diff --git a/README.md b/README.md index 83a55dc..838e5a3 100644 --- a/README.md +++ b/README.md @@ -98,10 +98,13 @@ The script will guide you through the setup process, including choosing a deploy #### Desktop-centric features : - **[GNOME](https://www.gnome.org):** A modern, elegant desktop environment. - **[KDE Plasma](https://kde.org):** A full-featured and highly customizable desktop environment. +- **[XFCE](https://xfce.org)**: A super lightweight desktop to breathe new life into old computers. +- **[Wide offering of free and open-source apps](https://flathub.org/en/apps)**: If you need to get something done, there is an app for it. +- **[Windows games compatibility](https://www.protondb.com)**: Most games run on Linux thanks to Proton. #### TV-centric features : - **[KDE Plasma Bigscreen](https://plasma-bigscreen.org):** An open-source TV interface for Linux. - +- **[Web applications](https://flathub.org/en/apps/net.codelogistics.webapps)**: Install websites as apps. ## πŸ”§ Deployment Modes diff --git a/numbus-backup-server.conf b/configuration-files/numbus-backup-server.conf similarity index 100% rename from numbus-backup-server.conf rename to configuration-files/numbus-backup-server.conf diff --git a/numbus-computer.conf b/configuration-files/numbus-computer.conf similarity index 100% rename from numbus-computer.conf rename to configuration-files/numbus-computer.conf diff --git a/configuration-files/numbus-server.conf b/configuration-files/numbus-server.conf new file mode 100644 index 0000000..94ff582 --- /dev/null +++ b/configuration-files/numbus-server.conf @@ -0,0 +1,101 @@ +### MANDATORY SETTINGS ### + +## πŸ“¦ Live target settings +# See docs/numbus-server/configuration/live_target.md +LIVE_TARGET_IP="192.168.1.10" +LIVE_TARGET_PASSWD="example" + + +## βš™οΈ Server settings +# See docs/numbus-server/configuration/server.md +SERVER_LANGUAGE="FR" +SERVER_LOCALE="fr_FR" +SERVER_TIMEZONE="Europe/Paris" +SERVER_OWNER_NAME="yourName" +SERVER_ADMIN_EMAIL="admin@your-domain.com" +SERVER_AUTHORIZED_SSH_PUBKEYS=( "ssh-ed25519 AAAAoefzefpoipoeCEZJCPEACPAcjapjcpajepcjAPJECJPEJAPJAZ yours@yourdomain.com" ) + + +## πŸ“¬ Mail settings +# See docs/numbus-server/configuration/mail.md +SMTP_SERVER_USERNAME="your-address@your-domain.com" +SMTP_SERVER_PASSWORD="emrp raps vzoi vnoe" +SMTP_SERVER_HOST="smtp.yourdomain.com" +SMTP_SERVER_PORT="587" + + +## πŸ›œ Network settings +# See docs/numbus-server/configuration/network.md +NETWORK_SUBNET="192.168.1.0/24" +NETWORK_ROUTER_IP="192.168.1.1" +HOME_SERVER_IP="192.168.1.5" + + +## πŸ› οΈ Services settings +# See docs/numbus-server/configuration/services/index.md +DOMAIN_NAME="yourdomain.com" +SELECTED_DNS_SERVICE="pi-hole" # or SELECTED_DNS_SERVICE="adguard" +SELECTED_WEB_APPLICATIONS=( + "crafty" + "frigate" + "gitea" + "home-assistant" + "homepage" + "immich" + "it-tools" + "jellyfin" + "n8n" + "netbootxyz" + "nextcloud" + "ntfy" + "odoo" + "passbolt" + "uptime-kuma" + "vscodium" +) +SELECTED_SYSTEM_SERVICES=( + "clamav" + "virtualization" +) + + +## 🚦 Traefik settings +# See docs/numbus-server/configuration/services/automatic_ssl_certs.md +CLOUDFLARE_DNS_API_TOKEN="yourToken" + + + +### OPTIONAL SETTINGS ### + +## ⛏️ Crafty settings +# See docs/numbus-server/configuration/services/crafty.md +DYNMAP_ENABLED="false" +WANTED_NUMBER_OF_JAVA_MINECRAFT_SERVERS="1" +WANTED_NUMBER_OF_BEDROCK_MINECRAFT_SERVERS="0" + + +## πŸ“œ Script settings +# See docs/numbus-server/configuration/script.md +VERBOSE="true" + + +## πŸ—Ί Custom subdomains +# See docs/numbus-server/configuration/services/custom_subdomain.md +PI_HOLE_SUBDOMAIN="pi-hole" +ADGUARD_SUBDOMAIN="adguard" +CRAFFY_SUBDOMAIN="crafty" +FRIGATE_SUBDOMAIN="frigate" +GITEA_SUBDOMAIN="gitea" +HOME_ASSISTANT_SUBDOMAIN="home-assistant" +HOMEPAGE_SUBDOMAIN="homepage" +IMMICH_SUBDOMAIN="immich" +IT_TOOLS_SUBDOMAIN="it-tools" +JELLYFIN_SUBDOMAIN="jellyfin" +N8N_SUBDOMAIN="n8n" +NETBOOTXYZ_SUBDOMAIN="netbootxyz" +NEXTCLOUD_SUBDOMAIN="nextcloud" +NTFY_SUBDOMAIN="ntfy" +ODOO_SUBDOMAIN="odoo" +PASSBOLT_SUBDOMAIN="passbolt" +UPTIME_KUMA_SUBDOMAIN="uptime-kuma" +VSCODIUM_SUBDOMAIN="vscodium" \ No newline at end of file diff --git a/numbus-tv.conf b/configuration-files/numbus-tv.conf similarity index 100% rename from numbus-tv.conf rename to configuration-files/numbus-tv.conf diff --git a/configurator/favicon.ico b/configurator/favicon.ico new file mode 100644 index 0000000..d7151a8 Binary files /dev/null and b/configurator/favicon.ico differ diff --git a/configurator/index.html b/configurator/index.html new file mode 100644 index 0000000..bee35e5 --- /dev/null +++ b/configurator/index.html @@ -0,0 +1,1225 @@ + + + + + + Numbus Configurator + + + + + + + + + + + +
+ + + + + +
+ + +
+ Numbus Logo +

Welcome to Numbus

+

Let's transform your hardware into a powerful, private appliance. We'll guide you through discovery and configuration.

+ +
+ + + +

Privacy First: No data entered here ever leaves your device. This configurator runs entirely locally in your browser and is fully private.

+
+ + +
+ + +
+
+ + +
+
+

Deployment Mode

+

How would you like to set up your device?

+
+
+ + +
+
+ + +
+
+

Device Type

+

Select the personality for your new Numbus machine.

+
+
+ +
+
+ + +
+
+

Live Setup

+

Follow these steps to prepare your hardware for discovery.

+
+
+
+
+
1
+

Create a NixOS Boot ISO and flash it to a USB drive.

+
+
+
2
+
+

In BIOS, enable UEFI, VT-x/SVM, VT-d/IOMMU, TPM 2.0 and Disable Secure Boot.

+
+
+
+
3
+

Boot the device. Type ip a to get the IP, then passwd to set a temporary password.

+
+
+
+
+ + +
+
+ + +
+ +
+
+
+ + +
+
+
+
+
+

Hardware Discovery in Progress

+

We're remotely probing your machine for disks and interfaces. This usually takes 1-2 minutes.

+
+ + +
+
+

Language

+

Set your regional preferences to ensure correct time and language display.

+
+
+
+
+ + +
+

Choose the language for your server's system and primary interfaces.

+ +
+
+
+ + +
+

Defines regional formats for dates, currencies, and numbers (e.g., en_US for USA).

+ +
+
+
+ + +
+

Used to synchronize server logs, backups, and scheduled updates with your local time.

+ +
+
+
+ + +
+
+
+

Users

+

Manage people and their access permissions.

+
+ +
+ +
+ +
+ + +
+ + +
+
+ + +
+ + +
+
+
+ + +
+
+

Mail

+

Configure system notifications and service alerts.

+
+
+
+
+ + +
+

The email address used to send alerts (e.g. system@yourdomain.com).

+ +
+
+
+ + +
+

The password or app-token for the sender email account.

+ +
+
+
+ + +
+

The server address of your email provider (e.g. smtp.gmail.com).

+ +
+
+
+ + +
+

The network port for secure mail transmission. Common: 587 (TLS) or 465 (SSL).

+ +
+
+
+ + +
+
+

Network

+

Target host networking and server IP allocation.

+
+
+
+
+ + +
+

The fixed address of your server on your local network. It should be outside your router's DHCP range.

+ +
+
+
+ + +
+

The address of the device providing internet (the gateway). Usually 192.168.1.1.

+ +
+
+
+ + +
+
+

Remote Access

+

Choose how you will access your server from outside your home.

+
+ +
+
+ + + + +
+
+ +
+ +
+

How to get your token:

+
    +
  1. Create an account at NetBird
    2. +
  2. Verify your email via the link sent to you
    3. +
  3. Navigate to Teams > Service Users
    4. +
  4. Click "Create Service User", name it "numbus-server" and set role to "Network Admin"
    5. +
  5. Click on the new user, then "Add Token". Name it "deployment" and set expiry to 7 days
    6. +
  6. Copy the token and paste it here!
    7. +
+
+
+
+ +
+ + + + + + +
+
+
+ + +
+
+

Security

+

Manage infrastructure access and advanced protection.

+
+ +
+ +
+
+
+ +
+ +
+ One login for everything. Centralized identity management via LLDAP and Authelia. Provides enterprise-grade security and 2FA for all your apps. +
+
+
+ +
+
+ + +
+
+
+ +
+ +
+ Allows you to share links (like Nextcloud folders) with friends who don't have NetBird. Only specific URLs are exposed; everything else remains locked behind the VPN. +
+
+
+ +
+
+
+ +
+
+ + +
+

A secure way to log in without a password. Like a physical key, but digital.

+

Paste here the public keys that are allowed to connect to your server's admin account (one per line).

+ +
+ + +
+
+ +
+

Security Warning: Anyone who possesses one of these public keys AND their corresponding private key will have full administrator access to your server. Protect your private keys as if they were physical keys to your home.

+
+
+ + +
+
+

Services

+

Choose the applications to deploy.

+
+ +
+
+
+ + +
+ +
+ +

DNS Filter

+
+ +
+ +

Web Applications

+
+ +
+ +

System Services

+
+ +
+
+ + +
+

+ + Crafty Control Settings +

+
+
+
+ + +
+
+ + +
+
+
+ + +
+
+
+
+
+ + +
+
+

Configuration Source

+

Link your Git repository containing the numbus.yaml file.

+
+
+
+ + +
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+

Setup Type

+

Are we creating a new server instance or restoring an existing one?

+
+
+ + +
+
+ +

Pull data from an existing numbus-backup-server.

+
+ +
+ +
+ + + +
+
+
+ + +
+
+

Environment Overrides

+

Apply specific tweaks to this local deployment.

+
+

Select settings you wish to override from the Git configuration.

+
+ +
+

tweaks: []

+
+
+
+ + +
+
+
+
+

Deploying Numbus...

+
+
+ Live Terminal Logs + +
+
+

> Initializing nixos-anywhere...

+

> Checking connection to target...

+

> Copying closure to remote...

+
+
+ + +
+
+

Configuration Source

+

Link your Git repository containing the numbus.yaml file.

+
+
+
+ + +
+
+
+ + +
+
+ + +
+
+
+
+ + +
+
+

Setup Type

+

Are we creating a new server instance or restoring an existing one?

+
+
+ + +
+
+ +

Pull data from an existing numbus-backup-server.

+
+ +
+ +
+ + + +
+
+
+ + +
+
+

Environment Overrides

+

Apply specific tweaks to this local deployment.

+
+
+

Select settings you wish to override from the Git configuration.

+
+ tweaks: [] +
+
+
+ + +
+
+
+
+

Deploying Numbus...

+
+
+ Live Terminal Logs + +
+
+

[INFO] Starting deployment sequence...

+

[CMD] nixos-anywhere --flake .#numbus-server

+

[STDOUT] Initializing remote connection...

+
+
+
+
+ + +
+
+ +
+

Ready to Deploy

+

Your configuration has been generated successfully. Download the file and place it in your Numbus project root.

+ +
+
+ 

+                        

+                    

+                

+
+                
+                

+                    
+                    
+                    
+
+                    
+                

+            

+        

+    

+
+    
+
+    
+
+
\ No newline at end of file
diff --git a/configurator/logo.png b/configurator/logo.png
new file mode 100644
index 0000000..28581fa
Binary files /dev/null and b/configurator/logo.png differ
diff --git a/deploy.sh b/deploy.sh
index b25a0b1..91ac5c4 100644
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,310 +1,63 @@
 #!/usr/bin/env nix-shell
-#!nix-shell -i bash -p bash nano coreutils gnused gum fastfetch xkcdpass sops ssh-to-age age sshpass envsubst pciutils usbutils mosquitto curl jq
+#!nix-shell -i bash -p bash nano coreutils gnused gum fastfetch xkcdpass sops ssh-to-age age sshpass envsubst pciutils usbutils mosquitto curl jq yq python3
 
-### --> Default settings
-export GUM_SPIN_SPINNER="minidot"
-export GUM_SPIN_SPINNER_BOLD=true
-export GUM_SPIN_SHOW_ERROR=true
-export GUM_SPIN_TITLE_BOLD=true
+launch_configurator() {
+  local PORT=8088
+  local CONFIG_FILE="numbus.yaml"
+  local BRIDGE_SCRIPT="configurator/bridge.py"
 
-NECESSARY_BACKUP_SERVER_VARIABLES_LIST=(
-  #LIVE TARGET SETTINGS
-  LIVE_TARGET_IP
-  LIVE_TARGET_PASSWD
-  #SERVER SETTINGS
-  SERVER_LANGUAGE
-  SERVER_LOCALE
-  SERVER_TIMEZONE
-  SERVER_OWNER_NAME
-  SERVER_USER_EMAIL
-  SERVER_ADMIN_EMAIL
-  SERVER_AUTHORIZED_SSH_PUBKEYS
-  # TRAEFIK SETTINGS
-  TRAEFIK_CLOUDFLARE_TOKEN
-  # SMTP SETTINGS
-  SMTP_SERVER_USERNAME
-  SMTP_SERVER_PASSWORD
-  SMTP_SERVER_HOST
-  SMTP_SERVER_PORT
-  #NETWORK SETTINGS
-  NETWORK_SUBNET
-  NETWORK_ROUTER_IP
-  NETWORK_HOME_SERVER_IP
-)
+  # Create a more robust Python Bridge
+  cat << EOF > "${BRIDGE_SCRIPT}"
+import http.server
+import json
+import os
 
-OPTIONAL_BACKUP_SERVER_VARIABLES_LIST=(
-  # SERVICES SETTINGS
-  SERVICES_DOMAIN_NAME
-  SERVICES_SELECTED_SYSTEM_PACKAGES
-  SERVICES_SELECTED_SYSTEM_SERVICES
-  SERVICES_SELECTED_WEB_APPLICATIONS
-  SERVIVCES_SELECTED_WEB_APPLICATIONS_SUBDOMAIN
-)
+class BridgeHandler(http.server.SimpleHTTPRequestHandler):
+    def do_GET(self):
+        if self.path == '/logs':
+            self.send_response(200)
+            self.send_header('Content-type', 'text/plain')
+            self.send_header('Access-Control-Allow-Origin', '*')
+            self.end_headers()
+            if os.path.exists('deploy.log'):
+                with open('deploy.log', 'r') as f:
+                    lines = f.readlines()
+                    self.wfile.write("".join(lines[-20:]).encode())
+            return
+        return http.server.SimpleHTTPRequestHandler.do_GET(self)
 
-NECESSARY_COMPUTER_VARIABLES_LIST=(
-  # LIVE TARGET SETTINGS
-  LIVE_TARGET_IP
-  LIVE_TARGET_PASSWD
-  # COMPUTER SETTINGS
-  COMPUTER_LANGUAGE
-  COMPUTER_LOCALE
-  COMPUTER_TIMEZONE
-  COMPUTER_OWNER_NAME
-  COMPUTER_USER_EMAIL
-  COMPUTER_ADMIN_EMAIL
-  COMPUTER_AUTHORIZED_SSH_PUBKEYS
-  # USER SETTINGS
-  USER_ADMINISTRATORS
-  USER_NORMAL_USERS
-)
+    def do_POST(self):
+        content_length = int(self.headers['Content-Length'])
+        post_data = self.rfile.read(content_length)
+        
+        if self.path == '/discovery':
+            with open("live_settings.json", "wb") as f:
+                f.write(post_data)
+            self.send_response(200)
+            self.end_headers()
+            # Signal Bash that discovery data is ready
+            with open(".discovery_ready", "w") as f: f.write("1")
 
-OPTIONAL_COMPUTER_VARIABLES_LIST=(
-  # NETWORK SETTINGS
-  NETWORK_SUBNET
-  NETWORK_ROUTER_IP
-  NETWORK_HOME_COMPUTER_IP
-  # SERVICES SETTINGS
-  SERVICES_SELECTED_SYSTEM_PACKAGES
-  SERVICES_SELECTED_DESKTOP_ENVIRONMENT
-  SERVICE_SELECTED_GNOME_EXTENSIONS
-  SERVICES_SELECTED_FLATPAK_APPLICATIONS
-  SERVICES_SELECTED_WEB_APPLICATIONS
-)
+        elif self.path == '/deploy':
+            with open("${CONFIG_FILE}", "wb") as f:
+                f.write(post_data)
+            self.send_response(200)
+            self.end_headers()
+            with open(".deploy_signal", "w") as f: f.write("1")
 
-NECESSARY_SERVER_VARIABLES_LIST=(
-  #LIVE TARGET SETTINGS
-  LIVE_TARGET_IP
-  LIVE_TARGET_PASSWD
-  #SERVER SETTINGS
-  SERVER_LANGUAGE
-  SERVER_LOCALE
-  SERVER_TIMEZONE
-  SERVER_OWNER_NAME
-  SERVER_USER_EMAIL
-  SERVER_ADMIN_EMAIL
-  SERVER_AUTHORIZED_SSH_PUBKEYS
-  # TRAEFIK SETTINGS
-  TRAEFIK_CLOUDFLARE_TOKEN
-  # SMTP SETTINGS
-  SMTP_SERVER_USERNAME
-  SMTP_SERVER_PASSWORD
-  SMTP_SERVER_HOST
-  SMTP_SERVER_PORT
-  #NETWORK SETTINGS
-  NETWORK_SUBNET
-  NETWORK_ROUTER_IP
-  NETWORK_HOME_SERVER_IP
-  # SERVICES SETTINGS
-  SERVICES_DOMAIN_NAME
-  SERVICES_SELECTED_DNS
-  SERVICES_SELECTED_SYSTEM
-  SERVICES_SELECTED_WEB_APPLICATIONS
-)
+os.chdir("configurator")
+http.server.HTTPServer(('localhost', ${PORT}), BridgeHandler).serve_forever()
+EOF
 
-OPTIONAL_SERVER_VARIABLES_LIST=(
-  # SERVICES SETTINGS
-  SELECTED_DNS_SERVICE_SUBDOMAIN
-  SELECTED_WEB_APPLICATIONS_SUBDOMAIN
-)
+  # Cleanup old signals
+  rm -f configurator/.discovery_ready configurator/.deploy_signal configurator/live_settings.json configurator/hardware.json
 
-NECESSARY_TV_VARIABLES_LIST=(
-  #LIVE TARGET SETTINGS
-  LIVE_TARGET_IP
-  LIVE_TARGET_PASSWD
-  #TV SETTINGS
-  TV_LANGUAGE
-  TV_LOCALE
-  TV_TIMEZONE
-  TV_OWNER_NAME
-  TV_USER_EMAIL
-  TV_ADMIN_EMAIL
-  TV_AUTHORIZED_SSH_PUBKEYS
-  #NETWORK SETTINGS
-  NETWORK_SUBNET
-  NETWORK_ROUTER_IP
-  NETWORK_HOME_TV_IP
-)
+  echo -e "πŸš€ Launching Numbus Configurator..."
+  python3 "${BRIDGE_SCRIPT}" > /dev/null 2>&1 &
+  BRIDGE_PID=$!
 
-OPTIONAL_TV_VARIABLES_LIST=(
-  # SERVICES SETTINGS
-  SERVICES_SELECTED_SYSTEM_PACKAGES
-  SERVICES_SELECTED_FLATPAK_APPLICATIONS
-  SERVICES_SELECTED_WEB_APPLICATIONS
-)
-
-# Available DNS services
-DNS_SERVICES_LIST=(
-  "pi-hole"
-  "adguard"
-)
-
-# Available services
-WEB_APPLICATIONS_LIST=(
-  "crafty"
-  "frigate"
-  "gitea"
-  "home-assistant"
-  "homepage"
-  "immich"
-  "it-tools"
-  "jellyfin"
-  "n8n"
-  "netbootxyz"
-  "nextcloud"
-  "ntfy"
-  "odoo"
-  "passbolt"
-  "uptime-kuma"
-  "vscodium"
-)
-
-# Available system services
-SYSTEM_SERVICES_LIST=(
-  "clamav"
-  "virtualization"
-)
-
-# Services descriptions
-DNS_SERVICES_DESCRIPTION=(
-  "Pi-hole : Simple, fully open network-wide Ad Blocker"
-  "AdGuard : Feature-rich network-wide Ad Blocker"
-)
-
-WEB_APPLICATIONS_DESCRIPTION=(
-  "Crafty : A web-based control panel for Minecraft servers"
-  "Frigate [Home Assistant required] : NVR with real-time local object detection for IP cameras"
-  "Gitea : Painless self-hosted Git service"
-  "Home-Assistant : Open source home automation that puts local control and privacy first"
-  "Homepage : A modern, secure, highly customizable application dashboard"
-  "Immich : High performance self-hosted photo and video management solution"
-  "IT-tools : Handy collection of online tools for developers"
-  "Jellyfin : The Free Software Media System"
-  "N8n : Workflow automation for technical people"
-  "netboot.xyz : Network boot various operating system installers and utilities"
-  "Nextcloud : The most popular self-hosted collaboration platform"
-  "Ntfy : Send push notifications to your phone or desktop via PUT/POST"
-  "Odoo : Open Source ERP and CRM"
-  "Passbolt : Open source password manager for teams"
-  "Uptime-Kuma : A fancy self-hosted monitoring tool"
-  "VSCodium : Free/Libre Open Source Software Binaries of VS Code"
-)
-
-SYSTEM_SERVICES_DESCRIPTION=(
-  "ClamAV : An open-source anti-virus"
-  "Virtualization : Run Virtual Machines (KVM/QEMU) with Libvirt"
-)
-### Default settings <--
-
-user_input() {
-  local VAR_NAME="${1}"
-  local HEADER="${2}"
-  local PLACEHOLDER="${3}"
-  local REGEX="${4}"
-  local ERROR_MSG="${5}"
-  local SENSITIVE="${6:-false}"
-
-  while true; do
-    [[ "${SENSITIVE}" == "false" ]] && INPUT_VALUE=$(gum input --placeholder "${PLACEHOLDER}" --header "${HEADER}")
-    [[ "${SENSITIVE}" == "true" ]] && INPUT_VALUE=$(gum input --password --placeholder "${PLACEHOLDER}" --header "${HEADER}")
-
-    if [[ -z "${INPUT_VALUE}" ]]; then
-      echo "❌ Error: Input cannot be empty. Please provide the necessary information."
-      continue
-    fi
-
-    if [[ -n "${REGEX}" ]]; then
-      if [[ ! "${INPUT_VALUE}" =~ ${REGEX} ]]; then
-        echo "❌ Error: ${ERROR_MSG}"
-        continue
-      fi
-    fi
-
-    export "${VAR_NAME}"="${INPUT_VALUE}"
-    break
-  done
-}
-
-strictly_necessary_information() {
-  export IP_REGEX='^([0-9]{1,3}\.){3}[0-9]{1,3}$'
-  user_input "LIVE_TARGET_IP" "  Please provide the IP address of the target host :" "For example : 192.168.1.100" "${IP_REGEX}" "Invalid IP address format."
-  user_input "LIVE_TARGET_PASSWD" "  Please enter the password for '${TARGET_USER}@${LIVE_TARGET_IP}' :" "${LIVE_TARGET_IP}'s password" "" "" "true"
-}
-
-necessary_information() {
-  # Regex Definitions
-  local SUBNET_REGEX='^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'
-  local DOMAIN_REGEX='^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$'
-  local EMAIL_REGEX='^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
-  local PORT_REGEX='^[0-9]{1,5}$'
-  local SSH_KEY_REGEX='^ssh-[a-z0-9]+ [A-Za-z0-9+/]+.*'
-
-  echo -e "\n\n➑️  This script needs information about the target you want to install NixOS on\n"
-  # LIVE TARGET SETTINGS
-  user_input "LIVE_TARGET_IP" "  Please provide the IP address of the target host :" "For example : 192.168.1.100" "${IP_REGEX}" "Invalid IP address format."
-  user_input "LIVE_TARGET_PASSWD" "  Please enter the password for '${TARGET_USER}@${LIVE_TARGET_IP}' :" "${LIVE_TARGET_IP}'s password" "" "" "true"
-
-  echo -e "\n\n➑️  Now provide some information about the server you are deploying\n"
-  # SERVER SETTINGS
-  user_input "TIMEZONE" "  Please provide the wanted timezone :" "For example : Europe/Paris, Europe/Berlin" "" ""
-  user_input "LANGUAGE" "  Please provide the wanted language :" "For example : FR (for french), EN (for english), DE, IT, etc" "" ""
-  user_input "LOCALE" "  Please provide your locale :" "For example : fr_FR for France, de_DE for Germany, en_US for USA or en_GB for Great-Britain, etc" "" ""
-  user_input "SERVER_OWNER_NAME" "  Please provide the name of the owner of this server :" "For example : Steve" "" ""
-  user_input "SERVER_USER_EMAIL" "  Please provide a valid user email address (to stay informed about your server's health) :" "For example : myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
-  user_input "SERVER_ADMIN_EMAIL" "  Please provide a valid admin email address (will be used for ACME, and system failures notifications) :" "For example : myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
-  user_input "AUTHORIZED_SSH_PUBLIC_KEY" "  Please provide a list of SSH public keys of authorized devices :" "For example : ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhcYDmjMo5YApLkk/3P3HZCnOSzm0uYewNAbxL8Fci8 user@your-pc" "${SSH_KEY_REGEX}" "Invalid SSH key format (must start with ssh-...)." "true"
-
-  echo -e "\n\n➑️  You will access your services via a domain name (e.g. cloud.mydomain.com) and containers need credentials to create those subdomains\n"
-  # TRAEFIK SETTINGS
-  user_input "DOMAIN_NAME" "  Please provide the domain name (FQDN) your home server will use :" "For example : yourdomain.com" "${DOMAIN_REGEX}" "Invalid domain name format."
-  user_input "CLOUDFLARE_DNS_API_TOKEN" "  Please provide a cloudflare API token with DNS zone permission :" "For example : bA7hdvCOuXGytlNKohi3ZGtlVpf5CHpLuCMiJrE" "" "" "true"
-
-  echo -e "\n\n➑️  Some services will be able to send you emails. For that you need an email that supports sending emails (like Gmail for example)\n"
-  # SMTP SETTINGS
-  user_input "SMTP_SERVER_USERNAME" "  Please provide a valid sender email address :" "For example : myemail@gmail.com" "${EMAIL_REGEX}" "Invalid email address format."
-  user_input "SMTP_SERVER_PASSWORD" "  Please provide the password of this email address :" "abcd efgh ijkl mnop" "" "" "true"
-  user_input "SMTP_SERVER_HOST" "  Please provide the SMTP server endpoint :" "For Gmail : smtp.gmail.com" "${DOMAIN_REGEX}" "Invalid domain name format."
-  user_input "SMTP_SERVER_PORT" "  Please provide the smtp TLS port :" "For Gmail : 587" "${PORT_REGEX}" "Invalid port number."
-
-  echo -e "\n\n➑️  This server will connect to your local network and you will configure its IP address\n"
-  # NETWORK SETTINGS
-  user_input "NETWORK_SUBNET" "  Please provide your network subnet :" "For example 192.168.1.0/24" "${SUBNET_REGEX}" "Invalid subnet format (e.g. 192.168.1.1/24)."
-  user_input "NETWORK_ROUTER_IP" "  Please provide the ip address of your router :" "Most likely 192.168.1.1 or 192.168.1.254" "${IP_REGEX}" "Invalid IP address format."
-  user_input "HOME_SERVER_IP" "  Please choose the ip address that your server will use (i.e. any address in the 192.168.1.1/24 range that is not in use.) :" "For example 192.168.1.5" "${IP_REGEX}" "Invalid IP address format."
-}
-
-import_variables() {
-  VARIABLES_LIST="${1}"
-  NECESSARY="${2:-false}"
-
-  echo -e "\n\n➑️  Please choose your configuration file :"
-  local CONFIG_PATH="$(gum file)"
-
-  source "${CONFIG_PATH}"
-  local MISSING=false
-  for VAR in "${VARIABLES_LIST[@]}"; do
-      if [[ -v "${VAR}" && -n "${!VAR}" ]]; then
-        gum style "βœ… "${VAR}" imported successfully from the config file"
-      else
-        gum style "❌ "${VAR}" is missing or empty"
-        MISSING=true
-      fi
-  done
-
-  if [[ "${MISSING}" == "true" ]]; then
-    if [[ "${NECESSARY}" = "true" ]]; then
-      echo -e "\n❌ Please check your configuration file to include all necessary variables"
-      exit 1
-    fi
-  fi
-
-  if [[ "${DEBUG:-false}" == "true" ]]; then
-    echo -e "\nβœ… Debugging enabled."
-    export DIR_COPY_FLAGS="ravu"
-    export FILES_COPY_FLAGS="avu"
-  else
-    export DIR_COPY_FLAGS="rau"
-    export FILES_COPY_FLAGS="au"
-  fi
+  echo -e "➑️  Open your browser at: $(gum style --foreground 212 "http://localhost:${PORT}")"
+  xdg-open "http://localhost:${PORT}" 2>/dev/null || open "http://localhost:${PORT}" 2>/dev/null || true
 }
 
 hierarchy_preparation() {
@@ -359,15 +112,15 @@ ssh_to_host() {
 
 hardware_detection() {
   ### --> Get hardware information
-  local TMPFILE="/tmp/nixos-installation-hardware-detection-temp-file"
+  local TMPFILE="/tmp/hw_detection.json"
 
   ssh_to_host 'bash -s' << SSHEND
+TARGET_GRAPHICS="false"
+TARGET_GRAPHICS_BRAND=()
 for brand in Intel AMD NVIDIA; do
   if lspci -nn 2>/dev/null | grep -i "vga" | grep -iq "\${brand}"; then
     TARGET_GRAPHICS="true"
     TARGET_GRAPHICS_BRAND+=("\${brand}")
-  else
-    TARGET_GRAPHICS="false"
   fi
 done
 
@@ -420,34 +173,47 @@ for DISK in \$(lsblk -x SIZE -d -n -e 7,11 -o NAME); do
 
 done
 
-echo "# Hardware detection results on \$(date)" > "${TMPFILE}"
-for var in \
-  TARGET_GRAPHICS \
-  TARGET_GRAPHICS_BRAND \
-  TARGET_GRAPHICS_RENDERER \
-  TARGET_USB_CORAL \
-  TARGET_PCIE_CORAL \
-  TARGET_ZIGBEE_DEVICE \
-  TARGET_INTERFACE \
-  TARGET_TPM \
-  TARGET_TPM_VERSION; do
-  echo "export \${var}=\${!var}" >> "${TMPFILE}"
-done
-
-for var in \
-  DISK_DEVPATH \
-  DISK_NAME \
-  DISK_TYPE \
-  DISK_HEALTH \
-  DISK_ID \
-  DISK_SIZE; do
-  declare -p \${var} | sed 's/^declare /declare -g /' >> "${TMPFILE}"
-done
+# Build organized JSON output for yq
+cat << EOF > "\${TMPFILE}"
+{
+  "graphics": {
+    "enabled": \${TARGET_GRAPHICS},
+    "brands": [ \$(printf '"%s",' "\${TARGET_GRAPHICS_BRAND[@]}" | sed 's/,\$//') ],
+    "renderer": \${TARGET_GRAPHICS_RENDERER}
+  },
+  "tpu": {
+    "usb": \${TARGET_USB_CORAL},
+    "pcie": \${TARGET_PCIE_CORAL}
+  },
+  "tpm": {
+    "enabled": \${TARGET_TPM},
+    "version": "\${TARGET_TPM_VERSION}"
+  },
+  "zigbee": {
+    "device": "\${TARGET_ZIGBEE_DEVICE}"
+  },
+  "network": {
+    "interface": "\${TARGET_INTERFACE}"
+  },
+  "disks": [
+\$(
+  count=\${#DISK_NAME[@]}
+  for i in "\${!DISK_NAME[@]}"; do
+    echo "    {\"name\": \"\${DISK_NAME[\$i]}\", \"path\": \"\${DISK_DEVPATH[\$i]}\", \"type\": \"\${DISK_TYPE[\$i]}\", \"health\": \"\${DISK_HEALTH[\$i]}\", \"id\": \"\${DISK_ID[\$i]}\", \"size\": \"\${DISK_SIZE[\$i]}\"}\$( [[ \$i -lt \$((count-1)) ]] && echo ',' )"
+  done
+)
+  ]
+}
+EOF
 SSHEND
   ### Get hardware information <--
 
-  scp -i "final-nix-config/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}":"${TMPFILE}" "${TMPFILE}" &> /dev/null
-  source "${TMPFILE}" && rm -rf "${TMPFILE}"
+  scp -i "final-nix-config/home/numbus-admin/.ssh/id_ed25519" "${TARGET_USER}@${LIVE_TARGET_IP}":"${TMPFILE}" "hardware.json" &> /dev/null
+
+  # Create YAML for NixOS and JSON for the Configurator Website
+  yq -P '.' hardware.json > hardware.yaml
+  yq -o=json '.' hardware.yaml > configurator/hardware.json
+  rm hardware.json
 
   ### --> Generate hardware-configuration.nix
   if ssh_to_host "sudo nixos-generate-config --no-filesystems --show-hardware-config" > final-nix-config/etc/nixos/hardware-configuration.nix; then
@@ -1026,32 +792,19 @@ nix_update() {
     --use-remote-sudo switch --flake final-nix-config/etc/nixos#numbus-server
 }
 
-congrats() {
-  gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "
-  ⚠️  $(gum style --foreground 212 'CONGRATULATIONS !!:') You now have a working home server. \
-Data stored on there will be fully yours and protected. Keep in my mind this comes with the \
-responsability of managing it and keeping it secure. Now, you have to log in the webpages of \
-the services you installed. Create an admin account for all of them and configure them (or keep \
-it simple and use defaults) and take care to note down all the passwords. Change all default passwords \
-        and create user accounts for your family or friends that will use the server.
-
-                                        Cheers !!"
-}
-
 set -euo pipefail
 
 clear
-fastfetch --logo nixos --logo-padding-left 4 --structure ' '
 
 gum style --align center --width 80 --foreground 212 "
  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ   β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ                            β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
 β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ                            β–’β–’β–ˆβ–ˆβ–ˆ
- β–’β–ˆβ–ˆβ–ˆβ–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ   β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
+ β–’β–ˆβ–ˆβ–ˆβ–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ   β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆ    β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
  β–’β–ˆβ–ˆβ–ˆβ–’β–’β–ˆβ–ˆβ–ˆβ–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–’β–’β–ˆβ–ˆβ–ˆβ–’β–’β–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆβ–’β–’β–ˆβ–ˆβ–ˆβ–’β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–’β–’
  β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
  β–’β–ˆβ–ˆβ–ˆ  β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ  β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆ  β–’β–’β–’β–’β–ˆβ–ˆβ–ˆ
- β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–’β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
-β–’β–’β–’β–’β–’    β–’β–’β–’β–’β–’   β–’β–’β–’β–’β–’β–’β–’β–’ β–’β–’β–’β–’β–’ β–’β–’β–’ β–’β–’β–’β–’β–’ β–’β–’β–’β–’β–’β–’β–’β–’    β–’β–’β–’β–’β–’β–’β–’β–’ β–’β–’β–’β–’β–’β–’
+ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–’β–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
+β–’β–’β–’β–’β–’    β–’β–’β–’β–’β–’   β–’β–’β–’β–’β–’β–’β–’β–’ β–’β–’β–’β–’β–’ β–’β–’β–’ β–’β–’β–’β–’β–’ β–’β–’β–’β–’β–’β–’β–’β–’    β–’β–’β–’β–’β–’β–’β–’β–’  β–’β–’β–’β–’β–’β–’
 
   β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
  β–ˆβ–ˆβ–ˆβ–’β–’β–’β–’β–’β–ˆβ–ˆβ–ˆ
@@ -1062,85 +815,7 @@ gum style --align center --width 80 --foreground 212 "
 β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ      β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ   β–’β–’β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆ
  β–’β–’β–’β–’β–’β–’β–’β–’β–’   β–’β–’β–’β–’β–’β–’  β–’β–’β–’β–’β–’        β–’β–’β–’β–’β–’     β–’β–’β–’β–’β–’β–’  β–’β–’β–’β–’β–’
 "
+
 sleep 1
 
-SELECTED_DEVICE=$(gum choose --header "πŸ“¦ Select the device type to deploy:" \
-  "numbus-server" \
-  "numbus-backup-server" \
-  "numbus-computer" \
-  "numbus-tv" \
-)
-
-SELECTED_MODE=$(gum choose --header "πŸ› οΈ Select the deployment strategy for ${SELECTED_DEVICE}:" \
-  "Semi-interactive (recommended - use a config file)" \
-  "Interactive (manual input)" \
-  "Update and Maintain (existing installation)" \
-)
-
-if [[ "${SELECTED_MODE}" == "Update and Maintain"* ]]; then
-  TARGET_USER="numbus-admin"
-  echo -e "\n➑️  Proceeding with maintenance/update for ${SELECTED_DEVICE}..."
-  gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 \
-    "➑️  Ensure the remote device is powered on and accessible via SSH."
-  
-  gum confirm "Ready to proceed?" || { echo "❌ Aborted."; exit 1; }
-  
-  strictly_necessary_information
-  setup_ssh
-  # Maintain legacy update sequence
-  more_information_config
-  folder_tree_generation
-  nix_generation
-  nix_update
-  congrats
-
-else
-  TARGET_USER="nixos"
-  echo -e "\n➑️  Proceeding with new deployment for ${SELECTED_DEVICE}..."
-  gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 \
-    "➑️  On the target host: Boot into the NixOS ISO, launch a console, and set a temporary user password."
-  
-  gum confirm "Ready to proceed?" || { echo "❌ Aborted."; exit 1; }
-
-  if [[ "${SELECTED_MODE}" == "Semi-interactive"* ]]; then
-    import_variables "${VARS_LIST[@]}" "true"
-  else
-    strictly_necessary_information
-    necessary_information
-  fi
-
-  # Standard Deployment Pipeline
-  hierarchy_preparation
-  setup_ssh
-  hardware_detection
-
-  # Server-specific logic
-  if [[ "${SELECTED_DEVICE}" == "numbus-server" ]]; then
-    services_selection
-  fi
-
-  disks_selection
-  server_config_generation
-  network_config_generation
-
-  if [[ "${SELECTED_DEVICE}" == "numbus-server" ]]; then
-    services_config_generation
-  fi
-
-  # Mail setup for server-grade devices
-  if [[ "${SELECTED_DEVICE}" == *"server"* ]]; then
-    mail_config_generation
-  fi
-
-  disk_config_generation
-  keys_generation
-  sum_up
-
-  if [[ "${SELECTED_DEVICE}" == "numbus-server" ]]; then
-    cloudflare_dns_setup
-  fi
-
-  export_configuration
-  deploy
-  postrun_action
-fi
\ No newline at end of file
+launch_configurator
diff --git a/docs/numbus-server/configuration/automatic_ssl_certs.md b/docs/numbus-server/configuration/services/automatic_ssl_certs.md
similarity index 100%
rename from docs/numbus-server/configuration/automatic_ssl_certs.md
rename to docs/numbus-server/configuration/services/automatic_ssl_certs.md
diff --git a/docs/numbus-server/configuration/custom_subdomain.md b/docs/numbus-server/configuration/services/custom_subdomain.md
similarity index 100%
rename from docs/numbus-server/configuration/custom_subdomain.md
rename to docs/numbus-server/configuration/services/custom_subdomain.md
diff --git a/docs/numbus-server/configuration/services/index.md b/docs/numbus-server/configuration/services/index.md
index 44b8713..d5050b7 100644
--- a/docs/numbus-server/configuration/services/index.md
+++ b/docs/numbus-server/configuration/services/index.md
@@ -4,11 +4,11 @@
 
 | Variable | Description | Values | Default |
 | -------- | ----------- | ------ | --------- | 
+| DOMAIN_NAMEΒ | The domain name that will be used to access the different services.Β | your-domain.comΒ | |
 | SELECTED_DNS_SERVICE | The DNS service to install (AdBlocking). | ( "pi-hole" ), ( "adguard" ) | ( "pi-hole" ) |
 | SELECTED_WEB_APPLICATIONS | The list of web applications to install. | ( "nextcloud" ), ( "homepage" jellyfin" "it-tools" "netbootxyz" ), ... [see the full list below](./index.md#web-applications-list) |  |
 | SELECTED_SYSTEM_SERVICES | The list of system services to install. | ( "clamav" ), ( "virtualization" "clamav" ), ... [see the full list below](./index.md#system-services-list) |  |
-| SELECTED_DNS_SERVICE_[subdomain](../custom_subdomain.md) | Custom [subdomain](../custom_subdomain.md) for the DNS service. | "my-dns" | Will be the name of the service. I.e. pi-hole.your-domain.com or adguard.your-domain.com |
-| SELECTED_WEB_APPLICATIONS_[subdomain](../custom_subdomain.md) | Custom [subdomain](../custom_subdomain.md)s for the web applications (must match the order of SELECTED_WEB_APPLICATIONS). | "my-cloud", "my-photos" | Will be the name of the service. I.e. nextcloud.your-domain.com, immich.your-domain.com, ... |
+
 
 ## Web applications list
 
@@ -37,7 +37,7 @@ This is the list of **all the available apps** that can be enabled on the numbus
 
 ## System services list
 
-| Name | Description | Additional settings ? |
+| Name | Description | Additional settings |
 | -------- | ----------- | ------ |
-| clamav | Open-source anti-virus software. | No |
-| virtualization | Run Virtual Machines (KVM/QEMU). | No |
\ No newline at end of file
+| clamav | Open-source anti-virus software. | |
+| virtualization | Run Virtual Machines (KVM/QEMU). | |
\ No newline at end of file
diff --git a/numbus-server.conf b/numbus-server.conf
deleted file mode 100644
index 537a19a..0000000
--- a/numbus-server.conf
+++ /dev/null
@@ -1,119 +0,0 @@
-## πŸ“¦ Live target settings
-# See docs/numbus-server/configuration/live_target.md
-export LIVE_TARGET_IP="192.168.1.10"
-export LIVE_TARGET_PASSWD="example"
-
-
-## βš™οΈ Server settings
-# See docs/numbus-server/configuration/server.md
-export SERVER_LANGUAGE="FR"
-export SERVER_LOCALE="fr_FR"
-export SERVER_TIMEZONE="Europe/Paris"
-export SERVER_OWNER_NAME="yourName"
-export SERVER_USER_EMAIL="user@your-domain.com"
-export SERVER_ADMIN_EMAIL="admin@your-domain.com"
-export SERVER_AUTHORIZED_SSH_PUBKEYS=( "ssh-ed25519 AAAAoefzefpoipoeCEZJCPEACPAcjapjcpajepcjAPJECJPEJAPJAZ yours@yourdomain.com" )
-
-
-## πŸ“¬ Mail settings
-# See docs/numbus-server/configuration/mail.md
-export SMTP_SERVER_USERNAME="your-address@your-domain.com"
-export SMTP_SERVER_PASSWORD="emrp raps vzoi vnoe"
-export SMTP_SERVER_HOST="smtp.yourdomain.com"
-export SMTP_SERVER_PORT="587"
-
-
-## 🚦 Traefik settings
-# See docs/numbus-server/configuration/services/traefik.md
-export CLOUDFLARE_DNS_API_TOKEN="yourToken"
-
-
-
-
-
-## πŸ›œ Network settings
-# See docs/numbus-server/configuration/network.md
-export NETWORK_SUBNET="192.168.1.0/24"
-export NETWORK_ROUTER_IP="192.168.1.1"
-export HOME_SERVER_IP="192.168.1.5"
-
-
-## πŸ› οΈ Services settings
-# See docs/numbus-server/configuration/services/index.md
-export DOMAIN_NAME="yourdomain.com"
-
-
-## DNS service
-export SELECTED_DNS_SERVICE=(
-  "pi-hole"
-  "adguard"
-)
-
-
-## Web applications
-export SELECTED_WEB_APPLICATIONS=(
-  "crafty"
-  "frigate"
-  "gitea"
-  "home-assistant"
-  "homepage"
-  "immich"
-  "it-tools"
-  "jellyfin"
-  "n8n"
-  "netbootxyz"
-  "nextcloud"
-  "ntfy"
-  "odoo"
-  "passbolt"
-  "uptime-kuma"
-  "vscodium"
-)
-
-
-## System services
-export SELECTED_SYSTEM_SERVICES=(
-  "clamav"
-  "virtualization"
-)
-
-
-## DNS service subdomain
-# See docs/numbus-server/configuration/services/index.md
-export SELECTED_DNS_SERVICE_SUBDOMAIN=(
-  "my-pi-hole-subdomain" # or "my-adguard-subdomain"
-)
-
-
-## Web applications subdomain
-# ⚠️ The order must strictly match the SELECTED_WEB_APPLICATIONS array above.
-export SELECTED_WEB_APPLICATIONS_SUBDOMAIN=(
-  "my-crafty-subdomain"
-  "my-frigate-subdomain"
-  "my-gitea-subdomain"
-  "my-home-assistant-subdomain" # Example : your Home-assistant URL will be ; https://my-home-assistant-subdomain.yourdomain.com/
-  "my-homepage-subdomain"
-  "my-immich-subdomain"
-  "my-it-tools-subdomain"
-  "my-jellyfin-subdomain"       # Example : your Jellyfin URL will be ; https://my-jellyfin-subdomain.yourdomain.com/
-  "my-n8n-subdomain"
-  "my-netbootxyz-subdomain"
-  "my-nextcloud-subdomain"
-  "my-ntfy-subdomain"
-  "my-odoo-subdomain"
-  "my-passbolt-subdomain"
-  "my-uptime-kuma-subdomain"
-  "my-vscodium-subdomain"
-)
-
-
-## ⛏️ Crafty settings
-# See docs/numbus-server/configuration/services/crafty.md
-export DYNMAP_ENABLED="false"
-export WANTED_NUMBER_OF_JAVA_MINECRAFT_SERVERS="1"
-export WANTED_NUMBER_OF_BEDROCK_MINECRAFT_SERVERS="0"
-
-
-## πŸ“œ Script settings
-# See docs/numbus-server/configuration/script.md
-export VERBOSE="true"
\ No newline at end of file
diff --git a/templates/numbus-server/configuration.nix b/templates/numbus-server/configuration.nix
index a519138..8c1c408 100644
--- a/templates/numbus-server/configuration.nix
+++ b/templates/numbus-server/configuration.nix
@@ -1,20 +1,17 @@
-{ modulesPath, config, pkgs, inputs, ... }:
+# Do NOT edit this file manually. 
+# Please use the dedicated script : https://gittea.dev/numbus/numbus.
+# This could compromise system stability and is not supported by numbus.
+
+{ config, modulesPath, ... }:
 
 {
   imports = [
     (modulesPath + "/installer/scan/not-detected.nix")
     (modulesPath + "/profiles/qemu-guest.nix")
-    inputs.sops-nix.nixosModules.sops
+    ./custom-configuration.nix
+    ./numbus-generated.nix
   ];
 
   # System
   system.stateVersion = "25.11";
-
-  # Secrets management
-  sops.defaultSopsFile = ./secrets/secrets.yaml;
-  sops.age.sshKeyPaths = [ "/home/numbus-admin/.ssh/id_ed25519" ];
-  sops.age.keyFile = "/var/lib/sops-nix/key.txt";
-  # Secrets
-  sops.secrets."authorizedSshPublicKeys" = { owner = "numbus-admin"; path = "/home/numbus-admin/.ssh/authorized_keys"; mode = "0600"; };
-  sops.secrets."smtpPassword" = { owner = "numbus-admin"; mode = "0600"; };
-  sops.secrets."cloudflareDnsApiToken" = { owner = "numbus-admin"; mode = "0600"; };
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/templates/numbus-server/custom-configuration.nix b/templates/numbus-server/custom-configuration.nix
new file mode 100644
index 0000000..23e44ad
--- /dev/null
+++ b/templates/numbus-server/custom-configuration.nix
@@ -0,0 +1,5 @@
+# This file is reserved for ADVANCED USERS ONLY.
+# Editing could compromise system stability and is not supported by numbus.
+# Do NOT set options already managed by numbus. i.e. config.numbus.* and other options (networking, storage, etc.)
+# Please use the dedicated script for those options : https://gittea.dev/numbus/numbus.
+
diff --git a/templates/numbus-server/flake.nix b/templates/numbus-server/flake.nix
index 0296512..68454d4 100644
--- a/templates/numbus-server/flake.nix
+++ b/templates/numbus-server/flake.nix
@@ -1,10 +1,14 @@
+# Do NOT edit this file manually. 
+# Please use the dedicated script : https://gittea.dev/numbus/numbus.
+# This could compromise system stability and is not supported by numbus.
+
 {
   inputs = {
     # Core Nixpkgs
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
     # Numbus server configuration
-    numbus.url = "git+https://gittea.dev/numbus/numbus-server";
-    numbus.inputs.nixpkgs.follows = "nixpkgs";
+    numbus-server.url = "git+https://gittea.dev/numbus/numbus-server";
+    numbus-server.inputs.nixpkgs.follows = "nixpkgs";
     # Disk-partitioning helper
     disko.url = "github:nix-community/disko";
     disko.inputs.nixpkgs.follows = "nixpkgs";
@@ -16,7 +20,7 @@
     autoaspm.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = { self, nixpkgs, numbus, disko, sops-nix, autoaspm, ... }@inputs: let
+  outputs = { self, nixpkgs, numbus-server, disko, sops-nix, autoaspm, ... }@inputs: let
     # System definition
     system = "x86_64-linux";
     pkgs = import nixpkgs {
@@ -31,7 +35,7 @@
         specialArgs = { inherit inputs; };
         modules = [
           # Numbus server configuration
-          numbus.nixosModules.numbus
+          numbus-server.nixosModules.numbus-server
           # Disk-partitioning helper
           disko.nixosModules.disko
           # Secrets handling
diff --git a/templates/numbus-server/numbus-generated.nix b/templates/numbus-server/numbus-generated.nix
new file mode 100644
index 0000000..4302f12
--- /dev/null
+++ b/templates/numbus-server/numbus-generated.nix
@@ -0,0 +1,10 @@
+# Do NOT edit this file manually. 
+# Please use the dedicated script : https://gittea.dev/numbus/numbus.
+# This could compromise system stability and is not supported by numbus.
+
+{ config, pkgs, inputs, ... }:
+
+{
+  imports = [
+    inputs.sops-nix.nixosModules.sops
+  ];
\ No newline at end of file
diff --git a/templates/numbus-server/sops-nix/secrets.yaml b/templates/numbus-server/sops-nix/secrets.yaml
index 38c83a2..1a2671b 100644
--- a/templates/numbus-server/sops-nix/secrets.yaml
+++ b/templates/numbus-server/sops-nix/secrets.yaml
@@ -1,4 +1,10 @@
+# SSH
 authorizedSshPublicKeys: |
 $SSH_KEYS_FORMATTED
+
+# SMTP
 smtpPassword: "$SMTP_SERVER_PASSWORD"
-cloudflareDnsApiToken: "$CLOUDFLARE_DNS_API_TOKEN"
\ No newline at end of file
+
+# CLOUDFLARE
+cloudflareDnsApiToken: "$CLOUDFLARE_DNS_API_TOKEN"
+
diff --git a/wg0.conf b/wg0.conf
deleted file mode 100644
index d23d6d7..0000000
--- a/wg0.conf
+++ /dev/null
@@ -1 +0,0 @@
-# Populate this file with a valid WireGuard tunnel configuration if you chose to deploy a numbus-backup-server.
\ No newline at end of file