3.9 KiB
NIP Profiles
NIP supports two types of profiles for different purposes:
1. Security Profiles (Nippels)
Security profiles define isolation levels and security settings for Nippels (user-level application environments). These profiles determine how applications are isolated and what system resources they can access.
Available Security Profiles
| Profile | Isolation | Desktop | Network | Use Case |
|---|---|---|---|---|
| Workstation | Standard | Yes | Full | Work computers with desktop integration |
| Homestation | Standard | Yes | Relaxed | Home use (default profile) |
| Satellite | Strict | Yes | Limited | Laptops and mobile devices |
| Network/IOT | Strict | No | Minimal | Embedded devices and IoT |
| Server | Strict | No | Controlled | Server deployments |
Security Profile Files
security/workstation.kdl- Workstation security profilesecurity/homestation.kdl- Homestation security profile (default)security/satellite.kdl- Satellite/mobile security profilesecurity/network-iot.kdl- Network/IOT security profilesecurity/server.kdl- Server security profile
Usage
# Create Nippel with specific security profile
nip cell create dev-env --profile Workstation
# Create with custom isolation
nip cell create secure-env --profile Satellite --isolation Strict
2. Build Profiles
Build profiles define compiler flags, optimization levels, and domain-specific features for building packages from source. These profiles determine how packages are compiled and what features are enabled.
Available Build Profiles
build/desktop.kdl- Desktop workstation build configurationbuild/server.kdl- Production server build configurationbuild/minimal.kdl- Minimal/embedded build configurationbuild/developer.kdl- Development build configurationbuild/gaming-rig.kdl- Gaming-optimized build configurationbuild/ml-workstation.kdl- Machine learning workstation configurationbuild/fleet-node.kdl- Fleet management node configuration
Build Profile Structure
Build profiles define:
- Domain flags: Feature domains (init, runtime, graphics, audio, security, etc.)
- Compiler settings: CFLAGS, CXXFLAGS, LDFLAGS, MAKEFLAGS
- Optimization levels: -O2, -O3, -Os, LTO, etc.
- Security hardening: PIE, RELRO, stack protector, fortify
Usage
# Build package with specific profile
nip build vim --profile desktop
# Build with custom flags
nip build nginx --profile server +ssl+http2
3. Custom Profiles
You can create custom profiles by copying and modifying existing profiles:
# Copy existing profile
cp nip/profiles/security/homestation.kdl ~/.config/nip/profiles/security/my-profile.kdl
# Edit to customize
vim ~/.config/nip/profiles/security/my-profile.kdl
# Use custom profile
nip cell create my-env --profile my-profile
Profile Search Order
NIP searches for profiles in this order:
~/.config/nip/profiles/(user profiles)/etc/nip/profiles/(system profiles)<nip-install>/profiles/(default profiles)
Examples
See the examples/ directory for additional profile examples:
examples/gaming-rig.kdl- Gaming-optimized configurationexamples/ml-workstation.kdl- Machine learning workstationexamples/developer.kdl- Developer workstation
Documentation
For more information:
- Nippels Documentation - Security profiles and isolation
- Build System Documentation - Build profiles and compilation
- Profile Specification - Technical specification
Contributing
When creating new profiles:
- Follow the KDL format used in existing profiles
- Document the profile's purpose and use case
- Test the profile with common packages
- Submit a pull request with your profile
Profile System Version: 1.0 Last Updated: November 18, 2025