--- /dev/null
+# kernelpanic.cafe service node
+
+## hi from your syslog.
+
+MarigoldOS/0x00 is an experimental operating system that attempts to explore what a sustainable computer system might look like. kernelpanic.cafe runs a clearnet fork of MarigoldOS.
+
+It is equally happy as a desktop or server specialisation and can switch on-the-fly. Although the public instance is a service node on the yggdrasil network, it is perfectly capable of working on the public internet, as demonstrated by kernelpanic.cafe running many of the profiles in this repository.
+
+Nerdfonts are available for purchase. See ./profiles/fonts.nix .
+
+Several advanced features are in various stages of implementation, including custom android builds that are preconfigured to use your node and native yggdrasil with alfis support.
+
+# NOT INTENDED FOR PUBLIC RELEASE
+
+The repository is made public to send snippets to others that may be intersted in the project, but it should currently be considered pre-alpha and is not currently intended for public release. Documentation is zero and it should currently be considered unstable as development happens on the public server so some services listed below (or the entire server) may have intermittent availability.
+
+That said the developer uses it on his daily-driver and it should run fine with only a minimal amount of manual configuration. Feel free to contact me on email `echo "sy@Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` or matrix `echo "@sy:Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` and I can help you get running quickly.
+
+# Using this node (lol)
+
+**TL;DR From after connecting to the yggdrasil network, set your DNS to `200:6713:b624:259:9729:86d5:3233:fa9b`.**
+
+Currently 0x00 requires a DNS resolver that resolves the [Alfis](https://github.com/Revertron/Alfis/) name system and a connection to the yggdrasil network. This server runs an Alfis/OpenDNS/ICANN resolver at `200:6713:b624:259:9729:86d5:3233:fa9b` port 53, but you knew that.
+
+Several more DNS resolvers that support Alfis are listed on the yggdrasil [services page](http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/).
+
+Services not being accessible directly by IP is considered a bug and is tracked by http://gitea.0x00.ygg/syntaXerror/0x00/issues/4
+
+# Services
+
+## Public Services
+
+kernelpanic.cafe is hosted from a shared server, so consider these all best effort. Please be nice, this isn't a very powerful machine.
+
+- [Homepage](https://kernelpanic.cafe)
+Homepage for the server. Maybe it's a blog maybe it's a wiki maybe it's maybelline.
+- DNS
+DNS server resolves GitNS, OpenNIC, Alfis, and ICANN names, also includes adblocker.
+- [gitea](https://gitea.kernelpanic.cafe)
+Git forge. You are here, probably.
+- [searx](https://searx.kernelpanic.cafe)
+Configurable metasearch engine. Be sure to try my [smallweb metasearch](https://searx.kernelpanic.cafe/search?category_smolweb=on) out.
+- [mumble](https://mumble.kernelpanic.cafe)
+Low-latency high-quality voice chat. High-bitrate enabled.
+- [jitsi](https://jitsi.kernelpanic.cafe)
+Voice and Video chat, supports end to end encryption.
+- [Gemini capsule](gemini://kernelpanic.cafe)
+Gemini is a new internet protocol which:
+ - Is heavier than gopher
+ - Is lighter than the web
+ - Will not replace either
+ - Strives for maximum power to weight ratio
+ - Takes user privacy very seriously
+- [Fileserver](https://warez.kernelpanic.cafe)
+File server.
+- [invidious](https://invidious.kernelpanic.cafe)
+Alternative youtube frontend
+- [nitter](https://nitter.kernelpanic.cafe)
+Alternative twitter frontend
+- [libreddit](https://libreddit.kernelpanic.cafe)
+Alternative reddit frontend
+- Matrix Server
+`matrix.kernelpanic.cafe`
+ - [element-web](https://element.kernelpanic.cafe)
+ Matrix webclient
+- [plik](https://plik.kernelpanic.cafe)
+Temporary file uploads. Supports many features and `curl` upload/downloads.
+- [twtxt](https://twtxt.kernelpanic.cafe)
+Distributed microblogging. [GH-twtxt](https://github.com/buckket/twtxt)
+- yggdrasil node
+Feel free to peer. No uptime guarantees.
+- [yoshiki mirror](https://yoshiki.kernelpanic.cafe)
+My backup of a github archive.
+
+## Authenticated Services
+
+Only the cool kids get to use these.
+
+- kernelpanic.cafe mailserver
+Email addresses defined in ./profiles/mail.nix
+- [jellyfin](https://jellyfin.kernelpanic.cafe)
+Jellyfin is a suite of multimedia applications designed to organize, manage, and share digital media files to networked devices.
+- [navidrome](https://navidrome.kernelpanic.cafe)
+Subsonic compatible music server.
+- [syncthing](https://syncthing.kernelpanic.cafe)
+Magical p2p cloud thing "it just works" whatever you know what syncthing is and if not then [lmstfy](https://searx.kernelpanic.cafe/search?q=syncthing).
+- Charm Server
+[GH-charm](https://github.com/charmbracelet/charm)/[GH-skate](https://github.com/charmbracelet/skate)
+Charm is a set of tools that makes adding a backend to your terminal-based applications fun and easy. Quickly build modern CLI applications without worrying about user accounts, data storage and encryption.
+- [magnetico](https://magnetico.kernelpanic.cafe)
+Watches the bittorrent DHT to see what torrents people are searching for.
+- [jackett](https://jackett.kernelpanic.cafe)
+bittorrent metasearch engine.
+- web hosting
+Six unlisted websites/wikis hosted here. You know who you are.
+
+## Disabled Services
+
+Disabled to make room for others. TBH without matrix I'd be able to turn all of these back on. New computer coming soon (tm)
+
+- [peertube](https://peertube.kernelpanic.cafe)
+Federated video uploads
+- [calibre](https://calibre.kernelpanic.cafe)
+ebook library and reader
+- nncp
+NNCP (Node to Node copy) is a collection of utilities simplifying secure store-and-forward files, mail and command exchanging. This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted, explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting areas support.
+- [archivebox](https://archivebox.kernelpanic.cafe)
+Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves WARC, HTML, JS, PDFs, media, and more...
+- [netdata](https://netdata.kernelpanic.cafe)
+Numbers and graphs are l33t
+- [white board online](https://whiteboard.kernelpanic.cafe)
+Collaborative whiteboard. Public/Private boards.
+- [transmission](https://transmission.kernelpanic.cafe)
+Bittorrent tracker
+- [radarr](https://radarr.kernelpanic.cafe)
+Movie library management
+- [sonarr](https://sonarr.kernelpanic.cafe)
+TV library management
+- [lidarr](https://lidarr.kernelpanic.cafe)
+Music library management
+- [bazarr](https://bazarr.kernelpanic.cafe)
+Automatic subtitle downloader
+- [prowlarr](https://prowlarr.kernelpanic.cafe)
+Bittorrent tracker management and syncrhonization
+- [gotify](https://gotify.kernelpanic.cafe)
+a simple server for sending and receiving messages
+- [icecast](https://icecast.kernelpanic.cafe)
+internet radio server
+- botamusique
+Bot that plays music in [mumble](mumble://mumble.kernelpanic.cafe).
+
+
+# Profiles
+
+UI levels: How much manual configuration is required.
+Sensible defaults should push most services towards a 0 UI level.
+
+0: Zero configuration. Uncomment profile, get service.
+
+1: Optional configuration. Defaults will work, but may be suboptimal. For example the remote server may be far away or overloaded.
+
+2: Minimal configuration. A few simple items. Username, domain name, etc.
+
+3: Extra configuration. Simple, but with a larger number of items than minimal. Should be easy, but may take some time.
+
+4: Greybeard configuration. Service may require technical knowledge, search engines, and a free afternoon.
+
+
+Purity: How much configuration is done outside of version controlled files. Otherwise known as state.
+
+0: Nix or nothing. Boot your system directly from git.
+
+1: Minimally impure. May require the first/admin user to be created.
+
+2: Allergic to config files and command line flags. Requires significant imperitave configuration of the service.
+
+## Please Note
+
+A goal is to reduce manual configuration and impurities to zero, so even though a module may be listed as "complete", work won't stop until UX/Purity are at 0/0.
+
+Additionally, many profiles with a high purity and low UX may have the ability to run from configuration files or command-line flags but this hasn't been implemented in nix yet. Feel free to submit PRs.
+
+## Adguard
+Status: Exploratory. Service running at adguard.${fqdn}, not integrated with DNS stack.
+Profile: ./profiles/adguard.nix
+UI: 4
+Purity: ?
+Source: [https://github.com/AdguardTeam/AdGuardHome/](https://github.com/AdguardTeam/AdGuardHome/)
+
+Ad and tracking blackhole. Looks to be highly impure, may have to just download the blackhole lists without using the whole adguard service. Full-network blocking is a nice to have but focusing on local resolution first. This probably isn't the correct place to run your network-wide nameserver, anyway.
+
+## Alfis
+Status: Complete.
+Profile: ./profiles/alfis.nix
+UI: 1
+Purity: 1
+Source: [https://github.com/Revertron/Alfis/](https://github.com/Revertron/Alfis/)
+
+Lightweight peer-to-peer DNS service. Open GUI, get domain name. This one is really cool, don't miss it. Mining your initial key may take 1-2 days on older hardware, but subsequent updates have a much lower difficulty level.
+
+## Aliases
+Status: Ongoing
+Profile: ./profiles/alias.nix
+UI: 0
+Purity: 0
+Source: [./profiles/alias.nix](./profiles/alias.nix)
+
+Many aliases to save keystrokes or add more sensible defaults are available, see [./profiles/alias.nix](./profiles/alias.nix) for details.
+
+## ADB (Android)
+Status: Complete
+Profile: ./profiles/android.nix
+UI: 0
+Purity: 0
+ADB is a debugger for android.
+Source: [https://source.android.com/](https://source.android.com/)
+
+## Android
+Status: WIP
+Profile: ./robotnix/bonito.nix
+UI: 3
+Purity: 0
+Source: [https://github.com/danielfullmer/robotnix](https://github.com/danielfullmer/robotnix)
+
+Custom android build for your node, thanks to [robotnix](https://github.com/danielfullmer/robotnix). Big plans for this.
+
+## Avahi/mDNS
+Status: Exploratory
+Profile: ./profiles/avahi.nix
+UI: 4
+Purity: 0
+Source: [/home/cw/0x00/profiles/avahi.nix](/home/cw/0x00/profiles/avahi.nix)
+
+WIP. Broadcast your domain names on the local network. Not sure if it works at all for non-".local" domains. Needs experimentation.
+
+## Cryptocurrency Wallets
+Status: Complete
+Profile: ./profiles/cryptocurrency.nix
+UI: 0
+Purity: 0
+Source: [/home/cw/0x00/profiles/cryptocurrency.nix](/home/cw/0x00/profiles/cryptocurrency.nix)
+
+Too many bitcoin wallets, need to trim a few off. Supports Trezor (open source hardware wallet), bitcoin(+cash), monero, and namecoin.
+
+## Calibre
+Status: WIP
+Profile: ./profiles/calibre.nix
+UI: 3
+Purity: 2
+Source: [https://github.com/janeczku/calibre-web](https://github.com/janeczku/calibre-web)
+
+Ebook reader/manager with webserver.
+
+## Charm
+Status: Server done, client needs a wrapper for the binary that points at the server.
+Profile: ./profiles/charm.nix
+UI: 2
+Purity: 0
+Source: [https://github.com/charmbracelet/charm](https://github.com/charmbracelet/charm)
+
+"Charm is a set of tools that makes adding a backend to your terminal-based applications fun and easy. Quickly build modern CLI applications without worrying about user accounts, data storage and encryption."
+
+It's a pretty slick tool. Check it (and skate) on Github
+
+[Charm](https://github.com/charmbracelet/charm)
+[Skate](https://github.com/charmbracelet/skate)
+
+## Fonts
+Profile: ./profiles/fonts.nix
+
+We got em. Nerdfonts are huge (~2G) and inevitably require upload/download from horrible connections and/or at the worst time.
+
+## Gemini
+Status: Clients Complete, Server WIP.
+Profile: ./profiles/gemini.nix
+UI: 0
+Purity: 0
+Source: [https://gemini.circumlunar.space](https://gemini.circumlunar.space)
+
+CLI, TUI, GUI clients are available.
+
+Gemini is a new internet protocol which:
+- Is heavier than gopher
+- Is lighter than the web
+- Will not replace either
+- Strives for maximum power to weight ratio
+- Takes user privacy very seriously
+
+## Gitea
+Status: Complete
+Profile: ./profiles/gitea.nix
+UI: 2
+Purity: 1
+Source: [https://github.com/go-gitea/gitea](https://github.com/go-gitea/gitea)
+
+Probably where you're reading this. Lightweight, but still familiar.
+
+## Encrypted pastebin
+
+Status: Exploratory
+
+There's a bunch of these types of things. 0bin, hedgedoc, and many others. A few of them kinda work but none have been evaluated on their merits.
+
+## File server
+Status: Completeish
+Profile: ./profiles/warez.nix
+UI: 0
+Purity: 0
+Source: [/home/cw/0x00/profiles/warez.nix](/home/cw/0x00/profiles/warez.nix)
+
+Users in group 'warez' can drop files in /var/www/warez/ to make them available at warez.${fqdn}.
+Next step is giving users their own subdomain for files.
+
+## Hardware Tokens
+Status: WIP
+Profile: ./profiles/u2f.nix
+UI: 1
+Purity: 1
+Source: [/home/cw/spacenix/profiles/u2f.nix](/home/cw/spacenix/profiles/u2f.nix)
+
+Supports using U2F/Fido2/webauthn tokens such as the trezor to log into your system, ssh, sudo, and as 2fa for webservices (gitea).
+
+## Invidious
+Status: Complete
+Profile: ./profiles/invidious.nix
+UI: 0
+Purity: 0
+Source: [https://github.com/iv-org/invidious](https://github.com/iv-org/invidious)
+
+Alternate youtube frontend. Lightweight, ad-free, tracking free, javascript not required, audio only mode, and much more. Can subscribe to channels independent from google. Supported by the sponsorblock firefox plugin. It's available at invidious.${fqdn}, don't miss it.
+
+## Jellyfin
+Status: Complete
+Profile: ./profiles/jellyfin.nix
+UI: 3
+Purity: 2
+Source: [https://github.com/jellyfin/jellyfin](https://github.com/jellyfin/jellyfin)
+
+Powerful media player with remote control and android clients. Supports synced playback with other clients over LAN or internet. Looks really nice, but playback/transcoding can be finnicky. Maybe [ffmpegfs](https://github.com/nschlia/ffmpegfs) can help smooth things out.
+
+## Jitsi
+Status: Complete
+Profile: ./profiles/jitsi.nix
+UI: 0
+Purity: 0
+Source: [https://github.com/jitsi/jitsi-meet](https://github.com/jitsi/jitsi-meet)
+
+Video chat service supporting end-to-end encryption. Zoom alternative.
+
+## libreddit
+Status: Complete
+Profile: ./profiles/libreddit.nix
+UI: 0
+Purity: 0
+Source: [https://github.com/spikecodes/libreddit](https://github.com/spikecodes/libreddit)
+
+Alternative reddit frontend. Lightweight, JS not required, and no trackers/ads. Eliminates the reddit.com dark patterns.
+
+## Email
+Status: Server complete, webmail and desktop clients WIP.
+Profile: ./profiles/mail.nix
+UI: 1
+Purity: 0-1
+Source: [/home/cw/0x00/profiles/mail.nix](/home/cw/0x00/profiles/mail.nix)
+
+Email server. May require DNS configuration. Doesn't automatically update alfis... yet.
+
+## Icecast
+Status: Needs ezstreamer or sth
+Profile: ./profiles/icecast.nix
+UI: 0
+Purity: 0
+
+Internet radio.
+
+## Matrix
+Status: Complete
+Profile: ./profiles/matrix.nix
+UI: 0
+Purity: 1
+Source: [https://github.com/matrix-org/synapse](https://github.com/matrix-org/synapse)
+
+Matrix is an eventually-consistent system for federated state exhange. Or a chat/voip system. New apps like forums/social media/webpage commenting(a la disqus) are being built on matrix backends, and bridging to other messaging services are first-class here.
+
+Synapse is a first-generation homeserver for matrix. It needs PAM integration via [https://github.com/14mRh4X0r/matrix-synapse-pam](https://github.com/14mRh4X0r/matrix-synapse-pam) so that system users can be created with nixos-magic, but this isn't implemented yet.
+
+## Mumble
+Status: Works
+Profile: ./profiles/mumble.nix
+UI: 1
+Purity: 2
+
+Mumble is a low-latency voice chat service. Included is a radio bot to play music from your music library.
+
+## NNCP
+Status: Complete
+Profile: ./profiles/nncp.nix
+UI: 3
+Purity: 0
+Source: [http://www.nncpgo.org/Tarballs.html](http://www.nncpgo.org/Tarballs.html)
+
+Node to Node copy is a collection of utilities simplifying secure store-and-forward files, mail and command exchanging.
+This utilities are intended to help build up small size (dozens of nodes) ad-hoc friend-to-friend (F2F) statically routed darknet delay-tolerant networks for fire-and-forget secure reliable files, file requests, Internet mail and commands transmission. All packets are integrity checked, end-to-end encrypted, explicitly authenticated by known participants public keys. Onion encryption is applied to relayed packets. Each node acts both as a client and server, can use push and poll behaviour model. Also there is multicasting areas support.
+
+Out-of-box offline sneakernet/floppynet, dead drops, sequential and append-only CD-ROM/tape storages, air-gapped computers support. But online TCP daemon with full-duplex resumable data transmission exists.
+
+## BTCPayServer
+Status: Complete
+Profile: ./profiles/nix-bitcoin.nix
+UI: 0
+Purity: 2
+Source: [https://github.com/btcpayserver/btcpayserver](https://github.com/btcpayserver/btcpayserver)
+
+A self-hosted cryptocurrency payment processor and storefront with lightning network support and hardware wallet integration.
+
+## Nix-bitcoin
+Status: 80%
+Profile: ./profiles/nix-bitcoin.nix
+UI: 2
+Purity: 2
+Source: [https://github.com/fort-nix/nix-bitcoin](https://github.com/fort-nix/nix-bitcoin)
+
+nix-bitcoin is a collection of Nix packages and NixOS modules for easily installing full-featured Bitcoin nodes with an emphasis on security.
+
+Check [github](https://github.com/fort-nix/nix-bitcoin) for the long list of features.
+
+## nodeinfo
+Status: Exploratory
+Profile: ./profiles/nodeinfo.nix
+UI: 3
+Purity: 0
+Source: [/home/cw/0x00/profiles/nodeinfo.nix](/home/cw/0x00/profiles/nodeinfo.nix)
+
+Directory for webservices on your computer. Like a start menu but for things in your browser, built automatically (soon).
+
+## peertube
+Status: Exploratory
+Profile: ./profiles/peertube.nix
+UI: 4
+Purity: 1
+Source: [https://github.com/Chocobozzz/PeerTube](https://github.com/Chocobozzz/PeerTube)
+
+Federated video server that supports webtorrent for load distribution. Be part of a network of multiple small federated, interoperable video hosting providers. Follow video creators and create videos. No vendor lock-in. All on a platform that is community-owned and ad-free.
+
+## pelican site generator
+Status: Complete
+Profile: ./profiles/pelican.nix
+UI: 0
+Purity: 1
+
+Pelican is a static site generator that takes markdown and builds something normies care about. The profile automatically rebuilds your site on any updates to the source markdown. It's in syncthing for easy editing from any computer or phone.
+
+## plik
+Status: Complete
+Profile: ./profiles/plik.nix
+UI: 1
+Purity: 0
+Source: [https://github.com/root-gg/plik](https://github.com/root-gg/plik)
+
+Featureful temporary file upload service that supports command-line (curl) or browser interfaces. Aditional features such as self-destructing files and streaming files directly from uploader to downloader (nothing stored on server). Thunderbird addon for uploading attachments to plik is available [here](https://gitlab.com/joendres/filelink-plik).
+
+## powersave
+
+Status: Complete
+
+UI: 1
+
+Purity: 0
+
+Power-save mode that includes tlp, upower, throttled, powertop, and cpu frequency governor.
+
+## Installation/Recovery disk
+Status: Complete
+Profile: ./profiles/recovery.nix
+UI: 0
+Purity: 0
+Source: [/home/cw/0x00/profiles/recovery.nix](/home/cw/0x00/profiles/recovery.nix)
+
+Disk with a full suite of software to fix a broken computer, intall the operating system, and in general for tech work. Can also be used as a usb-bootable server if you need to temporarily host some services. For the full list of available software, see the profile.
+
+## searx
+Status: Complete
+Profile: ./profiles/searx.nix
+UI: 1
+Purity: 0
+Source: [https://github.com/searx/searx](https://github.com/searx/searx)
+
+Privacy-respecting, extensible, and configurable metasearch engine.
+
+## Shell
+Status: Complete
+Profile: ./profiles/zsh-starship.nix
+UI: 1
+Purity: 0
+Source: [/home/cw/0x00/profiles/zsh-starship.nix](/home/cw/0x00/profiles/zsh-starship.nix)
+
+zsh+oh-my-zsh+starship is default. [Powerlevel10k](/home/cw/0x00/profiles/zsh-p10k.nix) is also available.
+
+## Syncthing
+Status: 50%
+Profile: ./profiles/syncthing.nix
+UI: 3
+Purity: 2
+Source: [https://github.com/syncthing/syncthing](https://github.com/syncthing/syncthing)
+
+P2P file sync service. Works imperitavely, but declarative syncthing looks ugly. Need a nix way to generate syncthing IDs from keys.
+
+## Tiling Window Manager
+
+Status: Complete
+
+UI: 1
+
+Purity: 1
+
+Tiling WMs are default. i3/xfce is complete, but I am not a big fan of bismuth for kde.
+
+## twtxt
+
+Status: Complete
+
+UI: 0
+
+Purity: 1
+
+Distributed microblogging.
+
+## Whiteboard Online
+
+Status: Complete
+
+UI: 0
+
+Purity: 0
+
+Collaborative online whiteboard.
+
+## yggdrasil
+
+Status: Complete
+
+UI: 2
+
+Purity: 1
+
+Yggdrasil is an overlay network implementation of a new routing scheme for mesh networks. It is designed to be a future-proof decentralised alternative to the structured routing protocols commonly used today on the Internet and other networks. The highlights of Yggdrasil are that it is:
+- Scalable
+Supports large, complex or even internet-scale topologies
+
+- Self-healing
+Network responds quickly to connection failures or mobility events
+
+- Encrypted
+Traffic sent across the network is always fully end-to-end encrypted
+
+- Peer-to-peer
+Works entirely ad-hoc by design with no built-in points of centralisation
+
+- Publicly reachable, static IPs.
+No NATs or firewalls to interfere with nodes connecting directly to each other. IPs are static regardless of where on the network a node connects.
+
+## yggmail
+
+Status: Complete
+UI: 1
+Purity: 0
+
+ Yggmail is a single-binary all-in-one mail transfer agent which sends and receives email natively over the Yggdrasil Network.
+
+ Yggmail runs just about anywhere you like — your inbox is stored right on your own machine;
+ Implements IMAP and SMTP protocols for sending and receiving mail, so you can use your favourite client (hopefully);
+ Mails are exchanged between Yggmail users using built-in Yggdrasil connectivity;
+ All mail exchange traffic between any two Yggmail nodes is always end-to-end encrypted without exception;
+ Yggdrasil and Yggmail nodes on the same network are discovered automatically using multicast or you can configure a static Yggdrasil peer.
+
+
+
+## yggspot
+
+Status: Untested
+
+UI: 0
+
+Purity: 0
+
+Implements a yggdrasil hotspot as described [here](https://gitea.kernelpanic.cafe/cw/errata/src/branch/master/yggspot.md).
+
+# Ideals
+
+If you aim for the stars, the worst that could happen is that you blow up on the launch pad.
+
+## Full Stack Libre
+
+Open source from the silicon to the network. Excited about RISC-V.
+
+## Lightweight
+
+Minimize resource use
+
+## Mobile Identities
+
+You should be able to log into your personalized system running locally on any other computer by simply entering user@domain on login.
+
+## Resilient
+
+Your system configuration and data, including encrypted data, should be restorable from a single private key like a BIP39 seed on any fresh computer.
+
+## Passwordless
+
+Usernames and passwords suck. Skip them whenever possible.
+
+## Paintext
+
+Plaintext files are extraordinarily powerful for users of your program:
+- These can be edited by hand or programmatically
+- searching/indexing local text files happens faster than any web search
+- You don't need any special software on any platform
+
+## Peer to Peer
+
+The client-server paradigm should be migrated to a peer-to-peer model as much as possible. Servers should be able to run on your old computers, instead of throwing them out.
+
+## New and old
+
+Old technologies are worth revisiting or remixing with new technologies. Ex: Yggdrasil gives every computer a public, static, IP with end-to-end encrypted traffic, regardless of where they connect to the network. This plus Alfis allows every computer to run it's own email server on it's own domain name.
+
+## Minimize Manual Configuration
+
+Manual configuration should be minimized with sensible defaults, but never at the expense of personalization.
+
+## Experiment
+
+Do things differently, but don't cling to them for novelty's sake if they don't work out.
+
+# NOT INTENDED FOR PUBLIC RELEASE
+
+The repository is made public to send snippets to others that may be intersted in the project, but it should currently be considered pre-alpha and is not currently intended for public release. Documentation is zero and it should currently be considered unstable as development happens on the public server so some services listed below (or the entire server) may have intermittent availability.
+
+That said the developer uses it on his daily-driver and it should run fine with only a minimal amount of manual configuration. Feel free to contact me on email `echo "sy@Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` or matrix `echo "@sy:Xiuliejblrs.sbni" | tr subterminalXjoy crablikefunkpow` and I can help you get running quickly.
+
+# Using this node (lol)
+
+**TL;DR From after connecting to the yggdrasil network, set your DNS to `200:6713:b624:259:9729:86d5:3233:fa9b`.**
+
+Currently 0x00 requires a DNS resolver that resolves the [Alfis](https://github.com/Revertron/Alfis/) name system and a connection to the yggdrasil network. This server runs an Alfis/OpenDNS/ICANN resolver at `200:6713:b624:259:9729:86d5:3233:fa9b` port 53, but you knew that.
+
+Several more DNS resolvers that support Alfis are listed on the yggdrasil [services page](http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/).
+
+Services not being accessible directly by IP is considered a bug and is tracked by http://gitea.0x00.ygg/syntaXerror/0x00/issues/4
+
+# As a Desktop
+
+Several shells are supported including:
+- bash
+- zsh+oh-my-zsh+(p10k/starship)
+
+You get a load of timesaving aliases in ./profiles/alias.nix.
+These probably need some pruning, and the functions in ./.alias need nixification.
+
+Several DE/WM combos are supported including:
+- i3+xfce
+- plasma5+bismuth (tiling WM plugin)
+
+## Gemini
+
+- [gemget](https://github.com/makeworld-the-better-one/gemget/)
+Like `curl` for geminispace.
+
+- [amfora](https://github.com/makeworld-the-better-one/amfora)
+TUI browser for gemini.
+
+- [lagrange](https://github.com/skyjake/lagrange)
+Full featured GUI browser for gemini. Lagrange is only built if xserver is enabled.
+
+# notes
+
+The first user created in gitea is admin, so make that user asap after enabling the service.
projects / MarigoldOS / .git / commitdiff