NixFleet

About Arcanesys

Why we built this. Why now. What this is not.

01Why we built this

We managed NixOS fleets for years before we built NixFleet. The four crises listed on the home page are not academic. They were the daily texture of operations: configuration drift on infrastructure we could not prove was identical, sovereignty exposure on cloud control planes we did not control, security bolted on by detection tools we could not reason about, and compliance produced as PDFs by humans rather than as signed evidence by the system.

NixFleet is the framework we wanted: the signed-artifact chain end-to-end, magic rollback as a protocol property, compliance as a release gate. The point is not novelty. The point is that each of these properties already exists in the Nix model. We assembled them.

02Why now

NIS2 transposition deadlines have passed. DORA is applicable to financial entities since January 2025. ANSSI BP-028 v2.0 is the reference for French infrastructure hardening. Operators under these regimes need declarative tooling that produces signed evidence as a side effect of normal operation, not a separate compliance project layered on top of an imperative stack.

03What this is not

04Founders

Pilot enquiries: contact@arcanesys.fr. Security reports: security@arcanesys.fr.

05Where to find the code

Open a conversation →

Run a 3-month pilot. 5–15 hosts. Free.

Move your regulated workloads to a declarative substrate. Keep the rest where it is. We help you stand up the regulated zone with signed evidence ready for your auditor, whether you already run NixOS or migrate from Ansible / Puppet / Chef during the 12 weeks.

Book a 15-min call