1
0
Fork 0
Modular server management based on NixOS modules and focused on best practices.
Find a file
2023-02-19 20:37:52 -08:00
caddy add php config and glue caddy to ttrss 2023-02-19 20:37:52 -08:00
haproxy add haproxy with ssl termination 2023-02-19 20:37:52 -08:00
php fix pathinfo in php config 2023-02-19 20:37:52 -08:00
php-fpm add php config and glue caddy to ttrss 2023-02-19 20:37:52 -08:00
postgresdb uniformize pkgs by lowercasing them 2023-02-19 20:37:52 -08:00
ttrss tighten permissions a bit for ttrss tmpfiles 2023-02-19 20:37:52 -08:00
all-packages.nix add php config and glue caddy to ttrss 2023-02-19 20:37:52 -08:00
extra-builtins.nix add pass plugin to read secrets from password store 2023-02-19 20:37:52 -08:00
LICENSE Initial commit 2022-12-17 15:39:17 -08:00
nix-pass.sh add pass plugin to read secrets from password store 2023-02-19 20:37:52 -08:00
README.md add repo goal and status 2022-12-17 15:43:42 -08:00

Self Host Blocks

Building blocks for self-hosting with best practices.

SHB's (Self Host Blocks) goal is to provide a lower entry-bar for self-hosting. I intend to achieve this by providing building blocks promoting best practices to self-host a wide range of services. Also, the design will be extendable to allow user defined services.

As far as best practices go, I intend to provide, for all services:

  • protection and single sign-on using Keycloak, where possible
  • automated backing up of data and databases with Borgmatic
  • encrypted external backup with Rclone
  • central logging, monitoring and dashboards with Prometheus and Grafana
  • home dashboard with Dashy

Implementation is made with the disnix suite - Disnix, Dysnomia, NixOps - built on top of the nix ecosystem.

Progress Status

Currently, this repo is WIP and the first two services I intend to provide are Tiny Tiny RSS and Vaultwarden. Vaultwarden was chosen as it's IMO the first stepping stone to enable self-hosting. Tiny Tiny RSS was chosen because it requires quite a lot of moving parts and also will allow me to test single sign-on.