Иммутабельный конфиг NixOS
Go to file
2023-12-20 18:29:39 +04:00
letsencrypt ACME dnsPropagationCheck = false 2023-12-20 18:29:39 +04:00
resources fix resources/limits.txt but do not use them for now 2023-11-18 19:26:52 +04:00
sp-modules Revert "Revert "Revert "add wildcard ACME certificate""" 2023-12-20 17:43:47 +04:00
webserver Revert "Revert "Revert "add wildcard ACME certificate""" 2023-12-20 17:43:47 +04:00
.gitignore .gitignore: /result 2023-11-06 11:11:34 +04:00
configuration.nix nix.channel.enable = false since we're on flakes 2023-12-20 17:43:46 +04:00
flake.lock API module: systemd service Type = "oneshot" 2023-12-20 18:21:51 +04:00
flake.nix get rid of files.nix; ACME/credentialsFile and other cleanup 2023-12-18 07:49:27 +04:00
LICENSE Изменил(а) на 'LICENSE' 2021-11-18 10:08:19 +02:00
README.md Update README 2021-11-16 19:22:36 +03:00
selfprivacy-module.nix get rid of files.nix; ACME/credentialsFile and other cleanup 2023-12-18 07:49:27 +04:00
users.nix selfprivacy.userdata -> selfprivacy; SP modules -> selfprivacy.modules 2023-11-16 04:00:15 +04:00
volumes.nix selfprivacy.userdata -> selfprivacy; SP modules -> selfprivacy.modules 2023-11-16 04:00:15 +04:00

SelfPrivacy NixOS configuration

This is a NixOS config which builds a SelfPrivacy server distribution based on data provided in userdata/userdata.json.

JSON schema is provided in userdata/schema.json for reference.

hardware-configuration.nix is not included.

Example JSON config:

{
    "backblaze": {
        "accountId": "BACKBLAZE_KEY_ID",
        "accountKey": "BACKBLAZE_ACCOUNT_KEY",
        "bucket": "BACKBLAZE_BUCKET_NAME"
    },
    "api": {
        "token": "API_TOKEN",
        "enableSwagger": false
    },
    "bitwarden": {
        "enable": true
    },
    "cloudflare": {
        "apiKey": "CF_TOKEN"
    },
    "databasePassword": "DB_PASSWORD",
    "domain": "DOMAIN",
    "hashedMasterPassword": "HASHED_PASSWORD",
    "hostname": "DOMAIN",
    "nextcloud": {
        "enable": true,
        "adminPassword": "PASSWORD",
        "databasePassword": "PASSWORD"
    },
    "gitea": {
        "enable": true
    },
    "jitsi": {
        "enable": true
    },
    "ocserv": {
        "enable": true
    },
    "pleroma": {
        "enable": true
    },
    "timezone": "Europe/Moscow",
    "resticPassword": "PASSWORD",
    "ssh": {
        "enable": true,
        "rootSshKeys": [
            "ssh-ed25519 KEY user@host"
        ],
        "passwordAuthentication": true
    },
    "username": "LUSER",
    "users": [
        {
            "hashedPassword": "OTHER_USER_HASHED_PASSWORD",
            "username": "OTHER_USER"
        }
    ]
}