Nix is the best configuration management tool. Declarative, programmable, version controlled machine configs, what more could you want?
Nixos
I’m trying out daily driving NixOS and one of the problems I have is knowing when updates are available. On NixOS all the packages are defined in a giant git repository - github:nixos/nixpkgs - and updates are commits to the various branches (called channels) of this repo. Then, my system is locked to a particular commit hash for whichever channel I’m comfortable running. Thus, to find out if there are updates available I just have to check if the most recent hash is in the lock file.