Goodbye Windows: Securix and Bureautix, the state's Linux with the names of indomitable Gauls

April 11, 2026 • 09:33  

We often talk about digital sovereignty, but concretely, what would we do? The answer would be in two names: Securix and Bureautix. By relying on NixOS, a radically different Linux distribution, the government is quietly preparing for the post-Windows era for its agents.

Before imagining Windows disappearing overnight from all French administrations, let's lay the foundations. The migration announced this week concerns 250 agents, not 2.5 million. But behind this modest figure lies a much more ambitious technical project: Securix.

The information circulating about a "homemade NixOS distribution" developed by the government is both true and more subtle than it seems. Technically, this is not a fork, but a hardened configuration built on NixOS.

It all started with an interministerial seminar organised on 8 April 2026 by the DINUM, at the initiative of Prime Minister Sébastien Lecornu. On this occasion, the Interministerial Digital Directorate made official its own exit from Windows in favor of Linux, a symbolic announcement that concerns about 250 agents, but which highlights Sécurix, the technical foundation on which this switch is based.

To go further
France announces a crucial step towards its exit from Windows

According to the latest elements of the cloud-gov ecosystem, the DINUM (Interministerial Directorate for Digital Affairs) is developing a software brick called Sécurix, the code of which is published on GitHub under an MIT license.

It would not be a simple operating system, but a workstation base. Developed within the DIPUM (Interministerial Product Operator) department, Securix serves as a technical basis for creating highly secure working environments.

The actual scope of this migration remains modest: 234 agents at the DINUM. But it is part of a much broader movement. At the same time, the National Health Insurance Fund has announced the migration of its 80,000 agents to the tools of the interministerial digital base: Tchap for messaging, Visio for meetings and FranceTransfert for the exchange of documents. It is at this scale that the seesaw begins to weigh.

This is where Bureautix comes in: it would not be a commercial product, but an "example" of a typical office configuration, which shows how to transform this raw base into a daily tool for a state agent.

The choice of NixOS as the technical foundation would not be a coincidence. Unlike a traditional Linux distribution, NixOS allows for declarative management. In other words, the desired state of the system is described in a configuration file, and the machine builds itself in the same way, every time. For the State, this makes it possible to have a controlled, auditable and, above all, sovereign IT equipment.

Securix: the DINUM's digital safe

The Securix project is currently in the alpha phase and does not yet offer support, but its ambitions are already very clear. It would be a reinstantiable model capable of adapting to several critical use cases: multi-agent workstations, exclusive intranet access or high-level system administration. We are talking about an infrastructure designed to comply with the strictest recommendations of the ANSSI.

Technically, this base would integrate robust defense mechanisms. These would include TPM2 chip management, data encryption via Yubikey physical keys (LUKS FIDO2) and centralized enrollment for Secure Boot. The idea would be to ensure that only state-validated code can run on the machine. For secrets management, tools such as Vault or age would be part of the package, which will further strengthen the protective barrier.

But what would make Securix truly unique is its ability to reproduce. Thanks to NixOS, if a workstation is corrupted or fails, it would be enough to redeploy its configuration to find a healthy system in a few minutes. This is a clean break from the Windows model, where each machine ends up having its own "life" and flaws over time.

The DINUM is not going it alone. Each ministry, including public operators, will have to formalise its own plan to reduce non-European dependencies by autumn 2026, focusing on seven areas: workstations, collaborative tools, antivirus, artificial intelligence, databases, virtualisation and network equipment. A restrictive timetable supported by the Minister Delegate for Digital Affairs Anne Le Hénanff, who already warned in 2023, as a deputy, about "the Microsoft trap".

Bureautix: the workstation "as code"

Bureautix, for its part, would serve as a demonstrator. This project would show how to take the Securix brick and add the layers necessary for administrative use: office suite, communication tools and access to sovereign services of the State. This would be proof by example that we can do without proprietary American solutions for daily tasks.

The most radical point? Bureautix would do without a traditional centralized directory like Microsoft's Active Directory. Instead, it would rely on a static directory managed like code in a Git repository. New users or changes in rights would be distributed via system updates. It is a simplified approach that would drastically reduce dependencies on heavy and often vulnerable infrastructure.

The rest of the story would remain to be written. If Sécurix is still at the experimental stage, it would be perfectly aligned with France's "Trusted Cloud" strategy. The idea would be to have sovereign servers on the one hand, and "secure clients" on the other, perfectly integrated into this ecosystem.

The DINUM has also planned to organise the first "digital industrial meetings" in June 2026, which are supposed to concretise a public-private alliance for European sovereignty. There remains a precedent that calls for caution: the city of Munich, which had switched its administration to Linux before backtracking a decade later. Digital sovereignty cannot be decreed, it is built over time, and rarely resists changes in majority alone.