Packaging
Nexus OS uses a unified packaging system that handles everything from 8-bit sensor firmware to full desktop applications. The package manager (nip) can graft packages from any ecosystem — Linux, BSD, Nix, Windows — and wrap them in sovereign isolation.
Components
- nip — The universal package manager
- NipCells — Lightweight isolation containers
- Nexters — Heavy containers that replace Docker
Package Taxonomy
Every package in Nexus has a type that describes its proximity to hardware:
| Type | Name | Purpose | Example |
|---|---|---|---|
| NPS | Nip Sensor | Single-purpose sensor firmware | Temperature probe |
| NPL | Nip Library | Drivers and kernel-adjacent filters | WiFi driver, printer driver |
| NPX | Nip eXtension | Hot-loadable hooks (replaces eBPF) | Packet filter, tracing |
| NPM | Nip Module | Pure logic libraries | Orbital math, crypto |
| NPK | Nip Package | End-user applications | Firefox, KDE, terminal |
| NPI | Nip Interface | API bridges | HTTP adapter, gRPC bridge |
Grafting
Nexus does not maintain a separate package ecosystem from scratch. Instead, it grafts packages from existing ecosystems:
| Source | What's Grafted | Why |
|---|---|---|
| Linux (Chimera) | GPU, WiFi, and hardware drivers | Immediate hardware support |
| OpenBSD | Security primitives (pledge/unveil logic) | Best-in-class security |
| NetBSD | Rump kernels (temporary TCP/IP shim) | Usable network stack |
| Alpine | musl, busybox | Minimal POSIX shim |
| Nix | Package recipes and dependency graphs | Battle-tested package definitions |
The grafting process:
nipfetches the foreign package- Strips bloat (docs, debug symbols, unnecessary dependencies)
- Applies security constraints (pledge mask, capability set)
- Compiles into a deterministic
.np*Cell with a Variant-CID - Signs the result with Ed25519
The output is a sovereign package that runs under Nexus security constraints, regardless of where the original code came from.
GoboLinux-Style Hierarchy
All packages are installed in a GoboLinux-style directory structure:
/Programs/
├── Firefox/
│ ├── 120.0/
│ │ ├── bin/
│ │ ├── lib/
│ │ └── manifest.bkdl
│ └── current → 120.0
├── ToyBox/
│ ├── 0.8.11/
│ └── current → 0.8.11Each program owns its directory. Each version is separate. A current symlink points to the active version. Switching versions is an atomic symlink update.