Atomic state
moss owns /usr, the kernel, initrd, boot entries, firmware, Mesa, PipeWire, portals, and the compositor. It is the hard layer.
atomic musl base / persistent Nix toolbox
A small operating system built from scratch where moss owns the machine and Nix owns the toolbox.
The base is musl, transactional, and auditable. The software long tail lives above it in a persistent multi-user Nix plane. The point is not novelty for its own sake; the point is a machine that can move forward and roll back without dragging your working environment through the blast radius.
Architecture
moss owns /usr, the kernel, initrd, boot entries, firmware, Mesa, PipeWire, portals, and the compositor. It is the hard layer.
onix-nix-integration seeds nix-daemon, nixbld users, defaults, shell hooks, runtime dirs, and graphics bridge state.
Nix owns /nix, user profiles, dev shells, flakes, language stacks, and GUI leaf apps. It is the living workspace.
Ownership contract
ONIX should make ownership boring and visible. If a rollback happens, you should know exactly which plane moved and which one stayed still.
| Surface | Owner | Reason |
|---|---|---|
/usr |
moss | stateless machine payload |
/.moss |
moss | content store and transaction history |
/boot |
moss | kernel, initrd, BLS entries |
/etc/nix |
onix-nix-integration | declared defaults, no installer drift |
/nix |
Nix | persistent store, daemon, profiles |
/run/opengl-driver |
ONIX seam | host graphics bridge for Nix apps |
CLI shape
$ onix status
active fstx: 6649-a17c
boot entry: onix-6649-a17c.conf
nix daemon: healthy
etc drift: 2 local overrides
opengl: coherent
$ onix rollback
plane: machine
/nix: untouched
The quarry host is scaffolding: build moss, boulder, and the first stones there, then discard it.
Busybox first, uutils after proof, and only the essentials. Nix covers the long tail.
/run/opengl-driver is the bridge where Nix GUI apps meet the active machine stack.
Validation
nix profile install nixpkgs#ripgrep, reboot, and confirm it remains on PATH.
Roll machine state back and verify profiles, store, and daemon remain consistent.
moss state prune and nix store gc run back-to-back without cross-corruption.
Rollback Mesa and confirm Nix GUI apps render against the previous active stack.
Roadmap
moss and boulder running on the Alpine musl quarry
first self-owned musl stone set and local repo
bootable ONIX VM with moss state rollback
multi-user Nix plane with independent rollback tests
Wayland, Mesa, portals, and the OpenGL bridge
Website
The Rust generator emits plain files to dist/. GitHub Actions publishes that directory to gh-pages with CNAME set to onix-os.com.
nix develop
just build
just serve