No description

Nix 62.4%
Python 30.1%
Shell 2.1%
HTML 2.1%
TypeScript 1.3%
Other 1.9%

Find a file

Repository files (latest commit first)
Filename	Latest commit message	Latest commit date
Kiara Grouwstra 8b75b66892 All checks were successful checks-api-asyncapi-validate / api-asyncapi-validate (push) Successful in 7s Details checks-api-docs / api-docs (push) Successful in 7s Details checks-api-openapi-validate / api-openapi-validate (push) Successful in 7s Details checks-api-python-tests / api-python-tests (push) Successful in 6s Details checks-api-http / api-http (push) Successful in 11s Details Nix flake completeness check / _complete (push) Successful in 28s Details checks-deployment-nixos-hosts / deployment-nixos-hosts (push) Successful in 29s Details checks-deployment-ssh-hosts / deployment-ssh-hosts (push) Successful in 30s Details checks-deployment-tf-hosts / deployment-tf-hosts (push) Successful in 40s Details checks-integrations-spire-openbao / integrations-spire-openbao (push) Successful in 13s Details checks-panel-migrations / panel-migrations (push) Successful in 6s Details checks-panel-basic / panel-basic (push) Successful in 12s Details checks-test-otel-wiring / test-otel-wiring (push) Successful in 10s Details checks-treefmt / treefmt (push) Successful in 6s Details checks-test-peertube-service / test-peertube-service (push) Successful in 19s Details checks-apps-api / apps-api (push) Successful in 1m27s Details checks-ty / ty (push) Successful in 6s Details devShells-default / default (push) Successful in 13s Details checks-apps-tf-incus / apps-tf-incus (push) Successful in 1m30s Details checks-deployment-tf-incus-hosts / deployment-tf-incus-hosts (push) Successful in 1m13s Details nix-unit-effects-tf-common-conversion / effects-tf-common-conversion (push) Successful in 9s Details nix-unit-effects-common-lib / effects-common-lib (push) Successful in 17s Details nix-unit-lib-data-model / lib-data-model (push) Successful in 18s Details nix-unit-lib-function / lib-function (push) Successful in 18s Details nixosConfigurations-hosting-provider-api / hosting-provider-api (push) Successful in 4s Details nix-unit-lib-lib / lib-lib (push) Successful in 17s Details nixosConfigurations-hosting-provider-otel-collector / hosting-provider-otel-collector (push) Successful in 3s Details nixosConfigurations-hosting-provider-panel / hosting-provider-panel (push) Successful in 4s Details nixosConfigurations-hosting-provider-windmill / hosting-provider-windmill (push) Successful in 4s Details nixosConfigurations-operator-combined / operator-combined (push) Successful in 3s Details nix-unit-resources-otel / resources-otel (push) Successful in 21s Details nixosConfigurations-operator-peertube / operator-peertube (push) Successful in 4s Details flake-show / apps-ssh (push) Successful in 1m35s Details checks-docs / docs (push) Successful in 3m5s Details checks-apps-panel / apps-panel (push) Successful in 4m13s Details checks-apps-tf / apps-tf (push) Successful in 5m34s Details add `ty` Python type checker (#1044 ) Wires the astral-sh `ty` type checker into the repo with devShell and CI parity, mirroring how `treefmt` is integrated: - `nix/ty-check.nix`: a `ty-check` wrapper that builds a combined `python3.withPackages` env from the first-party `api` and `panel` packages (so `ty` resolves both third-party imports -- django_5, fastapi, pydantic, httpx, ... -- and the generated `fediversity_api_client`), plus `selenium` and `beautifulsoup4` for the NixOS-test browser/scraping scripts, and bakes it into a single `ty` command. Defined once and reused by all three call sites below so they run an identical check; `ty` discovers `ty.toml` in the working directory. - `ty.toml`: checks every `.py` in the repo rather than an allowlist, so new files are covered automatically -- `ty` discovers all Python under the project root and honours `.gitignore` (build artifacts and fetched sources are skipped), and only `npins/**` is excluded. This includes the NixOS-test helper scripts under `checks/` and `src/applications/operator/`, which are real Python on disk -- their `@placeholder@` substitutions all sit inside string literals. The NixOS test driver injects per-node machine handles (`server`, `deployer`, ...) and helpers (`subtest`) as globals it cannot declare, so `unresolved-reference` is scope-relaxed via `[[overrides]]` to just the driver-run scripts (the standalone selenium scripts keep the rule). Django ORM members (`Model.objects`, `DoesNotExist`) that `ty` cannot resolve without a Django plugin (it has none, and does not support mypy plugins) are likewise scope-relaxed. - `default.nix`: a custom `ty` git-hook in `precommitFor` whose `entry` is the `ty-check` wrapper via `getExe` (devShell parity), plus the wrapper exposed in the dev shell for running the check by hand. - `checks/default.nix`: a dedicated `ty` flake check reusing the same wrapper (CI parity), plus its `meta.description`. - `.forgejo/workflows/checks-ty.yaml` and the `ty` case in `nix-flake-check.sh` so the generated CI workflow stays in sync. In-scope code is driven to green by fixing real findings rather than blanket-ignoring: return/argument-type mismatches in `api/`, a `get_object` override and dynamic-import in `panel/`, `assert ... is not None` narrowing in tests, and -- from the newly-covered test scripts -- a `str \| None` `get_attribute` guard (`peertube/post-video-in-browser.py`), an `isinstance(..., Tag)` narrowing before subscripting a BeautifulSoup `find` (`panel/nix/test-script.py`), and an `isinstance(..., RemoteConnection)` narrowing before `set_timeout` (`apps/panel/interact-with-panel.py`). Closes #1039. Reviewed-on: #1044		2026-06-06 00:41:55 +02:00
.forgejo	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
api	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
checks	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
docs	Move formatting over to treefmt (#1012 )	2026-06-04 19:37:21 +02:00
examples	default.nix: load hosting-provider `environments` overrides from `HOSTING_ENV_CONFIG` (#871 )	2026-04-30 23:14:00 +02:00
keys	switch to new CI node (#1030 )	2026-06-02 22:39:16 +02:00
nix	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
npins	port TLS/SSL handling to the `contracts.ssl` contract (#1041 )	2026-06-05 16:12:15 +02:00
panel	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
src	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
.envrc	Move formatting over to treefmt (#1012 )	2026-06-04 19:37:21 +02:00
.gitignore	update nixpkgs (#790 )	2026-04-28 19:53:36 +02:00
default.nix	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00
flake.lock	use data model (#597 )	2026-03-02 20:01:06 +01:00
flake.nix	use data model (#597 )	2026-03-02 20:01:06 +01:00
LICENSE	Initial commit	2024-10-02 12:13:02 +02:00
README.md	Move formatting over to treefmt (#1012 )	2026-06-04 19:37:21 +02:00
shell.nix	full-fledged-default-nix (#666 )	2025-12-10 21:35:14 +01:00
treefmt.nix	fixes from treefmt addition (#1012 ) (#1040 )	2026-06-04 20:58:01 +02:00
ty.toml	add `ty` Python type checker (#1044 )	2026-06-06 00:41:55 +02:00

README.md

The Fediversity project

This repository contains all the code and code-related files having to do with the Fediversity project.

Goals

Decentralise the operational responsibility for social media. Enable a more robust market of hosting providers, by making it easy to migrate operations and data to different providers.

Note that Fediversity is not about self-hosting. There already exist solutions for self-hosting, but they're not suitable for what we're trying to do. The ones we're aware of require substantial technical knowledge and time commitment by system-operators, especially for scaling to thousands of users. Not everyone has the expertise and time to run their own server.

Status: in development

see our:

Interactions

To reach these goals, we aim to implement the following interactions between actors (depicted with rounded corners) and system components (see the glossary, depicted with rectangles).

Actors

Fediversity project team

The group working on this repository. We are creating the deployment workflows and service configurations.

The project partners for Fediversity are:
Refer to fediversity.eu for more details about the project.
Hosting provider

They provide and maintain the physical infrastructure, and run the software in this repository, through which operators interact with their deployments. Hosting providers are technical administrators for these deployments, ensuring availability and appropriate performance.

We target small- to medium-scale hosting providers with 20+ physical machines.

We will provide a checklist and tips and tricks for starting new small-scale hosting providers.
Operator

They select the applications they want to run (Mastodon, Pixelfed, Matrix, Nextcloud, Immich etc.). They don't need to own hardware or deal with operations. Operators administer their services in a non-technical fashion, e.g. as moderators. They pay the hosting provider for registering a domain name, maintaining physical resources, and monitoring deployments.

What is always included in the offering is a domain name and e-mail.

Operators also function as first level support for their users.
User

They are individuals that are not necessarily affiliated with any organisation. They register an account on services (e.g. Mastodon) run by the operators, and e.g. post content. Users don't need to administrate anything.

The Fediversity offering is aimed at one or two operators servicing 1 to 100 users. Where one hosting provider has to be able to scale to at least 1000 of operators.

Glossary

Fediverse

A collection of social networking applications that can communicate with each other using a common protocol.
Application

User-facing software run fully automated by the hosting provider for an operator.
Configuration

A collection of settings for a machine running NixOS.

Example: Configurations are deployed to VMs or containers.
Provision

Make a resource, such as a virtual machine, available for use.
Deploy

Put software, such as applications, onto computers. The software includes technical configuration that links software components. Most user-facing configuration remains untouched by the deployment process.
Migrate

Move service configurations and deployment state, including user data, from one hosting provider to another.

Migrations will trigger (significant amount of, e.g. days) service unavailability but no data loss.
Runtime backend

A type of digital environment one can run operating systems such as NixOS on, e.g. bare-metal, a hypervisor, or a container runtime.
Runtime environment

The thing a deployment runs on, an interface against which the deployment is working. See runtime backend.
Runtime config

Configuration logic specific to a runtime backend, e.g. how to deploy, how to access object storage.

Development

All the code made for this project is freely licenced under EUPL. This means, anyone can use the work here to learn from it or change it according to their needs. You can even read up on development proceedings.

Contact the project team if you have questions or suggestions, or if you're interested in using Fediversity software for your operations:

E-mail: mailto:contact@fediversity.eu
Mastodon: https://mastodon.fediversity.eu/@fediversity

Content of this repository

Most of the directories in this repository have their own README going into more details as to what they are for. As an overview:

keys/ contains the public keys of the contributors to this project as well as the systems that we administrate.
panel/ contains the code of our front-end.
src/ contains source code handling deployments.

Usage

Loading the nix shell should install a pre-commit hook.