unmodified readme, needs updating

[MarigoldOS/.git] / README.md

# kernelpanic.cafe service node

## hi from your syslog.

MarigoldOS/0x00 is an experimental operating system that attempts to explore what a sustainable computer system might look like. kernelpanic.cafe runs a clearnet fork of MarigoldOS.

It is equally happy as a desktop or server specialisation and can switch on-the-fly. Although the public instance is a service node on the yggdrasil network, it is perfectly capable of working on the public internet, as demonstrated by kernelpanic.cafe running many of the profiles in this repository.

Nerdfonts are available for purchase. See ./profiles/fonts.nix .

Several advanced features are in various stages of implementation, including custom android builds that are preconfigured to use your node and native yggdrasil with alfis support.

# NOT INTENDED FOR PUBLIC RELEASE

The repository is made public to send snippets to others that may be intersted in the project, but it should currently be considered pre-alpha and is not currently intended for public release. Documentation is zero and it should currently be considered unstable as development happens on the public server so some services listed below (or the entire server) may have intermittent availability.

That said the developer uses it on his daily-driver and it should run fine with only a minimal amount of manual configuration. Feel free to contact me on email `echo "sy@Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` or matrix `echo "@sy:Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` and I can help you get running quickly.

# Using this node (lol)

**TL;DR From after connecting to the yggdrasil network, set your DNS to `200:6713:b624:259:9729:86d5:3233:fa9b`.**

Currently 0x00 requires a DNS resolver that resolves the [Alfis](https://github.com/Revertron/Alfis/) name system and a connection to the yggdrasil network. This server runs an Alfis/OpenDNS/ICANN resolver at  `200:6713:b624:259:9729:86d5:3233:fa9b` port 53, but you knew that.

Several more DNS resolvers that support Alfis are listed on the yggdrasil [services page](http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/).

Services not being accessible directly by IP is considered a bug and is tracked by http://gitea.0x00.ygg/syntaXerror/0x00/issues/4

# Services

## Public Services

kernelpanic.cafe is hosted from a shared server, so consider these all best effort. Please be nice, this isn't a very powerful machine.

- [Homepage](https://kernelpanic.cafe)
Homepage for the server. Maybe it's a blog maybe it's a wiki maybe it's maybelline.
- DNS
DNS server resolves GitNS, OpenNIC, Alfis, and ICANN names, also includes adblocker.
- [gitea](https://gitea.kernelpanic.cafe)
Git forge. You are here, probably.
- [searx](https://searx.kernelpanic.cafe)
Configurable metasearch engine. Be sure to try my [smallweb metasearch](https://searx.kernelpanic.cafe/search?category_smolweb=on) out.
- [mumble](https://mumble.kernelpanic.cafe)
Low-latency high-quality voice chat. High-bitrate enabled.
- [jitsi](https://jitsi.kernelpanic.cafe)
Voice and Video chat, supports end to end encryption.
- [Gemini capsule](gemini://kernelpanic.cafe)
Gemini is a new internet protocol which:
  - Is heavier than gopher
  - Is lighter than the web
  - Will not replace either
  - Strives for maximum power to weight ratio
  - Takes user privacy very seriously
- [Fileserver](https://warez.kernelpanic.cafe)
File server.
- [invidious](https://invidious.kernelpanic.cafe)
Alternative youtube frontend
- [nitter](https://nitter.kernelpanic.cafe) 
Alternative twitter frontend
- [libreddit](https://libreddit.kernelpanic.cafe)
Alternative reddit frontend
- Matrix Server
`matrix.kernelpanic.cafe`
  - [element-web](https://element.kernelpanic.cafe)
  Matrix webclient
- [plik](https://plik.kernelpanic.cafe)
Temporary file uploads. Supports many features and `curl` upload/downloads.
- [twtxt](https://twtxt.kernelpanic.cafe)
Distributed microblogging. [GH-twtxt](https://github.com/buckket/twtxt)
- yggdrasil node
Feel free to peer. No uptime guarantees.
- [yoshiki mirror](https://yoshiki.kernelpanic.cafe)
My backup of a github archive.

## Authenticated Services

Only the cool kids get to use these.

- kernelpanic.cafe mailserver
Email addresses defined in ./profiles/mail.nix
- [jellyfin](https://jellyfin.kernelpanic.cafe)
Jellyfin is a suite of multimedia applications designed to organize, manage, and share digital media files to networked devices.
- [navidrome](https://navidrome.kernelpanic.cafe)
Subsonic compatible music server.
- [syncthing](https://syncthing.kernelpanic.cafe)
Magical p2p cloud thing "it just works" whatever you know what syncthing is and if not then [lmstfy](https://searx.kernelpanic.cafe/search?q=syncthing).
- Charm Server
[GH-charm](https://github.com/charmbracelet/charm)/[GH-skate](https://github.com/charmbracelet/skate)
Charm is a set of tools that makes adding a backend to your terminal-based applications fun and easy. Quickly build modern CLI applications without worrying about user accounts, data storage and encryption.
- [magnetico](https://magnetico.kernelpanic.cafe)
Watches the bittorrent DHT to see what torrents people are searching for.
- [jackett](https://jackett.kernelpanic.cafe)
bittorrent metasearch engine.
- web hosting
Six unlisted websites/wikis hosted here. You know who you are.

## Disabled Services

Disabled to make room for others. TBH without matrix I'd be able to turn all of these back on. New computer coming soon (tm)

- [peertube](https://peertube.kernelpanic.cafe)
Federated video uploads
- [calibre](https://calibre.kernelpanic.cafe)
ebook library and reader
- nncp
NNCP (Node to Node copy) is a collection of utilities simplifying secure store-and-forward files, mail and command exchanging. This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted, explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting areas support. 
- [archivebox](https://archivebox.kernelpanic.cafe)
Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves WARC, HTML, JS, PDFs, media, and more...
- [netdata](https://netdata.kernelpanic.cafe)
Numbers and graphs are l33t
- [white board online](https://whiteboard.kernelpanic.cafe)
Collaborative whiteboard. Public/Private boards.
- [transmission](https://transmission.kernelpanic.cafe)
Bittorrent tracker
- [radarr](https://radarr.kernelpanic.cafe)
Movie library management
- [sonarr](https://sonarr.kernelpanic.cafe)
TV library management
- [lidarr](https://lidarr.kernelpanic.cafe)
Music library management
- [bazarr](https://bazarr.kernelpanic.cafe)
Automatic subtitle downloader
- [prowlarr](https://prowlarr.kernelpanic.cafe)
Bittorrent tracker management and syncrhonization
- [gotify](https://gotify.kernelpanic.cafe)
a simple server for sending and receiving messages
- [icecast](https://icecast.kernelpanic.cafe)
internet radio server
- botamusique
Bot that plays music in [mumble](mumble://mumble.kernelpanic.cafe).


# Profiles

UI levels: How much manual configuration is required.
Sensible defaults should push most services towards a 0 UI level.

0: Zero configuration. Uncomment profile, get service.

1: Optional configuration. Defaults will work, but may be suboptimal. For example the remote server may be far away or overloaded.

2: Minimal configuration. A few simple items. Username, domain name, etc.

3: Extra configuration. Simple, but with a larger number of items than minimal. Should be easy, but may take some time.

4: Greybeard configuration. Service may require technical knowledge, search engines, and a free afternoon.


Purity: How much configuration is done outside of version controlled files. Otherwise known as state.

0: Nix or nothing. Boot your system directly from git.

1: Minimally impure. May require the first/admin user to be created.

2: Allergic to config files and command line flags. Requires significant imperitave configuration of the service.

## Please Note

A goal is to reduce manual configuration and impurities to zero, so even though a module may be listed as "complete", work won't stop until UX/Purity are at 0/0.

Additionally, many profiles with a high purity and low UX may have the ability to run from configuration files or command-line flags but this hasn't been implemented in nix yet. Feel free to submit PRs.

## Adguard
Status: Exploratory. Service running at adguard.${fqdn}, not integrated with DNS stack.
Profile: ./profiles/adguard.nix
UI: 4
Purity: ?
Source: [https://github.com/AdguardTeam/AdGuardHome/](https://github.com/AdguardTeam/AdGuardHome/)

Ad and tracking blackhole. Looks to be highly impure, may have to just download the blackhole lists without using the whole adguard service. Full-network blocking is a nice to have but focusing on local resolution first. This probably isn't the correct place to run your network-wide nameserver, anyway.

## Alfis
Status: Complete.
Profile: ./profiles/alfis.nix
UI: 1
Purity: 1
Source: [https://github.com/Revertron/Alfis/](https://github.com/Revertron/Alfis/)

Lightweight peer-to-peer DNS service. Open GUI, get domain name. This one is really cool, don't miss it. Mining your initial key may take 1-2 days on older hardware, but subsequent updates have a much lower difficulty level.

## Aliases
Status: Ongoing
Profile: ./profiles/alias.nix
UI: 0
Purity: 0
Source: [./profiles/alias.nix](./profiles/alias.nix)

Many aliases to save keystrokes or add more sensible defaults are available, see [./profiles/alias.nix](./profiles/alias.nix) for details.

## ADB (Android)
Status: Complete
Profile: ./profiles/android.nix
UI: 0
Purity: 0
ADB is a debugger for android.
Source: [https://source.android.com/](https://source.android.com/)

## Android
Status: WIP
Profile: ./robotnix/bonito.nix
UI: 3
Purity: 0
Source: [https://github.com/danielfullmer/robotnix](https://github.com/danielfullmer/robotnix)

Custom android build for your node, thanks to [robotnix](https://github.com/danielfullmer/robotnix). Big plans for this.

## Avahi/mDNS
Status: Exploratory
Profile: ./profiles/avahi.nix
UI: 4
Purity: 0
Source: [/home/cw/0x00/profiles/avahi.nix](/home/cw/0x00/profiles/avahi.nix)

WIP. Broadcast your domain names on the local network. Not sure if it works at all for non-".local" domains. Needs experimentation.

## Cryptocurrency Wallets
Status: Complete
Profile: ./profiles/cryptocurrency.nix
UI: 0
Purity: 0
Source: [/home/cw/0x00/profiles/cryptocurrency.nix](/home/cw/0x00/profiles/cryptocurrency.nix)

Too many bitcoin wallets, need to trim a few off. Supports Trezor (open source hardware wallet), bitcoin(+cash), monero, and namecoin.

## Calibre
Status: WIP
Profile: ./profiles/calibre.nix
UI: 3
Purity: 2
Source: [https://github.com/janeczku/calibre-web](https://github.com/janeczku/calibre-web)

Ebook reader/manager with webserver.

## Charm
Status: Server done, client needs a wrapper for the binary that points at the server.
Profile: ./profiles/charm.nix
UI: 2
Purity: 0
Source: [https://github.com/charmbracelet/charm](https://github.com/charmbracelet/charm)

"Charm is a set of tools that makes adding a backend to your terminal-based applications fun and easy. Quickly build modern CLI applications without worrying about user accounts, data storage and encryption." 

It's a pretty slick tool. Check it (and skate) on Github

[Charm](https://github.com/charmbracelet/charm)
[Skate](https://github.com/charmbracelet/skate)

## Fonts
Profile: ./profiles/fonts.nix

We got em. Nerdfonts are huge (~2G) and inevitably require upload/download from horrible connections and/or at the worst time.

## Gemini
Status: Clients Complete, Server WIP.
Profile: ./profiles/gemini.nix
UI: 0
Purity: 0
Source: [https://gemini.circumlunar.space](https://gemini.circumlunar.space)

CLI, TUI, GUI clients are available.

Gemini is a new internet protocol which:
- Is heavier than gopher
- Is lighter than the web
- Will not replace either
- Strives for maximum power to weight ratio
- Takes user privacy very seriously

## Gitea
Status: Complete
Profile: ./profiles/gitea.nix
UI: 2
Purity: 1
Source: [https://github.com/go-gitea/gitea](https://github.com/go-gitea/gitea)

Probably where you're reading this. Lightweight, but still familiar.

## Encrypted pastebin

Status: Exploratory

There's a bunch of these types of things. 0bin, hedgedoc, and many others. A few of them kinda work but none have been evaluated on their merits.

## File server
Status: Completeish
Profile: ./profiles/warez.nix
UI: 0
Purity: 0
Source: [/home/cw/0x00/profiles/warez.nix](/home/cw/0x00/profiles/warez.nix)

Users in group 'warez' can drop files in /var/www/warez/ to make them available at warez.${fqdn}.
Next step is giving users their own subdomain for files.

## Hardware Tokens
Status: WIP
Profile: ./profiles/u2f.nix
UI: 1
Purity: 1
Source: [/home/cw/spacenix/profiles/u2f.nix](/home/cw/spacenix/profiles/u2f.nix)

Supports using U2F/Fido2/webauthn tokens such as the trezor to log into your system, ssh, sudo, and as 2fa for webservices (gitea).

## Invidious
Status: Complete
Profile: ./profiles/invidious.nix
UI: 0
Purity: 0
Source: [https://github.com/iv-org/invidious](https://github.com/iv-org/invidious)

Alternate youtube frontend. Lightweight, ad-free, tracking free, javascript not required, audio only mode, and much more. Can subscribe to channels independent from google. Supported by the sponsorblock firefox plugin. It's available at invidious.${fqdn}, don't miss it.

## Jellyfin
Status: Complete
Profile: ./profiles/jellyfin.nix
UI: 3
Purity: 2
Source: [https://github.com/jellyfin/jellyfin](https://github.com/jellyfin/jellyfin)

Powerful media player with remote control and android clients. Supports synced playback with other clients over LAN or internet. Looks really nice, but playback/transcoding can be finnicky. Maybe [ffmpegfs](https://github.com/nschlia/ffmpegfs) can help smooth things out.

## Jitsi
Status: Complete
Profile: ./profiles/jitsi.nix
UI: 0
Purity: 0
Source: [https://github.com/jitsi/jitsi-meet](https://github.com/jitsi/jitsi-meet)

Video chat service supporting end-to-end encryption. Zoom alternative.

## libreddit
Status: Complete
Profile: ./profiles/libreddit.nix
UI: 0
Purity: 0
Source: [https://github.com/spikecodes/libreddit](https://github.com/spikecodes/libreddit)

Alternative reddit frontend. Lightweight, JS not required, and no trackers/ads. Eliminates the reddit.com dark patterns.

## Email
Status: Server complete, webmail and desktop clients WIP.
Profile: ./profiles/mail.nix
UI: 1
Purity: 0-1
Source: [/home/cw/0x00/profiles/mail.nix](/home/cw/0x00/profiles/mail.nix)

Email server. May require DNS configuration. Doesn't automatically update alfis... yet.

## Icecast
Status: Needs ezstreamer or sth
Profile: ./profiles/icecast.nix
UI: 0
Purity: 0

Internet radio.

## Matrix
Status: Complete
Profile: ./profiles/matrix.nix
UI: 0
Purity: 1
Source: [https://github.com/matrix-org/synapse](https://github.com/matrix-org/synapse)

Matrix is an eventually-consistent system for federated state exhange. Or a chat/voip system. New apps like forums/social media/webpage commenting(a la disqus) are being built on matrix backends, and bridging to other messaging services are first-class here. 

Synapse is a first-generation homeserver for matrix. It needs PAM integration via [https://github.com/14mRh4X0r/matrix-synapse-pam](https://github.com/14mRh4X0r/matrix-synapse-pam) so that system users can be created with nixos-magic, but this isn't implemented yet.

## Mumble
Status: Works
Profile: ./profiles/mumble.nix
UI: 1
Purity: 2

Mumble is a low-latency voice chat service. Included is a radio bot to play music from your music library.

## NNCP
Status: Complete
Profile: ./profiles/nncp.nix
UI: 3
Purity: 0
Source: [http://www.nncpgo.org/Tarballs.html](http://www.nncpgo.org/Tarballs.html)

Node to Node copy is a collection of utilities simplifying secure store-and-forward files, mail and command exchanging. 
This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted, explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting areas support.

Out-of-box offline sneakernet/floppynet, dead drops, sequential and append-only CD-ROM/tape storages, air-gapped computers support. But online TCP daemon with full-duplex resumable data transmission exists. 

## BTCPayServer
Status: Complete
Profile: ./profiles/nix-bitcoin.nix
UI: 0
Purity: 2
Source: [https://github.com/btcpayserver/btcpayserver](https://github.com/btcpayserver/btcpayserver)

A self-hosted cryptocurrency payment processor and storefront with lightning network support and hardware wallet integration.

## Nix-bitcoin
Status: 80%
Profile: ./profiles/nix-bitcoin.nix
UI: 2
Purity: 2
Source: [https://github.com/fort-nix/nix-bitcoin](https://github.com/fort-nix/nix-bitcoin)

nix-bitcoin is a collection of Nix packages and NixOS modules for easily installing full-featured Bitcoin nodes with an emphasis on security.

Check [github](https://github.com/fort-nix/nix-bitcoin) for the long list of features.

## nodeinfo
Status: Exploratory
Profile: ./profiles/nodeinfo.nix
UI: 3
Purity: 0
Source: [/home/cw/0x00/profiles/nodeinfo.nix](/home/cw/0x00/profiles/nodeinfo.nix)

Directory for webservices on your computer. Like a start menu but for things in your browser, built automatically (soon).

## peertube
Status: Exploratory
Profile: ./profiles/peertube.nix
UI: 4
Purity: 1
Source: [https://github.com/Chocobozzz/PeerTube](https://github.com/Chocobozzz/PeerTube)

Federated video server that supports webtorrent for load distribution. Be part of a network of multiple small federated, interoperable video hosting providers. Follow video creators and create videos. No vendor lock-in. All on a platform that is community-owned and ad-free. 

## pelican site generator
Status: Complete
Profile: ./profiles/pelican.nix
UI: 0
Purity: 1

Pelican is a static site generator that takes markdown and builds something normies care about. The profile automatically rebuilds your site on any updates to the source markdown. It's in syncthing for easy editing from any computer or phone.

## plik
Status: Complete
Profile: ./profiles/plik.nix
UI: 1
Purity: 0
Source: [https://github.com/root-gg/plik](https://github.com/root-gg/plik)

Featureful temporary file upload service that supports command-line (curl) or browser interfaces. Aditional features such as self-destructing files and streaming files directly from uploader to downloader (nothing stored on server). Thunderbird addon for uploading attachments to plik is available [here](https://gitlab.com/joendres/filelink-plik).

## powersave

Status: Complete

UI: 1

Purity: 0

Power-save mode that includes tlp, upower, throttled, powertop, and cpu frequency governor.

## Installation/Recovery disk
Status: Complete
Profile: ./profiles/recovery.nix
UI: 0
Purity: 0
Source: [/home/cw/0x00/profiles/recovery.nix](/home/cw/0x00/profiles/recovery.nix)

Disk with a full suite of software to fix a broken computer, intall the operating system, and in general for tech work. Can also be used as a usb-bootable server if you need to temporarily host some services. For the full list of available software, see the profile.

## searx
Status: Complete
Profile: ./profiles/searx.nix
UI: 1
Purity: 0
Source: [https://github.com/searx/searx](https://github.com/searx/searx)

Privacy-respecting, extensible, and configurable metasearch engine.

## Shell
Status: Complete
Profile: ./profiles/zsh-starship.nix
UI: 1
Purity: 0
Source: [/home/cw/0x00/profiles/zsh-starship.nix](/home/cw/0x00/profiles/zsh-starship.nix)

zsh+oh-my-zsh+starship is default. [Powerlevel10k](/home/cw/0x00/profiles/zsh-p10k.nix) is also available.

## Syncthing
Status: 50%
Profile: ./profiles/syncthing.nix
UI: 3
Purity: 2
Source: [https://github.com/syncthing/syncthing](https://github.com/syncthing/syncthing)

P2P file sync service. Works imperitavely, but declarative syncthing looks ugly. Need a nix way to generate syncthing IDs from keys.

## Tiling Window Manager

Status: Complete

UI: 1

Purity: 1

Tiling WMs are default. i3/xfce is complete, but I am not a big fan of bismuth for kde.

## twtxt

Status: Complete

UI: 0

Purity: 1

Distributed microblogging.

## Whiteboard Online

Status: Complete

UI: 0

Purity: 0

Collaborative online whiteboard.

## yggdrasil

Status: Complete

UI: 2

Purity: 1

Yggdrasil is an overlay network implementation of a new routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks. The highlights of Yggdrasil are that it is:
- Scalable
Supports large, complex or even internet-scale topologies

- Self-healing
Network responds quickly to connection failures or mobility events

- Encrypted
Traffic sent across the network is always fully end-to-end encrypted

- Peer-to-peer
Works entirely ad-hoc by design with no built-in points of centralisation

- Publicly reachable, static IPs.
No NATs or firewalls to interfere with nodes connecting directly to each other. IPs are static regardless of where on the network a node connects.

## yggmail

Status: Complete
UI: 1
Purity: 0

 Yggmail is a single-binary all-in-one mail transfer agent which sends and receives email natively over the Yggdrasil Network.

    Yggmail runs just about anywhere you like — your inbox is stored right on your own machine;
    Implements IMAP and SMTP protocols for sending and receiving mail, so you can use your favourite client (hopefully);
    Mails are exchanged between Yggmail users using built-in Yggdrasil connectivity;
    All mail exchange traffic between any two Yggmail nodes is always end-to-end encrypted without exception;
    Yggdrasil and Yggmail nodes on the same network are discovered automatically using multicast or you can configure a static Yggdrasil peer.



## yggspot

Status: Untested

UI: 0

Purity: 0

Implements a yggdrasil hotspot as described [here](https://gitea.kernelpanic.cafe/cw/errata/src/branch/master/yggspot.md). 

# Ideals

If you aim for the stars, the worst that could happen is that you blow up on the launch pad.

## Full Stack Libre

Open source from the silicon to the network. Excited about RISC-V. 

## Lightweight

Minimize resource use

## Mobile Identities

You should be able to log into your personalized system running locally on any other computer by simply entering user@domain on login.

## Resilient

Your system configuration and data, including encrypted data, should be restorable from a single private key like a BIP39 seed on any fresh computer.

## Passwordless

Usernames and passwords suck. Skip them whenever possible.

## Paintext 

Plaintext files are extraordinarily powerful for users of your program: 
- These can be edited by hand or programmatically
- searching/indexing local text files happens faster than any web search
- You don't need any special software on any platform

## Peer to Peer

The client-server paradigm should be migrated to a peer-to-peer model as much as possible. Servers should be able to run on your old computers, instead of throwing them out.

## New and old

Old technologies are worth revisiting or remixing with new technologies. Ex: Yggdrasil gives every computer a public, static, IP with end-to-end encrypted traffic, regardless of where they connect to the network. This plus Alfis allows every computer to run it's own email server on it's own domain name.

## Minimize Manual Configuration

Manual configuration should be minimized with sensible defaults, but never at the expense of personalization.

## Experiment

Do things differently, but don't cling to them for novelty's sake if they don't work out.

# NOT INTENDED FOR PUBLIC RELEASE

The repository is made public to send snippets to others that may be intersted in the project, but it should currently be considered pre-alpha and is not currently intended for public release. Documentation is zero and it should currently be considered unstable as development happens on the public server so some services listed below (or the entire server) may have intermittent availability.

That said the developer uses it on his daily-driver and it should run fine with only a minimal amount of manual configuration. Feel free to contact me on email `echo "sy@Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` or matrix `echo "@sy:Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` and I can help you get running quickly.

# Using this node (lol)

**TL;DR From after connecting to the yggdrasil network, set your DNS to `200:6713:b624:259:9729:86d5:3233:fa9b`.**

Currently 0x00 requires a DNS resolver that resolves the [Alfis](https://github.com/Revertron/Alfis/) name system and a connection to the yggdrasil network. This server runs an Alfis/OpenDNS/ICANN resolver at  `200:6713:b624:259:9729:86d5:3233:fa9b` port 53, but you knew that.

Several more DNS resolvers that support Alfis are listed on the yggdrasil [services page](http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/).

Services not being accessible directly by IP is considered a bug and is tracked by http://gitea.0x00.ygg/syntaXerror/0x00/issues/4 

# As a Desktop

Several shells are supported including:
- bash 
- zsh+oh-my-zsh+(p10k/starship)

You get a load of timesaving aliases in ./profiles/alias.nix.
These probably need some pruning, and the functions in ./.alias need nixification.

Several DE/WM combos are supported including:
- i3+xfce
- plasma5+bismuth (tiling WM plugin)

## Gemini

- [gemget](https://github.com/makeworld-the-better-one/gemget/)
Like `curl` for geminispace.

- [amfora](https://github.com/makeworld-the-better-one/amfora)
TUI browser for gemini.

- [lagrange](https://github.com/skyjake/lagrange)
Full featured GUI browser for gemini. Lagrange is only built if xserver is enabled.

# notes

The first user created in gitea is admin, so make that user asap after enabling the service.