Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

updated readme

Browse Source
This commit is contained in:
naturallaw77
2026-03-25 14:16:05 -05:00
parent 115c2b7056
commit b703e058e7
1 changed files with 119 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

319
README.md
View File

@@ -11,242 +11,161 @@
# Sovran_SystemsOS # Sovran_SystemsOS
**Own Your Stack. Run Your World.** **A declarative, self-hosted operating system built on NixOS.**
--- ---
## 🌐 What is Sovran_SystemsOS? ## Overview
Sovran_SystemsOS is a **declarative, self-hosted operating system built on NixOS** that turns a single machine into your: Sovran_SystemsOS is a fully integrated NixOS configuration that transforms a single machine into a personal cloud, communications hub, Bitcoin node, web server, and daily-use desktop — all managed declaratively.
* Personal cloud Every service is pre-wired: reverse proxy routing, database initialization, firewall rules, and inter-service communication are handled out of the box. You activate what you need; the system does the rest.
* Private communications hub
* Bitcoin node
* Web server
* Daily desktop
This isnt just an OS config — its a **complete sovereign computing environment**.
--- ---
## ⚡ Why It Matters ## Architecture
Most people rely on a patchwork of third-party services: Sovran_SystemsOS is structured as a set of NixOS modules exposed via a flake. A remote machine consumes the flake and selectively enables features through a simple configuration interface.
* Cloud storage owned by corporations ```
* Messaging platforms that mine metadata Remote Machine (flake.nix)
* Financial infrastructure you dont control └── Sovran_SystemsOS flake (nixosModules.Sovran_SystemsOS)
├── configuration.nix/ # Base system
Sovran_SystemsOS flips that model. │ ├── Gnome Desktop # Gnome Desktop Interface
│ ├── caddy # Reverse proxy + HTTPS
👉 You run the services. │ ├── nextcloud # Cloud storage
👉 You own the data. │ ├── wordpress # CMS / publishing
👉 You control the system. │ ├── element # Matrix Synapse via Element Messaging App
├── modules/
--- │ ├── bitcoinecosystem.nix # Bitcoin Core / Knots / BTCPay Server / Bitcoin Lightning
│ ├── bip110.nix # Bip110 Node Consensus Policy
## 🚀 What Youre Actually Getting │ ├── element-calling.nix # Matrix Synapse via Element + Element Voice and Video Calling
│ ├── haven.nix # Nostr relay
This system doesnt just install apps — it **assembles an ecosystem**. │ ├── mempool.nix # Mempool explorer
│ ├── rdp.nix # Remote desktop (RDP)
### 🖥 A Unified Desktop + Server │ ├── vaultwarden.nix # Password management
│ └── ...
* Full GNOME desktop ├── nix-bitcoin integration
* Ready for daily use *and* backend services ├── agenix (secrets management)
* Remote access capabilities └── nixvim
---
### 🌍 A Real Web Stack (Out of the Box)
* Caddy web server with automatic HTTPS
* Reverse proxy routing already wired
* Multi-service hosting under your domains
---
### ☁️ Your Own Cloud Platform
* Nextcloud → file storage, sync, collaboration
* WordPress → publish and host content
* Vaultwarden → secure password management
---
### 💬 Private Communication Layer
* Matrix Synapse → decentralized messaging backend
* Element support → modern chat + collaboration
* Optional voice/video infrastructure
---
### ₿ Sovereign Financial Stack
* Run your own Bitcoin node
* BTCPay Server for payments
* Optional mempool explorer
No intermediaries. No permissions.
---
### 🔐 Built-In Security Posture
* Hardened SSH (no password logins)
* Fail2ban active by default
* Tor integration available
* Encrypted secrets via Agenix
---
### 💾 Reliability Without Babysitting
* Automated backups (rsnapshot)
* Cron jobs for maintenance
* Database initialization included
---
## 🧠 What Makes It Stand Out
### 1. **This Is Not a “Toolkit” — Its a System**
Most projects give you pieces.
Sovran_SystemsOS gives you a **pre-integrated stack** where:
* Services already talk to each other
* Reverse proxy is configured
* Databases are initialized
* Ports and firewall rules are handled
Youre not assembling — youre **activating**.
---
### 2. **Feature Toggles = Power Without Bloat**
Turn features on or off like switches:
```nix id="z91x8a"
sovran_systemsOS.features.mempool = true;
sovran_systemsOS.features.haven = true;
``` ```
No unnecessary services. No wasted resources. ## Features
--- ### Feature Toggles
### 3. **Reproducibility = Control** Every major service is gated behind a feature flag. Enable only what you need:
Your entire system is code: ```nix
# custom.nix
* Rebuild anytime { lib, ... }:
* Move to new hardware {
* Roll back instantly sovran_systemsOS.features = {
bitcoin-core = lib.mkForce true;
This is infrastructure you can trust because you can **recreate it exactly**. bip110 = lib.mkForce true;
element-calling = lib.mkForce true;
--- haven = lib.mkForce true;
mempool = lib.mkForce true;
### 4. **Automation Where It Counts** rdp = lib.mkForce true;
};
A huge amount is handled for you: }
* Service wiring
* Reverse proxy setup
* Scheduled jobs
* Base security
But unlike “black box” systems, you still retain **full visibility and control**.
---
## ⚠️ Honest Reality (No Hype)
This system **does not eliminate effort**.
You will still need to:
* Configure DNS and domains
* Manage secrets (Agenix)
* Understand your enabled services
* Perform initial setup steps
But heres the difference:
👉 Youre not starting from scratch
👉 Youre not duct-taping services together
👉 Youre not fighting your system
Youre building on a **solid, opinionated foundation**
---
## 🔌 Expand As You Grow
Enable advanced features anytime:
```nix id="0p9k21"
sovran_systemsOS.features.bitcoin-core = true;
sovran_systemsOS.features.bip110 = true;
sovran_systemsOS.features.mempool = true;
sovran_systemsOS.features.rdp = true;
``` ```
Available add-ons include: No unnecessary services run. No wasted resources.
* Bitcoin Core / Knots switching
* BIP-110 (enhanced Bitcoin consensus policy)
* Mempool explorer
* Nostr relay (Haven)
* Element voice/video backend
* Remote desktop
--- ---
## 🛠 Installation ### Service Stack
Full guide: | Category | Service | Description |
|---|---|---|
👉 https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/src/branch/main/DIY%20Install%20Sovran_SystemsOS.md | **Web** | Caddy | Automatic HTTPS, reverse proxy for all services |
| **Cloud** | Nextcloud | File storage, sync, and collaboration |
| **CMS** | WordPress | Self-hosted publishing and content management |
| **Passwords** | Vaultwarden | Bitwarden-compatible password vault |
| **Messaging** | Element/Matrix Synapse | Federated, decentralized messaging backend |
| **Video/Voice Calling** | Element Video and Voice Calling | Decentralized Voice Over IP for Matrix with optional TURN/STUN |
| **Bitcoin** | Bitcoin Core / Knots | Full node with optional BIP-110 consensus policy |
| **Bitcoin Lightning** | LND Full node connected over TOR |
| **Payments** | BTCPay Server | Self-hosted Bitcoin payment processor |
| **Explorer** | Mempool | Bitcoin mempool visualizer and block explorer |
| **Nostr** | Haven | Nostr relay server |
| **Remote Access** | GNOME Remote Desktop | RDP access with auto-generated TLS and credentials |
--- ---
## 💬 Community ### Security
* General Chat: - **SSH hardened** — password authentication disabled by default
https://matrix.to/#/#sovran-systems:anarchyislove.xyz - **Fail2ban** — active on all exposed services
- **Agenix** — encrypted secrets management integrated into the flake
- **Tor** — optional integration available
- **Firewall** — ports managed per-module; only enabled services are exposed
* DIY Support: ### Reliability
https://matrix.to/#/#DIY_Sovran_SystemsOS:anarchyislove.xyz
- **Automated backups** via rsnapshot
- **Scheduled maintenance** via systemd timers
- **Database initialization** handled declaratively
- **Reproducible builds** — the entire system is defined in code and can be rebuilt or migrated to new hardware at any time
--- ---
## 🧭 Who This Is For ## Installation
Sovran_SystemsOS is for people who want to: ### Full Guide
* Move off Big Tech platforms 👉 [DIY Install Sovran_SystemsOS](https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/src/branch/main/DIY%20Install%20Sovran_SystemsOS.md)
* Run their own infrastructure
* Understand and control their system
* Build a sovereign digital life
--- ---
## 🧭 Final Thought ## Requirements
You can keep renting your digital life… | Resource | Minimum | Recommended |
|---|---|---|
Or you can start owning it. | CPU | 4 cores | 8+ cores |
| RAM | 16 GB | 32+ GB |
Sovran_SystemsOS doesnt promise magic. | Storage | 512 GB SSD + 4 TB SSD | 2GB SSD + 4+ TB SSD (Bitcoin node requires significant disk) |
It gives you something more valuable: | Network | Stable broadband | Static IP or DDNS for public-facing services |
👉 **A system you control, understand, and can rebuild at will.**
--- ---
**All Is Love. Fear Is Illusion. All Beings Are Free. Truth Can Never Be Destroyed.** ## Contributing
Contributions are welcome. If you want to add a module, fix a bug, or improve documentation:
1. Fork the repository
2. Create a feature branch
3. Submit a pull request with a clear description of the change
Please keep modules self-contained and gated behind a feature flag.
---
## Community
| Channel | Link |
|---|---|
| General Chat | [#sovran-systems:anarchyislove.xyz](https://matrix.to/#/#sovran-systems:anarchyislove.xyz) |
| DIY Support | [#DIY_Sovran_SystemsOS:anarchyislove.xyz](https://matrix.to/#/#DIY_Sovran_SystemsOS:anarchyislove.xyz) |
---
## License
See [LICENSE](LICENSE) for details.
---
## Project Philosophy
Sovran_SystemsOS exists to provide a complete, self-hosted infrastructure stack that eliminates dependency on third-party platforms. It is opinionated by design — services are pre-integrated so you spend time using your system, not assembling it.
This is not a toolkit. It is a working system.
You retain full visibility into every module, every service definition, and every configuration choice. Nothing is hidden. Everything is reproducible.
---
**Own your stack. Run your world.**