From 33e3db9998883ea2207ddca0b976ef3472c20a88 Mon Sep 17 00:00:00 2001 From: naturallaw77 Date: Sun, 29 Mar 2026 07:13:22 -0500 Subject: [PATCH] updated branding and some retooling --- .gitignore.txt | 2 + configuration.nix | 5 +- custom.nix => custom.template.nix | 99 ++++++------------------------- iso/installer.sh | 60 +++++++++++++------ modules/core/role-logic.nix | 4 +- modules/core/roles.nix | 2 +- 6 files changed, 66 insertions(+), 106 deletions(-) create mode 100644 .gitignore.txt rename custom.nix => custom.template.nix (64%) diff --git a/.gitignore.txt b/.gitignore.txt new file mode 100644 index 0000000..e608e23 --- /dev/null +++ b/.gitignore.txt @@ -0,0 +1,2 @@ +custom.nix +role-state.nix diff --git a/configuration.nix b/configuration.nix index a3d3848..712ca06 100644 --- a/configuration.nix +++ b/configuration.nix @@ -3,7 +3,8 @@ { imports = [ ./modules/modules.nix - ./custom.nix + /etc/nixos/role-state.nix + /etc/nixos/custom.nix ./iso/branding.nix ]; @@ -153,13 +154,11 @@ backup /etc/nix-bitcoin-secrets/ localhost/ systemCronJobs = [ "*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/njalla/njalla.sh" "*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/external_ip/external_ip.sh" - "0 0 * * 0 docker-user yes | /run/current-system/sw/bin/docker system prune -a" ]; }; # ── Tor ──────────────────────────────────────────────────── services.tor = { enable = true; client.enable = true; torsocks.enable = true; }; - services.privoxy.enableTor = true; # ── SSH ──────────────────────────────────────────────────── services.openssh = { diff --git a/custom.nix b/custom.template.nix similarity index 64% rename from custom.nix rename to custom.template.nix index 98052ca..d50c99a 100644 --- a/custom.nix +++ b/custom.template.nix @@ -10,7 +10,7 @@ # # # After making changes, rebuild with: # # # - # nixos-rebuild switch --impure # + # sudo nixos-rebuild switch --impure # # # ########################################################### @@ -19,25 +19,16 @@ # STEP 1: CHOOSE YOUR ROLE # ═══════════════════════════════════════════════════════════ # - # Pick ONE role by uncommenting it. If none is chosen, - # you get the Server-Desktop role by default. + # Your initial role was selected during installation. + # To CHANGE your role, uncomment exactly ONE of the lines below. # - # Server-Desktop (default): - # - Full server + desktop environment - # - All services ON by default - # - All features OFF by default - # - # Desktop Only: - # - Desktop environment, no server services - # - All services OFF by default - # - # Bitcoin Node Only: - # - Bitcoin ecosystem, mempool, bip110 - # - BTCPay runs but is NOT exposed to the web - # - All other services OFF by default + # Server+Desktop: Full server + desktop environment + # Desktop Only: Desktop environment, no server services + # Node (Bitcoin Only): Bitcoin ecosystem # # ─────────────────────────────────────────────────────────── + # sovran_systemsOS.roles.server_plus_desktop = true; # sovran_systemsOS.roles.desktop = true; # sovran_systemsOS.roles.node = true; @@ -46,7 +37,7 @@ # STEP 2: SERVICES (default: ON) # ═══════════════════════════════════════════════════════════ # - # These are all ON by default in the Server-Desktop role. + # These are all ON by default in the Server+Desktop role. # Set any to "false" to disable it. # # ┌─────────────────────┬────────────────────────────────┐ @@ -67,53 +58,41 @@ # # ─────────────────────────────────────────────────────────── - # sovran_systemsOS.services.synapse = false; - # sovran_systemsOS.services.bitcoin = false; - # sovran_systemsOS.services.vaultwarden = false; # sovran_systemsOS.services.wordpress = false; - # sovran_systemsOS.services.nextcloud = false; # ═══════════════════════════════════════════════════════════ # STEP 3: FEATURES (default: OFF) # ═══════════════════════════════════════════════════════════ # - # These are all OFF by default. Set to "true" to enable. + # These are OFF by default. Set to "true" to enable. # # ┌─────────────────────┬────────────────────────────────┐ # │ Feature │ What it does │ # ├─────────────────────┼────────────────────────────────┤ - # │ haven │ Haven NOSTR relay │ - # │ │ (requires nostr_npub below) │ - # │ element-calling │ Element video/audio calls │ - # │ │ (LiveKit + lk-jwt-service) │ - # │ mempool │ Bitcoin Mempool Explorer │ + # │ haven │ Haven NOSTR relay & Blossom │ # │ bip110 │ BIP-110 Bitcoin Better Money │ - # │ bitcoin-core │ Bitcoin Core (standalone) │ + # │ mempool │ Mempool.space block explorer │ + # │ element-calling │ LiveKit server for Matrix │ # │ rdp │ GNOME Remote Desktop (RDP) │ - # └─────────────────────┴────────────────────────────────┘ + # │ bitcoin-core │ Bitcoin Core GUI desktop app │ + # └─────────────────────┴─────���──────────────────────────┘ # - # Example — enable Haven and Element Calling: + # Example — enable element video calling: # - # sovran_systemsOS.features.haven = true; # sovran_systemsOS.features.element-calling = true; # # ─────────────────────────────────────────────────────────── - # sovran_systemsOS.features.haven = true; # sovran_systemsOS.features.element-calling = true; - # sovran_systemsOS.features.mempool = true; - # sovran_systemsOS.features.bip110 = true; - # sovran_systemsOS.features.bitcoin-core = true; - # sovran_systemsOS.features.rdp = true; # ═══════════════════════════════════════════════════════════ - # STEP 4: WEB EXPOSURE (controls Caddy reverse proxy) + # STEP 4: WEB EXPOSURE (default: ON) # ═══════════════════════════════════════════════════════════ # - # These control whether a service gets a public Caddy - # vhost. The service itself still runs regardless. + # Controls whether Caddy serves this application to the web. + # (Does not stop the application itself from running). # # ┌─────────────────────┬────────────────────────────────┐ # │ Option │ Default │ @@ -145,46 +124,4 @@ # sovran_systemsOS.nostr_npub = ""; - - # ═══════════════════════════════════════════════════════════ - # QUICK REFERENCE — COMMON SETUPS - # ═══════════════════════════════════════════════════════════ - # - # ── Full Server (default, change nothing) ────────────── - # - # All services ON, all features OFF. - # Just leave this file as-is. - # - # - # ── Server without WordPress ─────────────────────────── - # - # sovran_systemsOS.services.wordpress = false; - # - # - # ── Server with Haven + Element Calling ──────────────── - # - # sovran_systemsOS.features.haven = true; - # sovran_systemsOS.features.element-calling = true; - # sovran_systemsOS.nostr_npub = "npub1your_key_here"; - # - # - # ── Bitcoin Node Only ────────────────────────────────── - # - # sovran_systemsOS.roles.node = true; - # - # (Gives you: bitcoind, electrs, lnd, rtl, btcpay, - # mempool, bip110 — no web services) - # - # - # ── Desktop Only (no server) ─────────────────────────── - # - # sovran_systemsOS.roles.desktop = true; - # - # - # ── Node with BTCPay web access ──────────────────────── - # - # sovran_systemsOS.roles.node = true; - # sovran_systemsOS.web.btcpayserver = true; - # - # ═══════════════════════════════════════════════════════════ } diff --git a/iso/installer.sh b/iso/installer.sh index 0f64e09..eeeeae1 100644 --- a/iso/installer.sh +++ b/iso/installer.sh @@ -14,7 +14,25 @@ human_size() { numfmt --to=iec --suffix=B "$1" } -zenity --info --window-icon="$LOGO" --text="Sovran SystemsOS Installer\n\nWARNING:\nThis installer will ERASE ALL DATA on selected disks.\n\nPress OK to continue." +# ── 1. WELCOME & ROLE SELECTION ────────────────────────────────────────── + +ROLE=$(zenity --list --radiolist \ + --window-icon="$LOGO" \ + --width=1000 --height=400 \ + --title="Welcome to Sovran SystemsOS" \ + --text="Sovran Systems\nBe Digitally Sovereign\n\nPlease select your preferred installation type:" \ + --print-column=3 \ + --column="Select" --column="Logo" --column="Role" --column="Description" \ + TRUE "🖥️" "Server+Desktop" "Gives you the full Sovereign Experience. A beautiful, easy-to-use, powerful daily driver desktop computer plus your very own cloud, website, secure messaging, video calling, password manager, and full Bitcoin node with Bitcoin Lightning and non-KYC buying and selling." \ + FALSE "💻" "Desktop Only" "The same beautiful, easy-to-use desktop experience, but just the desktop without the background server applications." \ + FALSE "₿" "Node (Bitcoin-only)" "Full Bitcoin node with Bitcoin Lightning and non-KYC buying and selling." || true) + +if [ -z "$ROLE" ]; then + zenity --error --window-icon="$LOGO" --text="Installation cancelled." + exit 1 +fi + +# ── 2. FETCH DISKS ─────────────────────────────────────────────────────── # Filter out USB drives and loop/cdrom devices so it doesn't try to install to the installation media mapfile -t DISKS < <(lsblk -b -dno NAME,SIZE,TYPE,RO,TRAN -e 7,11 | awk '$3=="disk" && $4=="0" && $5!="usb" {print $1":"$2}') @@ -52,18 +70,6 @@ else SUMMARY="${SUMMARY}\nData disk: none" fi -ROLE=$(zenity --list --radiolist \ - --window-icon="$LOGO" \ - --title="Choose Install Role" \ - --column="" --column="Role" \ - TRUE "Server-Desktop (default)" \ - FALSE "Desktop" \ - FALSE "Node (Bitcoin-only)" || true) - -if [ -z "$ROLE" ]; then - ROLE="Server-Desktop (default)" -fi - CONFIRM=$(zenity --entry --window-icon="$LOGO" --text="WARNING: This will ERASE ALL DATA on:\n\n${SUMMARY}\n\nType ERASE to continue.") if [ "$CONFIRM" != "ERASE" ]; then zenity --error --window-icon="$LOGO" --text="Install cancelled." @@ -87,18 +93,34 @@ rm -rf /mnt/etc/nixos/* cp -a /etc/sovran/flake/* /mnt/etc/nixos/ cp /tmp/hardware-configuration.nix /mnt/etc/nixos/hardware-configuration.nix -cat > /mnt/etc/nixos/custom.nix < /mnt/etc/nixos/role-state.nix <