Иммутабельный конфиг NixOS
Go to file
Alexander Tomokhov b9dad899de pass /etc/nixos folder as an input to override
This way it is expected to have access to this path from build results,
making it possible to reproduce the build.
2023-11-08 16:27:52 +04:00
api feat: update API deps 2023-10-18 13:59:42 +03:00
git revert(gitea): Nix deprecations x2 2023-03-20 18:39:41 +03:00
letsencrypt fix(acme): add dns propagation check exceptions 2023-10-18 13:59:42 +03:00
mailserver/system chore(mailserver): Bump Mailserver to 22.11 release 2023-03-17 15:05:21 +03:00
nextcloud chore(nextcloud): Upgrade Nextcloud to v25 2023-03-17 14:38:11 +03:00
passmgr fix: Make bitwarden read the env file 2023-05-14 17:22:09 +03:00
resources Initial commit 2021-11-15 13:02:05 +03:00
social Switched to binds, volume management, new API 2022-08-26 14:21:05 +04:00
userdata Move secrets out of Nix Store (#19) 2022-07-19 15:18:46 +03:00
videomeet roll back the roll back 2022-02-16 11:06:51 +03:00
vpn Add groups to users 2022-04-20 13:22:16 +03:00
webserver fix: acme retrieval 2023-10-18 13:59:42 +03:00
.gitignore use hardware-configuration.nix as a flake input 2023-08-23 00:37:16 +04:00
configuration.nix feat(ssh): Allow ecdsa-sha2-nistp256 keys 2023-10-18 13:59:42 +03:00
files.nix fix: permissions for vaultwarden backups were too broad 2023-10-18 13:59:42 +03:00
flake.lock pass /etc/nixos folder as an input to override 2023-11-08 16:27:52 +04:00
flake.nix pass /etc/nixos folder as an input to override 2023-11-08 16:27:52 +04:00
hardware-configuration.nix don't pass selfprivacy-overlay to configuration.nix; nix flake lock 2023-08-23 02:06:33 +04:00
LICENSE Изменил(а) на 'LICENSE' 2021-11-18 10:08:19 +02:00
README.md readme: add build command for flakes 2023-09-18 17:23:22 +04:00
users.nix Move secrets out of Nix Store (#19) 2022-07-19 15:18:46 +03:00
variables-module.nix feat: update API deps 2023-10-18 13:59:42 +03:00
variables.nix feat: update API deps 2023-10-18 13:59:42 +03:00
volumes.nix Switched to binds, volume management, new API 2022-08-26 14:21:05 +04:00

SelfPrivacy NixOS configuration

This is a NixOS config which builds a SelfPrivacy server distribution based on data provided in userdata/userdata.json.

JSON schema is provided in userdata/schema.json for reference.

hardware-configuration.nix is not included.

Example JSON config:

{
    "backblaze": {
        "accountId": "BACKBLAZE_KEY_ID",
        "accountKey": "BACKBLAZE_ACCOUNT_KEY",
        "bucket": "BACKBLAZE_BUCKET_NAME"
    },
    "api": {
        "token": "API_TOKEN",
        "enableSwagger": false
    },
    "bitwarden": {
        "enable": true
    },
    "cloudflare": {
        "apiKey": "CF_TOKEN"
    },
    "databasePassword": "DB_PASSWORD",
    "domain": "DOMAIN",
    "hashedMasterPassword": "HASHED_PASSWORD",
    "hostname": "DOMAIN",
    "nextcloud": {
        "enable": true,
        "adminPassword": "PASSWORD",
        "databasePassword": "PASSWORD"
    },
    "gitea": {
        "enable": true
    },
    "jitsi": {
        "enable": true
    },
    "ocserv": {
        "enable": true
    },
    "pleroma": {
        "enable": true
    },
    "timezone": "Europe/Moscow",
    "resticPassword": "PASSWORD",
    "ssh": {
        "enable": true,
        "rootSshKeys": [
            "ssh-ed25519 KEY user@host"
        ],
        "passwordAuthentication": true
    },
    "username": "LUSER",
    "users": [
        {
            "hashedPassword": "OTHER_USER_HASHED_PASSWORD",
            "username": "OTHER_USER"
        }
    ]
}

flakes edition

Build with:

$ nixos-rebuild build --flake .#just-nixos