Rugix 1.0
We are thrilled to announce the release of Rugix Ctrl 1.0 and Rugix Bakery 0.9. π
With Rugix already powering tens of thousands of devices worldwide, this milestone felt overdue. But we didn't want to rush it. We wanted to get things right, and we believe this release reflects that.
The Journey to 1.0β
When we introduced the project back in July 2023, under its original name Rugpi, it was a Raspberry Pi-focused experiment built around Raspberry Pi's tryboot mechanism. Over the past three years, it has grown far beyond that.
With v0.5 we ended the experimental phase and committed to backwards-compatible updates. v0.6 overhauled the build pipeline of what is now Rugix Bakery with a Docker-inspired layer system and shareable repositories. We added U-Boot support, then expanded to generic EFI systems via Grub in v0.7, and eventually introduced fully custom boot flows that let Rugix work with any bootloader.
Having outgrown Raspberry Pi, we renamed the project to Rugix in v0.8 and separated it into two independent tools. We introduced a dedicated bundle format supporting arbitrary update configurations, added an integration with Yocto, built best-in-class delta updates backed by comprehensive benchmarks, introduced embedded signatures and compatibility with Mender and RAUC, and published a CRA reference architecture with EY and Cumulocity featuring Rugix as a centerpiece for CRA-compliant products.
Today, Rugix Ctrl is a mature, battle-tested update solution running on production devices across industrial use cases and consumer electronics. The 1.0 release marks our confidence in its stability, its interfaces, and its readiness for long-term production use.
What's New?β
This release is not about flashy new features. It is about consolidation, maturity, and getting the fundamentals right. That being said, here is what's new.
Independent Versioningβ
Starting with this release, Rugix Ctrl and Rugix Bakery are versioned independently. Rugix Ctrl reaches 1.0, while Rugix Bakery moves to 0.9. This reflects their different maturity levels: Rugix Ctrl's core update mechanism, boot flows, and interfaces are stable and proven in production at scale, while Rugix Bakery is still evolving as we continue to expand its capabilities as a comprehensive development tool for embedded Linux.
Verification Required by Defaultβ
Rugix Ctrl 1.0 now requires bundle verification by default. When installing an update, Rugix Ctrl requires either a valid signature or a known bundle hash. We introduced embedded signatures in v0.8.14, and with 1.0, we are making verification mandatory. Unverified updates must now be explicitly opted into rather than the other way around.
We believe an update solution should be secure by default, not secure by configuration. With regulations like the EU Cyber Resilience Act on the horizon, ensuring the integrity of every update that reaches your devices is not optional. Making verification the default means that new projects start secure from day one, without having to remember to flip a switch.
Rugix GitHub Organizationβ
Rugix now has its own GitHub organization, giving the project its own home as an open-source effort maintained and driven by Silitics.
This matters because of how we think about Rugix. As we wrote about in detail in our post on avoiding vendor lock-in, there is a growing trend of coupling on-device OTA agents to specific cloud platforms. With device lifecycles of 5 to 15 years, that coupling is a real risk. Rugix keeps the on-device layer and the fleet management backend strictly separate. You can pair Rugix Ctrl with various off-the-shelf fleet management solutions or your own backend, and switch without touching a single device in the field.
Unprivileged Buildsβ
Rugix Bakery 0.9 brings a significant improvement to the build experience: unprivileged builds using (nested) user namespaces and rootless Podman. Previously, building system images required elevated privileges. With 0.9, Rugix Bakery can run entirely without root, making it straightforward to integrate into CI pipelines. This is especially useful for GitLab CI, where you can now use a rootless Podman executor to build your system images.
Yocto Layersβ
Rugix Bakery is designed to get you from zero to a production-ready system image with OTA updates in days, not months. But we recognize that Rugix Bakery does not fit every use case. Many teams rely on Yocto for full-source builds, and we are committed to supporting that workflow too. Our Yocto layers have been maturing steadily. We recently set up dedicated CI infrastructure to test them properly.
Upgrading from v0.8β
Check out the upgrade guide for details on migrating from v0.8 to Rugix Ctrl 1.0 and Rugix Bakery 0.9. Just like the last upgrades, this one is straightforward.
Get Startedβ
Whether you are starting a new project or considering a migration from another solution, there has never been a better time to get started with Rugix. Join our Discord community, and as always, we welcome your feedback and contributions on GitHub. π