diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5ace4600a1f26e6892982f3e2f069ebfab108d87
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000000000000000000000000000000000000..2cb9c381918ca6749e93e7d49aef071a4eb7c3da
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,75 @@
+name: "Build and populate cache"
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - master
+  schedule:
+    # rebuild everyday at 2:51
+    # TIP: Choose a random time here so not all repositories are build at once:
+    # https://www.random.org/clock-times/?num=1&earliest=01%3A00&latest=08%3A00&interval=5&format=html&rnd=new
+    - cron:  '51 2 * * *'
+jobs:
+  tests:
+    strategy:
+      matrix:
+        # Set this to notify the global nur package registry that changes are
+        # available.
+        #
+        # The repo name as used in
+        # https://github.com/nix-community/NUR/blob/master/repos.json
+        nurRepo:
+          - <YOUR_REPO_NAME>
+        # Set this to cache your build results in cachix for faster builds
+        # in CI and for everyone who uses your cache.
+        #
+        # Format: Your cachix cache host name without the ".cachix.org" suffix.
+        # Example: mycache (for mycache.cachix.org)
+        #
+        # For this to work, you also need to set the CACHIX_SIGNING_KEY or
+        # CACHIX_AUTH_TOKEN secret in your repository secrets settings in
+        # Github found at
+        # https://github.com/<your_githubname>/nur-packages/settings/secrets
+        cachixName:
+          - <YOUR_CACHIX_NAME>
+        nixPath:
+          - nixpkgs=channel:nixos-unstable
+          - nixpkgs=channel:nixpkgs-unstable
+          - nixpkgs=channel:nixos-23.05
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    - name: Install nix
+      uses: cachix/install-nix-action@v22
+      with:
+        nix_path: "${{ matrix.nixPath }}"
+        extra_nix_config: |
+          experimental-features = nix-command flakes
+          access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+    - name: Show nixpkgs version
+      run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
+    - name: Setup cachix
+      uses: cachix/cachix-action@v12
+      # Don't replace <YOUR_CACHIX_NAME> here!
+      if: ${{ matrix.cachixName != '<YOUR_CACHIX_NAME>' }}
+      with:
+        name: ${{ matrix.cachixName }}
+        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+    - name: Check evaluation
+      run: |
+        nix-env -f . -qa \* --meta --xml \
+          --allowed-uris https://static.rust-lang.org \
+          --option restrict-eval true \
+          --option allow-import-from-derivation true \
+          --drv-path --show-trace \
+          -I nixpkgs=$(nix-instantiate --find-file nixpkgs) \
+          -I $PWD
+    - name: Build nix packages
+      run: nix shell -f '<nixpkgs>' nix-build-uncached -c nix-build-uncached ci.nix -A cacheOutputs
+    - name: Trigger NUR update
+      # Don't replace <YOUR_REPO_NAME> here!
+      if: ${{ matrix.nurRepo != '<YOUR_REPO_NAME>' }}
+      run: curl -XPOST "https://nur-update.nix-community.org/update?repo=${{ matrix.nurRepo }}"
diff --git a/ci.nix b/ci.nix
new file mode 100644
index 0000000000000000000000000000000000000000..22b1352761a22be6fb657c15eaa917f446d4394e
--- /dev/null
+++ b/ci.nix
@@ -0,0 +1,53 @@
+# This file provides all the buildable and cacheable packages and
+# package outputs in your package set. These are what gets built by CI,
+# so if you correctly mark packages as
+#
+# - broken (using `meta.broken`),
+# - unfree (using `meta.license.free`), and
+# - locally built (using `preferLocalBuild`)
+#
+# then your CI will be able to build and cache only those packages for
+# which this is possible.
+
+{ pkgs ? import <nixpkgs> { } }:
+
+with builtins;
+let
+  isReserved = n: n == "lib" || n == "overlays" || n == "modules";
+  isDerivation = p: isAttrs p && p ? type && p.type == "derivation";
+  isBuildable = p: !(p.meta.broken or false) && p.meta.license.free or true;
+  isCacheable = p: !(p.preferLocalBuild or false);
+  shouldRecurseForDerivations = p: isAttrs p && p.recurseForDerivations or false;
+
+  nameValuePair = n: v: { name = n; value = v; };
+
+  concatMap = builtins.concatMap or (f: xs: concatLists (map f xs));
+
+  flattenPkgs = s:
+    let
+      f = p:
+        if shouldRecurseForDerivations p then flattenPkgs p
+        else if isDerivation p then [ p ]
+        else [ ];
+    in
+    concatMap f (attrValues s);
+
+  outputsOf = p: map (o: p.${o}) p.outputs;
+
+  nurAttrs = import ./default.nix { inherit pkgs; };
+
+  nurPkgs =
+    flattenPkgs
+      (listToAttrs
+        (map (n: nameValuePair n nurAttrs.${n})
+          (filter (n: !isReserved n)
+            (attrNames nurAttrs))));
+
+in
+rec {
+  buildPkgs = filter isBuildable nurPkgs;
+  cachePkgs = filter isCacheable buildPkgs;
+
+  buildOutputs = concatMap outputsOf buildPkgs;
+  cacheOutputs = concatMap outputsOf cachePkgs;
+}
diff --git a/lib/default.nix b/lib/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..a7fab1d2be536ab904a73a62194297419e60fdb4
--- /dev/null
+++ b/lib/default.nix
@@ -0,0 +1,7 @@
+{ pkgs }:
+
+with pkgs.lib; {
+  # Add your library functions here
+  #
+  # hexint = x: hexvals.${toLower x};
+}
diff --git a/modules/default.nix b/modules/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ff6c7c0c429f0a38db757dd4f19e910dd5783deb
--- /dev/null
+++ b/modules/default.nix
@@ -0,0 +1,5 @@
+{
+  # Add your NixOS modules here
+  #
+  # my-module = ./my-module;
+}
diff --git a/overlay.nix b/overlay.nix
new file mode 100644
index 0000000000000000000000000000000000000000..bff7396a70d9bb78a88226f72f467f073eb18ef3
--- /dev/null
+++ b/overlay.nix
@@ -0,0 +1,15 @@
+# You can use this file as a nixpkgs overlay. This is useful in the
+# case where you don't want to add the whole NUR namespace to your
+# configuration.
+
+self: super:
+let
+  isReserved = n: n == "lib" || n == "overlays" || n == "modules";
+  nameValuePair = n: v: { name = n; value = v; };
+  nurAttrs = import ./default.nix { pkgs = super; };
+
+in
+builtins.listToAttrs
+  (map (n: nameValuePair n nurAttrs.${n})
+    (builtins.filter (n: !isReserved n)
+      (builtins.attrNames nurAttrs)))
diff --git a/overlays/default.nix b/overlays/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..0c2d870dddf36697ed50cda0acee515a8e9b994f
--- /dev/null
+++ b/overlays/default.nix
@@ -0,0 +1,5 @@
+{
+  # Add your overlays here
+  #
+  # my-overlay = import ./my-overlay;
+}