I’d look into building all of that in a flake just so you can encapsulate (and have a central version control of) all of your dependencies in case something does change.

I’m a bit of a Nix dork but I tend to try and declare my entire dev stack in a flake so it can follow me to every machine. It offers some of the “it works on every machine” guarantees that Docker offers while also forcing the compilation of the stack to happen natively (or at least pulls in some content addressed cache that offers security by being the exact hash for the whole dependency graph). I like that

Here’s how I used the Nix way to declare an interactive Python scraper the other day. With this method, I can lock dependencies between machines as a matter of course without having to use Docker:

{
  description = “Weed Scraper”;

  inputs = {
    nixpkgs.url = “github:NixOS/nixpkgs?ref=nixpkgs-unstable”;
    utils.url = “github:numtide/flake-utils”;
  };

  outputs = { self, nixpkgs, utils }: utils.lib.eachSystem [“x86_64-linux”] (system: let
    pkgs = import nixpkgs { system = system; };
  in rec {
    packages = {
      pythonEnv =
        pkgs.python3.withPackages (ps: with ps; [ webdriver-manager openpyxl pandas requests beautifulsoup4 websocket-client selenium keyboard ]);
    };

    devShell = pkgs.mkShell {
      buildInputs = [
        pkgs.chromium
        pkgs.undetected-chromedriver
        packages.pythonEnv
      ];

      shellHook = ‘’
        export PATH=${pkgs.chromium}/bin:${pkgs.undetected-chromedriver}/bin:$PATH
      ‘’;
    };
  });
}