Table of Contents
Table of Contents
Self Host Blocks is hosted on GitHub. If you encounter problems or bugs then please report them on the issue tracker.
Feel free to join the dedicated Matrix room matrix.org#selfhostblocks.
Self Host Blocks intends to help you self host any service you would like with best practices out of the box.
Compared to the stock nixpkgs experience, Self Host Blocks provides an unified interface to setup common dependencies, called blocks in this project:
reverse proxy
TLS certificate management
serving service under subdomain
backup
LDAP
SSO.
Compare the configuration for Nextcloud and Forgejo. The following snippets focus on similitudes and assume the relevant blocks are configured off-screen.
shb.nextcloud = {
enable = true;
subdomain = "nextcloud";
domain = "example.com";
ssl = config.shb.certs.certs.letsencrypt.${domain};
apps.ldap = {
enable = true;
host = "127.0.0.1";
port = config.shb.ldap.ldapPort;
dcdomain = config.shb.ldap.dcdomain;
adminPassword.result = config.shb.sops.secrets."nextcloud/ldap/admin_password".result;
};
apps.sso = {
enable = true;
endpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}";
secret.result = config.shb.sops.secrets."nextcloud/sso/secret".result;
secretForAuthelia.result = config.shb.sops.secrets."nextcloud/sso/secretForAuthelia".result;
};
};
shb.forgejo = {
enable = true;
subdomain = "forgejo";
domain = "example.com";
ssl = config.shb.certs.certs.letsencrypt.${domain};
ldap = {
enable = true;
host = "127.0.0.1";
port = config.shb.ldap.ldapPort;
dcdomain = config.shb.ldap.dcdomain;
adminPassword.result = config.shb.sops.secrets."nextcloud/ldap/admin_password".result;
};
sso = {
enable = true;
endpoint = "https://${config.shb.authelia.subdomain}.${config.shb.authelia.domain}";
secret.result = config.shb.sops.secrets."forgejo/sso/secret".result;
secretForAuthelia.result = config.shb.sops.secrets."forgejo/sso/secretForAuthelia".result;
};
};
SHB facilitates testing NixOS and slowly switching an existing installation to NixOS.
To achieve this, SHB pioneers contracts which allows you, the final user, to be more in control of which piece go where. This lets you choose, for example, any reverse proxy you want or any database you want, without requiring work from maintainers of the services you want to self host.
To achieve this, Self Host Blocks provides building blocks which each provide part of what a self hosted app should do (SSO, HTTPS, etc.). It also provides some services that are already integrated with all those building blocks.
You are new to self hosting and want pre-configured services to deploy easily. Look at the services section.
You are a seasoned self-hoster but want to enhance some services you deploy already. Go to the blocks section.
You are a user of Self Host Blocks but would like to use your own implementation for a block. Go to the contracts section.
Self Host Blocks uses the full power of NixOS modules to achieve these goals. Blocks and service are both NixOS modules.
To get started using SelfHostBlocks, follow the usage section of the manual. It goes over how to deploy with Colmena, nixos-rebuild and deploy-rs and also goes over secrets management with SOPS.
Then, to actually configure services, you can choose which one interests you in the services section of the manual. Not all services have a corresponding manual page yet.
Head over to the matrix channel for any remaining question, or just to say hi :)