this post was submitted on 22 Jan 2024
15 points (100.0% liked)

nixos

1262 readers
3 users here now

All about NixOS - https://nixos.org/

founded 4 years ago
 

So, I got into NixOS and installed it on a VPS a few days ago. I've previously used yunohost.org (a debian based all-in-one selfhosting solution) and docker-compose. But I (now) really like the Nix(OS) approach, the amount of packaged software and how everything ties together in a clean server configuration.

However... I need a bit more information on the server stuff. Are there nice configurations around which I can incorporate and learn from? Extensive tutorials from other people who run their own services or communities?

I mean the basic stuff isn't a problem. I got Nextcloud and the most important stuff running, a DNS Adblocker, a chat server, nginx etc. But ultimately I'd like to share some services with friends and family. So I need single sign-on (SSO), preferably with an LDAP directory. An email server... And the Wiki and just googling it stop being helpful at this point.

Are there people who share their experience with LDAP/Authentik/Zitadel/Authelia/Keycloak / whatever SSO/Authentication software is packaged in Nix but I can't find anything about from people who actually use it? A comparison of the several available email servers?

you are viewing a single comment's thread
view the rest of the comments
[–] nrbray@lemmy.ml 7 points 9 months ago (1 children)

Here's mine fwiw - no SSO or LDAP but might add something to what you find. My journey is to move from a NixOS user of 2 years and 1 year 'all in'. I run my own mail server with NixOS.

nixos-mailserver works well for me. The package set runs faultlessly on the smallest OVH vps. NixOS gives me the ability to redeploy anywhere painlessly and the backup need is limited to a dovecot sync. Dovecot sync is neat: with a 2nd identical vps (match configuration.nix) and non functional but services running duplicates all the live mail data with one command.

I am going all in on Rust too. There is a rust based mail server being developed that I might track as a migration in years to come.

Reading material

Learn { NixOS, Nix }

Flake specific

are simply a special entry point for Nix code with a built in pinning system

[–] h3ndrik@feddit.de 3 points 9 months ago (1 children)

Wow. Thanks. Guess the "your previous linux knowledge doesn't really apply to NixOS" is correct. I already found the lengthy lists of stuff to read up on... I'll add this to my "read later" list :-D

Stalwart sounds nice, too. Since I'm just setting everything up, maybe I can try both mailservers. I've now had 2 people recommend the simple nixos-mailserver.

[–] nrbray@lemmy.ml 2 points 9 months ago (1 children)

Great, please may I ask if you would share other sources worth reading.

I think previous Linux knowledge helps, just less needed for newcomers; NixOS has been described as capturing others' 20 years experience for us to use. Nixos-mailserver is a great example. I used that out of the box and only with user knowledge of NixOS, none of mail tools. Otherwise mail servers are too hard I gathered.

I've found lots more to learn about Nix for development environments.

You might want to use nixos-mailserver first for production - after my research I was gobsmacked at how quickly it went. I relied totally on NixOS. Your milage might vary but I'd be shocked if it takes less than 10 times as long another way.

[–] h3ndrik@feddit.de 2 points 9 months ago (1 children)

Uh, just tried to install Stalwart, the Rust mailserver suite. It's nice. But you have to switch to nixos-unstable to get some important features as of now. And then I can't find any resources on how to set it up. Meaning there are no sane defaults floating around on the internet and it's really a chore to learn the internals and come up with a proper config. Maybe the nix-mailserver is a better choice for now.

[–] nrbray@lemmy.ml 2 points 9 months ago

Good that you tried. Nix simple mailserver is really neat. I am very pleased with it. I feel something like stalwart might take years to mature, but worth watching.