black and white. It's different tools for different jobs. You can get by with either, depending on what you are trying to do.

I dunno, not being able to turn off the sound is a deal breaker for me.
/s

Isn't ChromeOS immutable? I see the hype for inbeded devices maybe servers. Other then that it seems like it's not worth the hassle.

I'm not using an immutable distro, but I am daily driving a KVM-based Gentoo setup where most of my VMs use transient (immutable) storage and iSCSI where persistence is required.
I'd say that immutability has a ton of benefits for security and reliability, but it's important to be able to customize things when needed. I'm not sure an immutable distro would offer much in the way of customization though.
In my case I am generally unable to harm my system without meaning to, and I'm able to test new configurations without issue. I have lost data before when accidentally saving to a transient disk, but this is something I could fix with better scripting.
I'd say that in general, incremental backups are a better solution if you're only looking to avoid messing up the system. But immutability is a good option if you like containers or have some other way to configure things before locking them down.

The ideal end state is "why not both?", I think. Have an immutable "base" system, and utilize mutable overlays on top for any necessary tinkering or involved activities.
Casual users need not interface with the overlays at all (or do so through very controlled mechanisms, like how Flatpak/Snap, Steam game containers, etc work today), while developers, tinkerers, and those that are curious can create throwaway environments that they can mess with to their heart's content.
WSL on Windows has its warts, but it shows how such an ecosystem is possible (if you treat Windows itself as a Black Box That Must Not Be Modified). I think the immutable distro ecosystem is on the right track, with technologies like Toolbox/Distrobox to bridge the gap, it will just take time for the tooling, practices, and ecosystem around them to mature and not be as much of a hassle as they are today.
Today, I am running both immutable and non-immutable setups on various machines. My work computer (development) and gaming rig are on a traditional setup, as my specific development needs are not 100% compatible with a toolbox environment, and gaming-adjacent applications like Discord are slow to adapt to the needs of Flatpak containerization. I have a laptop that's 100% just used for media consumption and shitposting, which is a good use case for immutable distros today and is running Fedora Kinoite.