My Feedback about Nixpacks - an alternative to Buildpacks
2 months ago, I discovered Nixpacks - an alternative to Buildpacks to build a final container image that simply works. I’ve tried it with multiple projects, and the promise is very good. I feel it is less black magic than Buildpacks and easily extensible. In this article, I will share my feedback on the pros and the cons of this emerging project. Let's go!
Nixpacks takes a source directory and produces an OCI-compliant image that can be deployed anywhere. The project was started [..] as an alternative to Buildpacks and attempts to address a lot of the shortcomings and issues that occurred when deploying thousands of user apps [..]. The biggest change is that system and language dependencies are pulled from the Nix ecosystem.
Nixpacks is available on Linux, MacOS, and Windows. You must also have Docker installed and running since Nixpacks relies on it. Once it's installed, you can execute the "nixpacks" cli command:
nixpacks 0.3.1
USAGE: nixpacks [OPTIONS]
OPTIONS: --apt ... Provide additional apt packages to install in the environment -b, --build-cmd Specify the build command to use --env ... Provide environment variables to your build -h, --help Print help information -i, --install-cmd Specify the install command to use --libs ... Provide additional nix libraries to install in the environment -p, --pkgs ... Provide additional nix packages to install in the environment --pin Pin the nixpkgs -s, --start-cmd Specify the start command to use -V, --version Print version information
SUBCOMMANDS: build Create a docker image for an app help Print this message or the help of the given subcommand(s) plan Generate a build plan for an app
My feedback
Here are the pros and the cons coming from what I've tried and seen:
Pros
MIT License
Written in Rust (it's a language I particularly like)
Using NIX and Docker to create a reproducible build.
Building a final container image (OCI-compatible - so great to run on Kubernetes).
Compatible with Procfile (perfect for users coming from Heroku and using Buildpacks).
Possibility to specify the build and start command.
We can easily add the support of a programming language and run our tests to validate it.
Cons
Still young - seems to be only used by the creator at the moment
By reading the Rust code, I think the team behind Nixpacks is not experienced yet with the language, so some stuff is not idiomatic (E.g using Result<Option<String>> instead of a custom enum type). It’s not a problem, but it’s probable that this version is still experimental and will lead to other major/breaking internal changes.
Running twice a build command does not use the local Docker cache even if the code has not changed - I guess it’s due to NIX.
It does not support (yet) the selection of multiple Procfile commands
I tried to build a Strapi app (NodeJS), and I didn’t succeed since it seems that we can’t specify the node version to use (Nixpacks scans the package.json and pick a version that is not the correct one). I think it can be improved easily.
I am pretty sure it works with all the simplest applications, but once apps use tons of dependencies that might link to C or Python or other languages inside, we might have failed to build (like for Buildpacks). The good part is that it is potentially easily reproducible (with NIX and the pin command).
Similar to Buildpacks with no black magic
It’s similar to Buildpacks but better since it generates a Dockerfile file and builds it with a NIX binary. Here is a schema of the process done by Nixpacks.
The usage of NIX makes errors understandable when something goes wrong, which is a convenient advantage compared to Buildpacks. For instance, when running "nixpacks build ." for one of my Strapi applications, I got the following error:
~/I/o/strapi-v4 (main|✔) $ nixpacks build . === Building (nixpacks v0.0.24) === => Packages -> nodejs-12_x -> yarn { nodejs = nodejs-12_x } => Install -> yarn install --frozen-lockfile --production=false => Build -> yarn run build => Start -> yarn run start [+] Building 1.3s (8/12) => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 464B 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 87B 0.0s => [internal] load metadata for ghcr.io/railwayapp/nixpacks:debian-1655126806 0.5s => [1/8] FROM ghcr.io/railwayapp/nixpacks:debian-1655126806@sha256:3d33b3f942fff25f99270e78177fe5ea39ce94b4090c5af336131a4a3d12794d 0.0s => [internal] load build context 0.1s => => transferring context: 477.36kB 0.0s => CACHED [2/8] WORKDIR /app/ 0.0s => CACHED [3/8] COPY environment.nix /app/ 0.0s => ERROR [4/8] RUN nix-env -if environment.nix 0.7s ------ > [4/8] RUN nix-env -if environment.nix: #8 0.359 installing 'env' #8 0.649 error: Package ‘nodejs-12.22.12’ in /nix/store/j86dwr6jqjrk1m7z7b1sk3wh8zswjpa7-nixpkgs/nixpkgs/pkgs/development/web/nodejs/v12.nix:11 is marked as insecure, refusing to evaluate. #8 0.649 #8 0.649 #8 0.649 Known issues: #8 0.649 - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/. #8 0.649 #8 0.649 You can install it anyway by allowing this package, using the #8 0.649 following methods: #8 0.649 #8 0.649 a) To temporarily allow all insecure packages, you can use an environment #8 0.649 variable for a single invocation of the nix tools: #8 0.649 #8 0.649 $ export NIXPKGS_ALLOW_INSECURE=1 #8 0.649 #8 0.649 Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+ #8 0.649 (Flake) command, `--impure` must be passed in order to read this #8 0.649 environment variable. #8 0.649 #8 0.649 b) for `nixos-rebuild` you can add ‘nodejs-12.22.12’ to #8 0.649 `nixpkgs.config.permittedInsecurePackages` in the configuration.nix, #8 0.649 like so: #8 0.649 #8 0.649 { #8 0.649 nixpkgs.config.permittedInsecurePackages = [ #8 0.649 "nodejs-12.22.12" #8 0.649 ]; #8 0.649 } #8 0.649 #8 0.649 c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add #8 0.649 ‘nodejs-12.22.12’ to `permittedInsecurePackages` in #8 0.649 ~/.config/nixpkgs/config.nix, like so: #8 0.649 #8 0.649 { #8 0.649 permittedInsecurePackages = [ #8 0.649 "nodejs-12.22.12" #8 0.649 ]; #8 0.649 } #8 0.649 (use '--show-trace' to show detailed location information) ------ executor failed running [/bin/bash -ol pipefail -c nix-env -if environment.nix]: exit code: 1 Error: Docker build failed
In my experience, this error message is much more understandable than Buildpacks but still hard to interpret for a neophyte in building apps with Docker and NIX.
Nixpacks supports complex build (PHP Laravel)
Applications written in PHP are hard to containerize. I spent (wasted) hours with Qovery users deploying their Laravel apps because they need a web server (NGINX/Apache) and to run 3 to 4 processes inside a container. Just to give you the perspective of the complexity, here is a Dockerfile I’ve written for a hello world PHP Laravel app 😕
Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them === Successfully Built! ===
Run: docker run -it f4cc686f-5c91-4e41-ad98-999fda42fa0f
This example convinced me to go further in trying Nixpacks.
Building a real-world React app didn't work
I've noticed that Docker is not well known by most frontend developers; Nixpacks would be super useful here to make frontend app deployment on Kubernetes easier. Unfortunately, I didn't manage to build our Qovery v3 console React app with Nixpacks. It's a real app with different kinds of dependencies, and this is where it fails. Python seems to be required for a library. I think it is fixable with not too much effort, but it does not work out of the box.
Building a simple React app worked
In this case, with a brand new simple "hello world" react app it works
Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them === Successfully Built! ===
Run: docker run -it c9330f44-3258-46a7-a489-ea2af6107834
To Conclude
Nixpacks is a promising alternative to Buildpacks, and I am pretty sure it will be well received by the open-source community. We even consider using it in Qovery as soon as we are confident in its future. The team behind made a very good job in providing an elegant solution to a complex problem - building a final OCI image without necessarily spending time to write a Dockerfile while keeping it auditable via a "nixpacks plan" command.
Starting today, get full visibility on your RDS databases directly inside Qovery. Troubleshoot app and database issues from one place without jumping into the AWS console
Alessandro Carrano
Lead Product Manager
Compliance
Azure
minutes
November 18, 2025
The Definitive Guide to HIPAA Compliance on Microsoft Azure
Master HIPAA compliance on Azure. Understand the Shared Responsibility Model, the critical role of the BAA, and how to configure Access Control, Encryption, and Networking. See how Qovery automates security controls for continuous compliance.
Mélanie Dallé
Senior Marketing Manager
DevOps
minutes
November 17, 2025
Top 10 Portainer Alternatives: Finding a More Powerful & Scalable DevOps Platform
Looking for a Portainer alternative? Discover why Qovery stands out as the #1 choice. Compare features, pros, and cons of the top platforms to simplify your deployment strategy and empower your team.
Mélanie Dallé
Senior Marketing Manager
Kubernetes
3
minutes
November 17, 2025
NGINX Ingress Controller End of Maintenance by March 2026
Kubernetes NGINX ingress maintainers have announced that the project will move into end-of-life mode and stop being actively maintained by March 2026. Parts of the NGINX Kubernetes ecosystem are already deprecated or archived.
Romaric Philogène
CEO & Co-founder
DevOps
minutes
November 14, 2025
The 10 Best Octopus Deploy Alternatives for Modern DevOps
Explore the top 10 Octopus Deploy alternatives for modern DevOps. Find the best GitOps and cloud-native Kubernetes delivery platforms.
Mélanie Dallé
Senior Marketing Manager
AWS
Cloud
Business
8
minutes
November 13, 2025
6 Best AWS Deployment Services to Consider
Choose the best AWS deployment tool for your needs: EKS, App Runner, Elastic Beanstalk, or CloudFormation. We compare their complexity, ideal use cases, and introduce Qovery, the new, automated platform that simplifies Kubernetes and IaC for rapid deployment.
Morgan Perry
Co-founder
Cloud
Kubernetes
minutes
November 6, 2025
The High Cost of Vendor Lock-In in Cloud Computing and How to Avoid it
Cloud vendor lock-in threatens agility and raises costs. Discover the high price of proprietary services, egress fees, and technical entrenchment, plus the strategic roadmap to escape. Learn how embracing open standards, Kubernetes, and an exit strategy from day one ensures long-term flexibility and control.
Mélanie Dallé
Senior Marketing Manager
DevOps
minutes
October 27, 2025
The Top 10 Porter Alternatives: Finding a More Flexible DevOps Platform
Looking for a Porter alternative? Discover why Qovery stands out as the #1 choice. Compare features, pros, and cons of the top 10 platforms to simplify your deployment strategy and empower your team.
.svg)
.svg)
.svg)
.webp)
.webp)