ks.systems
Keystone — an operating system for owning your infrastructure: a fleet of NixOS hosts in one git flake, with secure boot, encrypted storage, self-hosted services, and OS-level AI agents.
Keystone is a mission-focused operating system and suite of tools for owning your infrastructure. Declare a fleet of hosts — workstation, laptop, server, offsite — in one git-committed flake, then bring them up with encrypted storage, secure boot, integrated services, and autonomous AI agents running under real system identity.
Highlights
- Bare-metal NixOS installs with Lanzaboote Secure Boot, LUKS + TPM2 auto-unlock, and ZFS — also deployable via nix-darwin and WSL.
- Self-hosted services with one-toggle TLS, reverse proxy, and DNS (Immich, Forgejo, Vaultwarden, Grafana, and more).
- OS agents: service-account identities with their own mail, git workspace, and task queue that fetch issues, write code, and open PRs on your hardware.