Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge sync

Browse Source
This commit is contained in:
naturallaw77
2026-02-15 18:50:03 -06:00
parent efdec08eae
commit a53dfd9271
13 changed files with 1097 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@@ -33,14 +33,14 @@ The DIY support chat on Matrix is located here:
https://matrix.to/#/%23DIY_Sovran_SystemsOS:anarchyislove.xyz
## License
Sovran_SystemsOS is licensed under the Apache 2 software licence.
##
Created, Handcrafted, and Headquartered in Southern California 2022-2025 🏖️.
Created, Handcrafted, and Headquartered in the Midwest 2022-2026.
All Open Source Software Used Falls Under Its Specific Open Source License.
This Gitea is Proudly Powered by a Sovran Pro 💚.
GNU GPL 3.0+
This Gitea is Proudly Powered by a Sovran Pro.
All Is Love. Fear Is Illusion. All Beings Are Free. Truth Can Never Be Destroyed.

46
README_1.md Executable file
View File

@@ -0,0 +1,46 @@
<br />
<br />
<p align="center">
<img width="600" src="sovran_systems_grey.png">
</p>
<br />
<br />
<br />
# Complete Configuration for Sovran_SystemsOS and the Sovran Pro
A Nix Flake Implementation
Thanks to all the NixOS creators and developers for creating what is the future of computing.
https://sovransystems.com
Connect on Matrix here: https://matrix.to/#/#sovran-systems:anarchyislove.xyz
Connect for Support on Matrix here: https://matrix.to/#/#sovran-systems-support:anarchyislove.xyz
###
## DIY Install Of Sovran_SystemsOS
The write-up to install Sovran_SystemsOS on your own hardware is located here:
https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/src/branch/main/DIY%20Install%20Sovran_SystemsOS.md
The DIY support chat on Matrix is located here:
https://matrix.to/#/%23DIY_Sovran_SystemsOS:anarchyislove.xyz
## License
Sovran_SystemsOS is licensed under the Apache 2 software licence.
##
Created, Handcrafted, and Headquartered in the Midwest 2022-2026.
This Gitea is Proudly Powered by a Sovran Pro.
All Is Love. Fear Is Illusion. All Beings Are Free. Truth Can Never Be Destroyed.

30
configuration.nix
View File

@@ -94,9 +94,11 @@ in
systemd.services.flatpak-repo = {
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
path = [ pkgs.flatpak ];
script = ''
flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
'';
};
@@ -108,14 +110,14 @@ in
"jitsi-meet-1.0.8043"
];
# List packages installed in system profile. To search, run:
# $ nix search wget
# List packages installed
environment.systemPackages = with pkgs; [
git
wget
fish
htop
btop
gnomeExtensions.transparent-top-bar-adjustable-transparency
gnomeExtensions.systemd-manager
gnomeExtensions.dash-to-dock
gnomeExtensions.vitals
@@ -172,7 +174,7 @@ in
};
####### CADDY #######
####### CADDY #######
services.caddy = {
enable = true;
user = "caddy";
@@ -241,7 +243,7 @@ in
};
};
###### AGENIX ######
###### AGENIX ######
age.identityPaths = [ "/root/.ssh/agenix/agenix-secret-keys" ];
age.secrets.matrix_reg_secret = {
@@ -254,7 +256,7 @@ in
###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) #######
###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) #######
services.postgresql = {
enable = true;
};
@@ -301,7 +303,7 @@ in
;
####### KEEP AWAKE for DISPLAY and HEADLESS #######
####### KEEP AWAKE for DISPLAY and HEADLESS #######
services.displayManager.gdm.autoSuspend = false;
systemd.sleep.extraConfig = ''
@@ -312,7 +314,7 @@ in
'';
####### BACKUP TO INTERNAL DRIVE #######
####### BACKUP TO INTERNAL DRIVE #######
services.rsnapshot = {
enable = true;
extraConfig = ''
@@ -331,7 +333,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
};
####### CRON #######
####### CRON #######
services.cron = {
enable = true;
systemCronJobs = [
@@ -345,7 +347,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
};
####### TOR #######
####### TOR #######
services.tor = {
enable = true;
client.enable = true;
@@ -355,7 +357,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
services.privoxy.enableTor = true;
####### Enable the OpenSSH daemon #######
####### Enable the SSH #######
services.openssh = {
enable = true;
settings = {
@@ -366,7 +368,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
};
#######FailtoBan#######
#######FailtoBan#######
services.fail2ban = {
enable = true;
ignoreIP = [
@@ -379,7 +381,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
};
####### Open ports in the firewall #######
####### Open ports in the firewall #######
networking.firewall.allowedTCPPorts = [ 80 443 5349 8448 3051 ];
networking.firewall.allowedUDPPorts = [ 80 443 5349 8448 3051 ];
@@ -390,7 +392,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/
networking.firewall.enable = true;
####### AUTO COLLECT GARABAGE #######
####### AUTO COLLECT GARABAGE #######
nix.gc = {
automatic = true;
dates = "weekly";

405
configuration_1.nix Executable file
View File

@@ -0,0 +1,405 @@
{ config, pkgs, lib, ... }:
let
personalization = import ./modules/personalization.nix;
in
{
imports =
[
./modules/modules.nix
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.kernelPackages = pkgs.linuxPackages_latest;
# Enable Automount without Fail for Internal Drive.
fileSystems."/run/media/Second_Drive" = {
device = "LABEL=BTCEcoandBackup";
fsType = "ext4";
options = [ "nofail" ];
};
fileSystems."/boot/efi".options = [ "umask=0077" "defaults" ];
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
download-buffer-size = 524288000;
};
networking.hostName = "nixos"; # Define your hostname.
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/Los_Angeles";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.displayManager.gdm.enable = true;
services.desktopManager.gnome.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
variant = "";
};
# Enable CUPS to print documents.
services.printing.enable = true;
# Systemd Settings
systemd.enableEmergencyMode = false;
# Enable sound with pipewire.
services.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
users.users = {
free = {
isNormalUser = true;
description = "free";
extraGroups = [ "networkmanager" ];
};
};
# Enable automatic login for the user.
services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = "free";
# Allow Flatpak
services.flatpak.enable = true;
systemd.services.flatpak-repo = {
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
path = [ pkgs.flatpak ];
script = ''
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
'';
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"jitsi-meet-1.0.8043"
];
# List packages installed
environment.systemPackages = with pkgs; [
git
wget
fish
htop
btop
gnomeExtensions.transparent-top-bar-adjustable-transparency
gnomeExtensions.systemd-manager
gnomeExtensions.dash-to-dock
gnomeExtensions.vitals
gnomeExtensions.pop-shell
gnomeExtensions.just-perfection
gnomeExtensions.appindicator
gnomeExtensions.date-menu-formatter
gnome-tweaks
papirus-icon-theme
ranger
neofetch
gedit
matrix-synapse
openssl
pwgen
aspell
aspellDicts.en
lm_sensors
hunspell
hunspellDicts.en_US
synadm
brave
dua
bitwarden-desktop
gparted
pv
unzip
parted
screen
zenity
libargon2
gnome-terminal
libreoffice-fresh
dig
firefox
element-desktop
wp-cli
axel
];
programs.nixvim = {
enable = true;
colorschemes.catppuccin.enable = true;
plugins.lualine.enable = true;
};
programs.bash.promptInit = "fish";
programs.fish = {
enable = true;
promptInit = "neofetch";
};
####### CADDY #######
services.caddy = {
enable = true;
user = "caddy";
group = "root";
email = "${personalization.caddy_email_for_acme}";
virtualHosts = {
"${personalization.wordpress_url}" = {
extraConfig = ''
encode gzip zstd
root * /var/lib/www/wordpress
php_fastcgi unix//run/phpfpm/mypool.sock
file_server browse
'';
};
"${personalization.nextcloud_url}" = {
extraConfig = ''
encode gzip zstd
root * /var/lib/www/nextcloud
php_fastcgi unix//run/phpfpm/mypool.sock {
trusted_proxies private_ranges
}
file_server
redir /.well-known/carddav /remote.php/dav/ 301
redir /.well-known/caldav /remote.php/dav/ 301
header {
Strict-Transport-Security max-age=31536000;
}
'';
};
"${personalization.matrix_url}" = {
extraConfig = ''
reverse_proxy /_matrix/* http://localhost:8008
reverse_proxy /_synapse/client/* http://localhost:8008
'';
};
"${personalization.matrix_url}:8448" = {
extraConfig = ''
reverse_proxy http://localhost:8008
'';
};
"${personalization.btcpayserver_url}" = {
extraConfig = ''
reverse_proxy http://localhost:23000
encode gzip zstd
'';
};
"https://${personalization.vaultwarden_url}" = {
extraConfig = ''
reverse_proxy http://localhost:8777
encode gzip zstd
'';
};
":3051" = {
extraConfig = ''
reverse_proxy :3050
encode gzip zstd
'';
};
};
};
###### AGENIX ######
age.identityPaths = [ "/root/.ssh/agenix/agenix-secret-keys" ];
age.secrets.matrix_reg_secret = {
file = /var/lib/agenix-secrets/matrix_reg_secret.age;
mode = "770";
owner = "matrix-synapse";
group = "matrix-synapse";
};
###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) #######
services.postgresql = {
enable = true;
};
services.postgresql.authentication = lib.mkForce ''
# Generated file; do not edit!
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
'';
services.mysql = {
enable = true;
package = pkgs.mariadb;
};
services.postgresql.initialScript = pkgs.writeText "begin-init.sql" ''
CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.nextclouddb}';
CREATE DATABASE "nextclouddb" WITH OWNER "ncusr"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD '${personalization.matrixdb}';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
''
;
services.mysql.initialScript = pkgs.writeText "wordpress-init.sql" ''
CREATE DATABASE wordpressdb;
CREATE USER 'wpusr'@'localhost' IDENTIFIED BY '${personalization.wordpressdb}';
GRANT ALL ON wordpressdb.* TO 'wpusr'@'localhost';
FLUSH PRIVILEGES;
''
;
####### KEEP AWAKE for DISPLAY and HEADLESS #######
services.displayManager.gdm.autoSuspend = false;
systemd.sleep.extraConfig = ''
AllowSuspend=no
AllowHibernation=no
AllowHybridSleep=no
AllowSuspendThenHibernate=no
'';
####### BACKUP TO INTERNAL DRIVE #######
services.rsnapshot = {
enable = true;
extraConfig = ''
snapshot_root /run/media/Second_Drive/BTCEcoandBackup/NixOS_Snapshot_Backup
retain hourly 5
retain daily 5
backup /home/ localhost/
backup /var/lib/ localhost/
backup /etc/nixos/ localhost/
backup /etc/nix-bitcoin-secrets/ localhost/
'';
cronIntervals = {
daily = "50 21 * * *";
hourly = "0 * * * *";
};
};
####### CRON #######
services.cron = {
enable = true;
systemCronJobs = [
"*/5 * * * * caddy /run/current-system/sw/bin/php -f /var/lib/www/nextcloud/cron.php"
"*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/njalla/njalla.sh"
"*/15 * * * * root /run/current-system/sw/bin/bash /var/lib/external_ip/external_ip.sh"
"0 0 * * 0 docker-user yes | /run/current-system/sw/bin/docker system prune -a"
];
};
####### TOR #######
services.tor = {
enable = true;
client.enable = true;
torsocks.enable = true;
};
services.privoxy.enableTor = true;
####### Enable the SSH #######
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "yes";
};
};
#######FailtoBan#######
services.fail2ban = {
enable = true;
ignoreIP = [
"127.0.0.0/8"
"10.0.0.0/8"
"172.16.0.0/12"
"192.168.0.0/16"
"8.8.8.8"
];
};
####### Open ports in the firewall #######
networking.firewall.allowedTCPPorts = [ 80 443 5349 8448 3051 ];
networking.firewall.allowedUDPPorts = [ 80 443 5349 8448 3051 ];
networking.firewall.allowedUDPPortRanges = [
{ from=49152; to=65535; } # TURN relay
];
networking.firewall.enable = true;
####### AUTO COLLECT GARABAGE #######
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
system.stateVersion = "22.05";
}

35
custom-add-ons.md
View File

@@ -7,12 +7,7 @@ Add-ons are extra features you can have installed before your Sovran Pro is ship
https://github.com/bitcoin/bitcoin
2. By default Sovran_SystemsOS runs LND as the default Lightning node software for BTCpayserver. You are now able to run CLN as the backend to BTCpayserver instead of LND.
https://blockstream.com/lightning/
3. There is Mempool to be added on via a Tor connection.
2. The Bitcoin Mempool can be added and can be accessed via Tor or on your local network.
https://github.com/mempool/mempool
@@ -27,16 +22,26 @@ services.bitcoind.package = lib.mkForce config.nix-bitcoin.pkgs.bitcoind;
```
The code for CLN for BTCpayserver backend is as follows:
```nix
services.btcpayserver.lightningBackend = lib.mkForce "clightning";
```
The code for Mempool is as follows:
```nix
services.mempool.enable = true;
```
services.mempool = {
enable = true;
frontend.enable = true;
};
services.mysql.package = lib.mkForce pkgs.mariadb;
nix-bitcoin.onionServices.mempool-frontend.enable = true;
services.caddy = {
virtualHosts = {
":60847" = {
extraConfig = ''
reverse_proxy :60845
encode gzip zstd
'';
};
};
};
```

47
custom-add-ons_1.md Normal file
View File

@@ -0,0 +1,47 @@
## Custom Add-ons for your Sovran Pro or Sovran Pro Max
Add-ons are extra features you can have installed before your Sovran Pro is shipped to you.
1. Since Sovran_SystemsOS runs Bitcoin Knots by default as opposed to Bitcion Core, you can customize your Sovran Pro or Sovran Pro Max node to run Bitcoin Core.
https://github.com/bitcoin/bitcoin
2. The Bitcoin Mempool can be added and can be accessed via Tor or on your local network.
https://github.com/mempool/mempool
The code will be installed in the `custom.nix` file.
The code for Bitcoin Core is as follows:
```nix
services.bitcoind.package = lib.mkForce config.nix-bitcoin.pkgs.bitcoind;
```
The code for Mempool is as follows:
```nix
services.mempool = {
enable = true;
frontend.enable = true;
};
services.mysql.package = lib.mkForce pkgs.mariadb;
nix-bitcoin.onionServices.mempool-frontend.enable = true;
services.caddy = {
virtualHosts = {
":60847" = {
extraConfig = ''
reverse_proxy :60845
encode gzip zstd
'';
};
};
};
```

174
flake.lock generated
View File

@@ -8,11 +8,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1761656077,
"narHash": "sha256-lsNWuj4Z+pE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94=",
"lastModified": 1762618334,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
"owner": "ryantm",
"repo": "agenix",
"rev": "9ba0d85de3eaa7afeab493fed622008b6e4924f5",
"rev": "fcdea223397448d35d9b31f798479227e80183f6",
"type": "github"
},
"original": {
@@ -27,11 +27,11 @@
"oldNixpkgs": "oldNixpkgs"
},
"locked": {
"lastModified": 1760190224,
"narHash": "sha256-QHHgg35BikVeyhP8MvquKA3G+LY0rjBOHTCFgGkvTgA=",
"lastModified": 1766936379,
"narHash": "sha256-VBhwuhoz/byfK2OdYUKkzc1vTPqUddJaMr6elUOHeuM=",
"owner": "emmanuelrosa",
"repo": "btc-clients-nix",
"rev": "c76dcd51fba66f0bcf9f8c479e8d5337aef745a0",
"rev": "36cbe17a6160121bbae1ea7521593314d55e023c",
"type": "github"
},
"original": {
@@ -52,16 +52,16 @@
]
},
"locked": {
"lastModified": 1734005403,
"narHash": "sha256-vgh3TqfkFdnPxREBedw4MQehIDc3N8YyxBOB45n+AvU=",
"lastModified": 1766155727,
"narHash": "sha256-XGp4HHH6D6ZKiO5RnMzqYJYnZB538EnEflvlTsOKpvo=",
"owner": "erikarvstedt",
"repo": "extra-container",
"rev": "f4de6c329b306a9d3a9798a30e060c166f781baa",
"rev": "b450bdb24fca1076973c852d87bcb49b8eb5fd49",
"type": "github"
},
"original": {
"owner": "erikarvstedt",
"ref": "0.13",
"ref": "0.14",
"repo": "extra-container",
"type": "github"
}
@@ -74,11 +74,11 @@
]
},
"locked": {
"lastModified": 1760948891,
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
"lastModified": 1765835352,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9",
"type": "github"
},
"original": {
@@ -105,24 +105,6 @@
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -144,47 +126,20 @@
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github"
}
},
"nix-bitcoin": {
"inputs": {
"extra-container": "extra-container",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3",
"nixpkgs-25_05": "nixpkgs-25_05",
"nixpkgs-unstable": "nixpkgs-unstable"
},
"locked": {
"lastModified": 1761560050,
"narHash": "sha256-dbMLlIEamKfXP/Ww205FGDMkfEKd6Pzs/VpxUbSsmtU=",
"lastModified": 1767721199,
"narHash": "sha256-UzRxDiJlopBGPTjyhCdMP+QdTwXK+l+y45urXCyH69A=",
"owner": "fort-nix",
"repo": "nix-bitcoin",
"rev": "b217b6019c3bba6eba2f2f5a277464b7579c3ab9",
"rev": "5b532698ce9e8bd79b07d77ab4fc60e1a8408f73",
"type": "github"
},
"original": {
@@ -210,6 +165,22 @@
"type": "github"
}
},
"nixpkgs-25_05": {
"locked": {
"lastModified": 1767051569,
"narHash": "sha256-0MnuWoN+n1UYaGBIpqpPs9I9ZHW4kynits4mrnh1Pk4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "40ee5e1944bebdd128f9fbada44faefddfde29bd",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1751274312,
@@ -228,11 +199,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1760965567,
"narHash": "sha256-0JDOal5P7xzzAibvD0yTE3ptyvoVOAL0rcELmDdtSKg=",
"lastModified": 1767364772,
"narHash": "sha256-fFUnEYMla8b7UKjijLnMe+oVFOz6HjijGGNS1l7dYaQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cb82756ecc37fa623f8cf3e88854f9bf7f64af93",
"rev": "16c7794d0a28b5a37904d55bcca36003b9109aaa",
"type": "github"
},
"original": {
@@ -244,11 +215,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1759360550,
"narHash": "sha256-feL8xklo97a8o8ISOszUU2tfHskJdu3zKbpcltzSblw=",
"lastModified": 1764255304,
"narHash": "sha256-oQPux8afXmkbb88ceRtz1lgSGqL9auOgdYnBSqpVgSA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "28b8fe20c34f94a537f71950a9b0c1dc7224d036",
"rev": "6e86c955fc372d12face4a9c0d932a6e0f7bff4d",
"type": "github"
},
"original": {
@@ -259,27 +230,27 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1761016216,
"narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=",
"lastModified": 1767480499,
"narHash": "sha256-8IQQUorUGiSmFaPnLSo2+T+rjHtiNWc+OAzeHck7N48=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "481cf557888e05d3128a76f14c76397b7d7cc869",
"rev": "30a3c519afcf3f99e2c6df3b359aec5692054d92",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1761373498,
"narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=",
"lastModified": 1767767207,
"narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce",
"rev": "5912c1772a44e31bf1c63c0390b90501e5026886",
"type": "github"
},
"original": {
@@ -291,11 +262,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1761594641,
"narHash": "sha256-sImk6SJQASDLQo8l+0zWWaBgg7TueLS6lTvdH5pBZpo=",
"lastModified": 1767026758,
"narHash": "sha256-7fsac/f7nh/VaKJ/qm3I338+wAJa/3J57cOGpXi0Sbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1666250dbe4141e4ca8aaf89b40a3a51c2e36144",
"rev": "346dd96ad74dc4457a9db9de4f4f57dab2e5731d",
"type": "github"
},
"original": {
@@ -309,15 +280,14 @@
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_5",
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_4"
"systems": "systems_3"
},
"locked": {
"lastModified": 1761657569,
"narHash": "sha256-2D4Tw5Vp52RU5amnBvq0/z+zgZqafwl4bhg8dJBBjXI=",
"lastModified": 1767608728,
"narHash": "sha256-kmSJCTgrx+BxgqQOTPHAOkohvO+lbRsPWqu+PSPcz3I=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "03c0dabb9a63f52bc2ebf571f3755720df1ca81e",
"rev": "851399eebd0fb383d2fd76269d859f16021dc7a8",
"type": "github"
},
"original": {
@@ -326,29 +296,6 @@
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760652422,
"narHash": "sha256-C88Pgz38QIl9JxQceexqL2G7sw9vodHWx1Uaq+NRJrw=",
"owner": "NuschtOS",
"repo": "search",
"rev": "3ebeebe8b6a49dfb11f771f761e0310f7c48d726",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"oldNixpkgs": {
"locked": {
"lastModified": 1727619874,
@@ -419,21 +366,6 @@
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

373
flake_1.lock Executable file
View File

@@ -0,0 +1,373 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": [],
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1762618334,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
"owner": "ryantm",
"repo": "agenix",
"rev": "fcdea223397448d35d9b31f798479227e80183f6",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"btc-clients": {
"inputs": {
"nixpkgs": "nixpkgs_2",
"oldNixpkgs": "oldNixpkgs"
},
"locked": {
"lastModified": 1766936379,
"narHash": "sha256-VBhwuhoz/byfK2OdYUKkzc1vTPqUddJaMr6elUOHeuM=",
"owner": "emmanuelrosa",
"repo": "btc-clients-nix",
"rev": "36cbe17a6160121bbae1ea7521593314d55e023c",
"type": "github"
},
"original": {
"owner": "emmanuelrosa",
"repo": "btc-clients-nix",
"type": "github"
}
},
"extra-container": {
"inputs": {
"flake-utils": [
"nix-bitcoin",
"flake-utils"
],
"nixpkgs": [
"nix-bitcoin",
"nixpkgs"
]
},
"locked": {
"lastModified": 1766155727,
"narHash": "sha256-XGp4HHH6D6ZKiO5RnMzqYJYnZB538EnEflvlTsOKpvo=",
"owner": "erikarvstedt",
"repo": "extra-container",
"rev": "b450bdb24fca1076973c852d87bcb49b8eb5fd49",
"type": "github"
},
"original": {
"owner": "erikarvstedt",
"ref": "0.14",
"repo": "extra-container",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1765835352,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nix-bitcoin": {
"inputs": {
"extra-container": "extra-container",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3",
"nixpkgs-25_05": "nixpkgs-25_05",
"nixpkgs-unstable": "nixpkgs-unstable"
},
"locked": {
"lastModified": 1767721199,
"narHash": "sha256-UzRxDiJlopBGPTjyhCdMP+QdTwXK+l+y45urXCyH69A=",
"owner": "fort-nix",
"repo": "nix-bitcoin",
"rev": "5b532698ce9e8bd79b07d77ab4fc60e1a8408f73",
"type": "github"
},
"original": {
"owner": "fort-nix",
"ref": "release",
"repo": "nix-bitcoin",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1754028485,
"narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "59e69648d345d6e8fef86158c555730fa12af9de",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-25_05": {
"locked": {
"lastModified": 1767051569,
"narHash": "sha256-0MnuWoN+n1UYaGBIpqpPs9I9ZHW4kynits4mrnh1Pk4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "40ee5e1944bebdd128f9fbada44faefddfde29bd",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1751274312,
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1767364772,
"narHash": "sha256-fFUnEYMla8b7UKjijLnMe+oVFOz6HjijGGNS1l7dYaQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "16c7794d0a28b5a37904d55bcca36003b9109aaa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1764255304,
"narHash": "sha256-oQPux8afXmkbb88ceRtz1lgSGqL9auOgdYnBSqpVgSA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6e86c955fc372d12face4a9c0d932a6e0f7bff4d",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1767480499,
"narHash": "sha256-8IQQUorUGiSmFaPnLSo2+T+rjHtiNWc+OAzeHck7N48=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "30a3c519afcf3f99e2c6df3b359aec5692054d92",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1767767207,
"narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5912c1772a44e31bf1c63c0390b90501e5026886",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1767026758,
"narHash": "sha256-7fsac/f7nh/VaKJ/qm3I338+wAJa/3J57cOGpXi0Sbg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "346dd96ad74dc4457a9db9de4f4f57dab2e5731d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_5",
"systems": "systems_3"
},
"locked": {
"lastModified": 1767608728,
"narHash": "sha256-kmSJCTgrx+BxgqQOTPHAOkohvO+lbRsPWqu+PSPcz3I=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "851399eebd0fb383d2fd76269d859f16021dc7a8",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixvim",
"type": "github"
}
},
"oldNixpkgs": {
"locked": {
"lastModified": 1727619874,
"narHash": "sha256-a4Jcd+vjQAzF675/7B1LN3U2ay22jfDAVA8pOml5J/0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6710d0dd013f55809648dfb1265b8f85447d30a6",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "6710d0dd013f55809648dfb1265b8f85447d30a6",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"btc-clients": "btc-clients",
"nix-bitcoin": "nix-bitcoin",
"nixpkgs": "nixpkgs_4",
"nixpkgs-stable": "nixpkgs-stable",
"nixvim": "nixvim"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

66
modules/bitcoinecosystem.nix
View File

@@ -6,7 +6,7 @@
services.bitcoind = {
enable = true;
package = pkgs.stable.bitcoind-knots;
package = config.nix-bitcoin.pkgs.bitcoind-knots;
dataDir = "/run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node";
txindex = true;
tor.proxy = true;
@@ -32,27 +32,6 @@
};
## CLN
services.clightning = {
enable = true;
tor.proxy = true;
tor.enforce = true;
port = 9737;
};
nix-bitcoin.onionServices.clightning.public = true;
services.clightning.replication = {
enable = true;
local.directory = "/run/media/Second_Drive/BTCEcoandBackup/clightning_db_backup";
encrypt = false;
};
## LND
services.lnd = {
@@ -60,24 +39,18 @@
tor.enforce = true;
tor.proxy = true;
extraConfig = ''
protocol.option-scid-alias=true
'';
};
nix-bitcoin.onionServices.lnd.public = true;
services.lightning-loop = {
enable = true;
tor.enforce = true;
tor.proxy = true;
};
services.lightning-pool = {
## LNDconnect
services.lnd.lndconnect = {
enable = true;
tor.enforce = true;
tor.proxy = true;
onion = true;
};
@@ -89,42 +62,15 @@
port = 3050;
nightTheme = true;
nodes = {
clightning = {
enable = true;
extraConfig = {
Settings = {
enableOffers = true;
};
};
};
lnd = {
enable = true;
loop = true;
};
reverseOrder = true;
};
};
## Lndconnect
services.lnd.lndconnect = {
enable = true;
onion = true;
};
services.clightning.plugins.clnrest = {
enable = true;
lnconnect = {
enable = true;
onion = true;
};
};
## BTCpay Server
## BTCpayserver
services.btcpayserver = {
enable = true;

95
modules/bitcoinecosystem_1.nix Executable file
View File

@@ -0,0 +1,95 @@
{ config, pkgs, lib, ... }:
{
## Bitcoind
services.bitcoind = {
enable = true;
package = config.nix-bitcoin.pkgs.bitcoind-knots;
dataDir = "/run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node";
txindex = true;
tor.proxy = true;
disablewallet = true;
extraConfig = ''
peerbloomfilters=1
server=1
'';
};
nix-bitcoin.onionServices.bitcoind.enable = true;
nix-bitcoin.onionServices.electrs.enable = true;
nix-bitcoin.onionServices.rtl.enable = true;
## Electrs
services.electrs = {
enable = true;
tor.enforce = true;
dataDir = "/run/media/Second_Drive/BTCEcoandBackup/Electrs_Data";
};
## LND
services.lnd = {
enable = true;
tor.enforce = true;
tor.proxy = true;
extraConfig = ''
protocol.option-scid-alias=true
'';
};
nix-bitcoin.onionServices.lnd.public = true;
## LNDconnect
services.lnd.lndconnect = {
enable = true;
onion = true;
};
## RTL
services.rtl = {
enable = true;
tor.enforce = true;
port = 3050;
nightTheme = true;
nodes = {
lnd = {
enable = true;
};
};
};
## BTCpayserver
services.btcpayserver = {
enable = true;
};
services.btcpayserver.lightningBackend = "lnd";
## System
nix-bitcoin.generateSecrets = true;
nix-bitcoin.nodeinfo.enable = true;
nix-bitcoin.operator = {
enable = true;
name = "free";
};
nix-bitcoin.useVersionLockedPkgs = true;
}

1
modules/modules.nix
View File

@@ -10,7 +10,6 @@
./bitcoinecosystem.nix
./vaultwarden.nix
./Sovran_SystemsOS_File_Fixes_And_New_Services.nix
./btcpayserver-fix.nix
];
}

15
modules/modules_1.nix Executable file
View File

@@ -0,0 +1,15 @@
{ config, pkgs, lib, ... }:
{
imports = [
./php.nix
./synapse.nix
./coturn.nix
./bitcoinecosystem.nix
./vaultwarden.nix
./Sovran_SystemsOS_File_Fixes_And_New_Services.nix
];
}

0
modules/php.nix Normal file → Executable file
View File