RustNix FlakesApache 2.0

MicroVMs, Made Simple

Build and run microVMs on macOS and Linux with reproducible Nix flakes. Sub-5s boot. No SSH. No containers.

curl -fsSL https://raw.githubusercontent.com/auser/mvm/main/install.sh | shCopy

How It Works

Three-Layer Stack

CLI on your host, Lima provides /dev/kvm on macOS, Firecracker runs microVMs inside it.

Nix-Based Builds

Reproducible microVM images from Nix flakes. Cached builds — rebuilds are near-instant.

Headless MicroVMs

No SSH, ever. MicroVMs communicate via Firecracker vsock. The guest agent handles lifecycle.

Integration Health

Workloads register health checks via drop-in JSON. The guest agent polls and reports status.

Templates & Registry

Build reusable base images, version them, share via S3-compatible registry.

Security Posture

Evaluate jailer isolation, seccomp filters, network isolation, and audit logging.

Architecture

macOS / Linux Host

→

Lima VM (Ubuntu + Nix)

→

Firecracker microVM

Guest Drive Model

/dev/vdarootfs

/dev/vdbconfig (ro)

/dev/vdcsecrets (ro)

/dev/vdddata (rw)

Network

MicroVM (172.16.0.2, eth0)| TAP + vsock:52Lima VM (172.16.0.1, tap0) — NAT — internet| LimaHost

Get Running in Minutes

bash

1# Bootstrap everything
2mvmctl dev
3
4# Build a microVM image from a Nix flake
5mvmctl build --flake .
6
7# Boot a headless Firecracker VM
8mvmctl run --flake . --cpus 2 --memory 1024
9
10# Check health via vsock
11mvmctl vm ping

Ready to build your first microVM?

mvm handles bootstrapping, Nix builds, Firecracker lifecycle, and template management — so you can focus on your workload.