updated readme

2026-03-25 14:35:00 -05:00
parent b703e058e7
commit d68b4be8d3
1 changed files with 26 additions and 29 deletions
--- a/README.md
+++ b/README.md
@@ -17,9 +17,9 @@
 ## Overview
-Sovran_SystemsOS is a fully integrated NixOS configuration that transforms a single machine into a personal cloud, communications hub, Bitcoin node, web server, and daily-use desktop — all managed declaratively.
+Sovran_SystemsOS is a fully integrated NixOS configuration that transforms a single machine into a personal cloud, communications hub, Bitcoin node, web server, and **daily-use desktop** — all managed declaratively.
-Every service is pre-wired: reverse proxy routing, database initialization, firewall rules, and inter-service communication are handled out of the box. You activate what you need; the system does the rest.
+Every service is pre-wired: reverse proxy routing, database initialization, firewall rules, automated backups, and inter-service communication are handled out of the box. Moreover, you can activate the other custom packages; the system does the rest.
 ---
@@ -28,10 +28,10 @@ Every service is pre-wired: reverse proxy routing, database initialization, fire
 Sovran_SystemsOS is structured as a set of NixOS modules exposed via a flake. A remote machine consumes the flake and selectively enables features through a simple configuration interface.
 ```
-Remote Machine (flake.nix)
+Repository Main Flake (flake.nix)
  └── Sovran_SystemsOS flake (nixosModules.Sovran_SystemsOS)
        ├── configuration.nix/       # Base system
-        │   ├── Gnome Desktop        # Gnome Desktop Interface
+        │   ├── gnome Desktop        # Gnome Desktop Interface
        │   ├── caddy                # Reverse proxy + HTTPS
        │   ├── nextcloud            # Cloud storage
        │   ├── wordpress            # CMS / publishing
@@ -44,8 +44,10 @@ Remote Machine (flake.nix)
        │   ├── mempool.nix          # Mempool explorer
        │   ├── rdp.nix              # Remote desktop (RDP)
        │   ├── vaultwarden.nix      # Password management
        │   └── ...
        ├── nix-bitcoin integration
        ├── bitcoin clients integration
        │   ├── sparrow wallet       # Trusted and Standard Open Source Bitcoin Wallet
        │   ├── bisq/bisq2           # Non KYC Bitcoin Buying and Selling   
        ├── agenix (secrets management)
        └── nixvim
 ```
@@ -54,20 +56,27 @@ Remote Machine (flake.nix)
 ### Feature Toggles
 [Custom Add-On Guide](custom-add-ons.md)
 Every major service is gated behind a feature flag. Enable only what you need:
 ```nix
 # custom.nix
-{ lib, ... }:
+{ config, pkgs, lib, ... }:
 {
-  sovran_systemsOS.features = {
+  
-    bitcoin-core    = lib.mkForce true;
+  sovran_systemsOS = {
-    bip110          = lib.mkForce true;
+    features = {
-    element-calling = lib.mkForce true;
+        bip110          = lib.mkForce true;
-    haven           = lib.mkForce true;
+        element-calling = lib.mkForce true;
-    mempool         = lib.mkForce true;
+        haven           = lib.mkForce true;
-    rdp             = lib.mkForce true;
+        mempool         = lib.mkForce true;
        rdp             = lib.mkForce true;
    };
    nostr_npub = "pasteyournpubhere";
  };
 }
 ```
@@ -85,7 +94,7 @@ No unnecessary services run. No wasted resources.
 | **Passwords** | Vaultwarden | Bitwarden-compatible password vault |
 | **Messaging** | Element/Matrix Synapse | Federated, decentralized messaging backend |
 | **Video/Voice Calling** | Element Video and Voice Calling | Decentralized Voice Over IP for Matrix with optional TURN/STUN |
-| **Bitcoin** | Bitcoin Core / Knots | Full node with optional BIP-110 consensus policy |
+| **Bitcoin** | Bitcoin Core / Knots | **Full node with optional BIP-110 consensus policy** |
 | **Bitcoin Lightning** | LND Full node connected over TOR |
 | **Payments** | BTCPay Server | Self-hosted Bitcoin payment processor |
 | **Explorer** | Mempool | Bitcoin mempool visualizer and block explorer |
@@ -97,9 +106,9 @@ No unnecessary services run. No wasted resources.
 ### Security
 - **SSH hardened** — password authentication disabled by default
- **Fail2ban** — active on all exposed services
+- **Fail2ban** — active on https
 - **Agenix** — encrypted secrets management integrated into the flake
- **Tor** — optional integration available
+- **Tor** — integration into the bitcoin ecosystem
 - **Firewall** — ports managed per-module; only enabled services are exposed
 ### Reliability
@@ -130,18 +139,6 @@ No unnecessary services run. No wasted resources.
 ---
 ## Contributing
 Contributions are welcome. If you want to add a module, fix a bug, or improve documentation:
 1. Fork the repository
 2. Create a feature branch
 3. Submit a pull request with a clear description of the change
 Please keep modules self-contained and gated behind a feature flag.
 ---
 ## Community
 | Channel | Link |
@@ -167,5 +164,5 @@ You retain full visibility into every module, every service definition, and ever
 ---
-**Own your stack. Run your world.**
+**Be Digtially Sovereign**