diff --git a/NixOS-configuration-restructuring/configuration-diagram-2023-07.pum b/NixOS-configuration-restructuring/configuration-diagram-2023-07.pum new file mode 100644 index 0000000..73def4f --- /dev/null +++ b/NixOS-configuration-restructuring/configuration-diagram-2023-07.pum @@ -0,0 +1,186 @@ +@startuml + +/' + ' left to right direction + '/ +/' + ' skin rose + '/ + +cloud "overlay\ncommit @ git.selfprivacy.org" as overlay { + component "selfprivacy graphql api" as selfprivacy_graphql_api +} + +cloud "selfprivacy-rest-api\ncommit @ git.selfprivacy.org" as selfprivacy_rest_api_commit { + component "python app" as selfprivacy_api_app +} + +selfprivacy_graphql_api <<-- selfprivacy_rest_api_commit +/' + ' selfprivacy_rest_api_commit ->> selfprivacy_graphql_api + '/ + + +file "hardware-configuration.nix" as hardware_configuration +card "grub.device" as hw_grub_device +card "initrd.kernelModules" as hw_kernelModules +card "fileSystems" as hw_fileSystems + +hardware_configuration <-- hw_grub_device +hardware_configuration <-- hw_kernelModules +hardware_configuration <-- hw_fileSystems +note top of hardware_configuration : what generates it? + +note bottom of hw_fileSystems : always the same? + +note "hosting dependant" as note_hosting + +hw_grub_device <<.. note_hosting +hw_kernelModules <<.. note_hosting + +file "api.nix\napi-module.nix" as api +file files [ + files.nix + --- + ""systemd.tmpfiles.rules"" + ""systemd.activationScripts"" + ""/var/lib/nextcloud"" + ""/var/lib/cloudflare"" + ""/var/lib/pleroma"" + ""/var/lib/bitwarden"" + ""/root/.config/rclone"" +] +file "volumes.nix" as volumes { + card "fileSystems" as fileSystems_from_userdata +} +file "users.nix" as users { + card "users.users" as users_from_userdata +} +file "variables.nix\nvariables-module.nix" as variables +file "letsencrypt/acme.nix\nletsencrypt/resolve.nix" as acme +/' + ' file "backup/restic.nix" as restic + ' file "gitea.nix" as gitea + ' file "mailserver/system/mailserver.nix" as mailserver + ' file "nextcloud.nix" as nextcloud + ' file "passmgr/bitwarden.nix" as bitwarden + ' file "limits.nix" as limits + ' file "pleroma.nix" as pleroma + ' file "jitsi.nix" as jitsi + ' file "vpn/ocserv.nix" as ocserv + ' file "webserver/nginx.nix" as nginx + ' file "webserver/memcached.nix" as memcached + '/ +component "<>" as some_service +cloud " nixpkgs\ncommit @ github.com (?)" as nixpkgs + + +folder """/etc/nixos/userdata/""" as userdata_folder { + file "schema.json\n(who uses?)" as schema + file "tokens.json" as tokens + file "tokens_schema.json\n(who uses?)" as tokens_schema + file "userdata.json" as userdata +} +selfprivacy_api_app <|.... tokens + +file "configuration.nix" as configuration +nixpkgs -->> configuration +configuration <<-l- hardware_configuration +/' + ' configuration <<-- overlay + '/ +overlay -->> configuration +configuration <<-- variables : ...\nstateVersion\n... + +configuration <<-- files +userdata -[dotted]->> files +files <|-- userdata : secrets\nby ""jq"" and ""sed"" in\n""activationScripts""\n!!! +variables <<-- userdata : values extraction\nfrom JSON + +configuration <<-- volumes +userdata -[dotted]->> fileSystems_from_userdata : volumes + +configuration <<-- users +userdata -[dotted]->> users_from_userdata : users + +configuration <<-- api +api <<-[dotted]- userdata : Swagger,\nb2Bucket +api <-[dotted]- selfprivacy_graphql_api + +configuration <<-- acme +userdata -[dotted]->> acme : username,\ndomain + +configuration <<-- some_service +userdata -[dotted]->> some_service : enable,\nsettings + +/' + ' configuration <<-- mailserver + ' userdata -[dotted]->> mailserver + ' + ' configuration <<-- ocserv + ' userdata -[dotted]->> ocserv + + ' configuration <<-- pleroma + ' userdata -[dotted]->> pleroma + ' + ' configuration <<-- restic + ' userdata -[dotted]-->> restic + ' + ' configuration <<-- bitwarden + ' userdata -[dotted]-->> bitwarden + ' + ' configuration <<-- nginx + ' userdata -[dotted]->> nginx : domain + ' + ' configuration <<-- memcached + ' + ' configuration <<-- nextcloud + ' userdata -[dotted]-->> nextcloud : enable,\ndomain + ' + ' configuration <<-- jitsi + ' userdata -[dotted]-->> jitsi : enable,\ndomain + ' + ' configuration <<-- gitea + ' userdata -[dotted]-->> gitea : enable,\ndomain + '/ + +/' + ' memcached --->> configuration + '/ + +/' + ' folder api as api_folder + ' folder backup as backup_folder + ' folder git as git_folder + ' folder letsencrypt as letsencrypt_folder + ' folder "mailserver/system" as mailserver_folder + ' folder nextcloud as nextcloud_folder + ' folder passmgr as passmgr_folder + ' folder resources as resources_folder + ' folder social as social_folder + ' folder videomeet as videomeet_folder + ' folder vpn as vpn_folder + ' folder webserver as webserver_folder + '/ + +/' + ' api_folder -- api_module + ' api_folder -- api + ' backup_folder -- restic + ' git_folder -- gitea + ' letsencrypt_folder -- acme + ' letsencrypt_folder -- resolve + ' mailserver_folder -- mailserver + ' nextcloud_folder -- nextcloud + ' passmgr_folder -- bitwarden + ' resources_folder -- limits + ' social_folder -- pleroma + ' videomeet_folder -- jitsi + ' vpn_folder -- ocserv + ' webserver_folder -- memcached + ' webserver_folder -- nginx + '/ + + + +@enduml