Thymis: Web-Based Dashboard and Device Provisioning for NixOS

elikoga · February 18, 2025, 4:04pm

Glad to announce! We just released Version 0.3.0, which finally allows you to deploy the controller on the public internet, available via HTTPS and manage Raspberry Pis, which then can be deployed in Push-Mode (build on controller, activate on device) even behind NAT or a Firewall allowing only HTTP(S) WebSocket connections.

See changes here: Release Release 0.3.0 · Thymis-io/thymis · GitHub

elikoga · February 28, 2025, 4:50pm

I’m glad to announce another release of Thymis, this time the 0.4.0:

New features/Major Changes:

Automatic rollback if new configuration fails to connect to the controller
UI for git staging area and commiting
Allow selecting configurations to deploy, as well as all configurations
Showing currently connected devices in devices page
Add device support: Generic x86-64 Devices with USB Stick Installer

See changes here: Release Release 0.4.0 · Thymis-io/thymis · GitHub

MSchmoecker · April 11, 2025, 11:29am

Thymis 0.5.0 has just been released!

Major Changes:

Added secret management
Fixed unresponsive navigation when the page invalidates data at the same time

See the changes here: Release Release 0.5.0 · Thymis-io/thymis · GitHub

MSchmoecker · June 4, 2025, 12:37pm

Thymis 0.6.0 has been released!

Major Changes:

Added saving of device logs in the database. GUI is planned for the next release
Added artifact management to allow placment of files on devices

See the changes here: Release Release 0.6.0 · Thymis-io/thymis · GitHub

doronbehar · June 12, 2025, 11:59am

Hey! Thanks for sharing this software, it looks great. I was wondering, how would you compare your product to Balena?

I am currently using their dashboard with one of the obsolete armv7l machines. At the time, I could only dream on using Nix for my (hobby) project, because cross compiling is hard and expensive in terms of computing resources, and Balena is (by default) building the images on their servers, and especially because the distributions they use (Ubuntu / Debian etc.) also provide natively built armv7l packages ready to use.

elikoga · June 16, 2025, 6:19pm

We directly compare Thymis to Balena. The project includes the web-ui management in the open source part, compared to OpenBalena though, and of course we use Nix/NixOS.

Currently we focus on Raspberry Pi 3/4/5 support and do not currently target any armv7l devices.

Of course we are much less far along with development and feature-set than the Balena project due to different resources, however you have quite a bit more flexibility with what you can achieve with our system using the flexibility that NixOS provides.

doronbehar · June 16, 2025, 9:09pm

Wow OK good to know. I’m sorry if I have missed something in the documentation (it seems incomplete so I’m sure you’d forgive me :)), but do you handle cross compilation from x86_64-linux to aarch64-linux? If so, would it be too hard to similarly support cross compiling to armv7l-linux?

elikoga · June 16, 2025, 11:41pm

Yes, we are aware and it’s somewhere on our agenda. We have provided some of our pilot partnerships specific usage instructions as well as guidance but we have not written comprehensive docs for now.

When we build aarch64-linux systems on x86_64-linux, we use the linux kernel binfmt feature with QEMU activated via boot.binfmt.emulatedSystems, which we also activate for you in our NixOS module per default unless you deactivate this. This allows the builds to use hydra’s native aarch64-linux packages and store paths to avoid compiling every single intermediate which immensely speeds up builds, while taking a performance penalty during actual compilation.

For our hosted Thymis instances which we provide to our pilot partners and which we aim to provide to the public in the near future, if ARM systems are targeted, we use native ARM VMs to run the builds, which is the fastest solution.

No technical difficulty except for a large time sink to compile everything from scratch, as well as an ongoing infrastructure cost to store the armv7 Store Paths in a binary cache. If nixpkgs is not up to date with respect to changes specific to armv7 there is a slight integration pain as well.

Do you have a specific device or image in mind to build?

doronbehar · June 17, 2025, 9:14am

I see. Indeed the lack of cached store paths remains the main thing I lack. See also:

github.com/NixOS/infra

armv7 Hydra channel?

opened 03:28PM - 09 Oct 22 UTC

doronbehar

enhancement

**Is your feature request related to a problem? Please describe.** At my work… we often use Armv7 devices like Raspberry Pi. Often my colleagues complain about issues with outdated packages in the default Debian systems these devices use by default and the lack of declarative management of their deployments. Naturally Nix is the answer. However, these devices usually have low memory & CPU power, making it hard to build full systems on them. **Describe the solution you'd like** Taking https://github.com/NixOS/nixos-org-configurations/pull/142 as an example, is it that simple and legitimate to add a channel for an architecture? Having an armv7 channel building and caching armv7 builds would enable me to dramatically change the experience with such devices. **Describe alternatives you've considered** [nixbuild](https://nixbuild.net/) seems like an awesome service that could benefit teams such as those I occupy. However, I still think that a tier 1 support for armv7 could motivate many big software companies to use Nix, see e.g [this](https://forums.balena.io/t/nixos-support-for-balena/192380). Also, nixbuild's pricing is the fairest I could have imagined, but as a junior in a non Nix team, it's hard to convince people to use such a service which even myself is not experienced with. **Additional context** https://github.com/NixOS/nixpkgs/issues/83049

And for native building using the community’s aarch64-linux build box, I now found out it has retired…

When I’ll actually find time to transition my project to Nix, I think I’ll put my efforts in cross compiling, and maintaining my own cache.

Yes. It is a hobby project - a sound system connected to the local home network. I’m using the BalenaFin device, which to my understanding is identical to Raspberry Pi 3 in most software / firmware related aspects. The main feature of it, which also forces me to use armv7 on it and not aarch64, is the fact it is connected to this sound card and it uses this closed source firmware.

pbsds · June 18, 2025, 3:43pm

Community builders - Nix Community however the big warning about security still applies.

doronbehar · June 20, 2025, 9:04am

Oh so these are not the same builders! Thanks for pointing that out. It would have been nice if that big warning added in this commit by @hexa would have mentioned that - the archived state of the repo doesn’t allow a PR…

MSchmoecker · July 23, 2025, 10:24am

Thymis 0.6.1 has been released with some fixes like deleting older logs from the database. Additionally it includes a copy ssh command button to connect to devices from any terminal over the network relay. See the full changelog here: Release Release 0.6.1 · Thymis-io/thymis · GitHub

elikoga · August 14, 2025, 3:40pm

We have published updated and extended documentation for Thymis:
https://thymis.io/docs

Feedback and suggestions are welcome.

elikoga · September 1, 2025, 5:57pm

Just a small announcement: You can now click Thymis as a SaaS using our Thymis Cloud offering.

Check out Pricing - Thymis if you’re interested

elikoga · November 3, 2025, 12:56pm

We have released Thymis 0.7.0 with an improved external repository UI and Bash + Python code modules!

See the full changelog here: Release Release 0.7.0 · Thymis-io/thymis · GitHub