From ae414ceb120a69520a51c7ebdf1be68a6f246e2b Mon Sep 17 00:00:00 2001 From: Administrator Date: Sat, 8 Nov 2025 12:58:36 +0000 Subject: [PATCH] new 'ssg' --- homepage/about.body.html | 11 +++ {site => homepage}/background.png | Bin homepage/default.nix | 27 ++++++ homepage/donate.body.html | 25 ++++++ homepage/home.body.html | 35 ++++++++ homepage/legal.body.html | 12 +++ {site => homepage}/logo.png | Bin homepage/template.html | 109 ++++++++++++++++++++++++ services/site.nix | 8 +- site/about.html | 111 ------------------------ site/donate.html | 126 --------------------------- site/index.html | 136 ------------------------------ site/privacy-policy.html | 102 ---------------------- 13 files changed, 225 insertions(+), 477 deletions(-) create mode 100644 homepage/about.body.html rename {site => homepage}/background.png (100%) create mode 100644 homepage/default.nix create mode 100644 homepage/donate.body.html create mode 100644 homepage/home.body.html create mode 100644 homepage/legal.body.html rename {site => homepage}/logo.png (100%) create mode 100644 homepage/template.html delete mode 100644 site/about.html delete mode 100644 site/donate.html delete mode 100644 site/index.html delete mode 100644 site/privacy-policy.html diff --git a/homepage/about.body.html b/homepage/about.body.html new file mode 100644 index 0000000..6acdac6 --- /dev/null +++ b/homepage/about.body.html @@ -0,0 +1,11 @@ +

About Us

+
+

Distrust is currently just myself (root@distrust.network), I'm the webmaster, the postmaster, the Nix ninja, and the privacy freak who came up with this concept all in one.

+

I do not plan to make my identity public, as I see no need for it. What I will say is that I have been contributing to the FOSS community for over a decade now, and I never plan to stop giving back to the community that powers the tools we use to stay private an anonymous online.

+

What sets apart Distrust from similar services is that we don't want your money. We want a free, private, and non-compromising internet for all. Whether it be you, me writing this, a potential whistleblower, or a religious/racial/sexual/gender minority trying to escape discrimination or persecution.

+

This is the main driving factor behind our payment model, which aims to cover only the costs of hosting and domain expenses, and donates the rest directly to The TOR Project, one of the largest organisations fighting for digital freedom, all while preserving your anonymity through the use of Bitcoin and Monero payments.

+

Security

+
+

We try to keep things under lock-and-key as much as possible. Remote access into the server is only possible for myself, using an SSH Key that only exists as part of a pin-locked hardware PGP key. This ensures no one but myself can access the server infrastructure.

+

Failing that, root login is disabled by default, with only a single unpriviliged user accessible via SSH. This user requires a complex password to access sudo, and does not have read or write permissions to any confidential service data.

+

As proof of our word, our NixOS system configuration is publicly auditable, find links for it on the homepage and in our privacy policy.

diff --git a/site/background.png b/homepage/background.png similarity index 100% rename from site/background.png rename to homepage/background.png diff --git a/homepage/default.nix b/homepage/default.nix new file mode 100644 index 0000000..f68de64 --- /dev/null +++ b/homepage/default.nix @@ -0,0 +1,27 @@ +{pkgs ? import {}}: +pkgs.stdenv.mkDerivation { + name = "distrust-homepage"; + src = ./.; + + buildInputs = [pkgs.gawk]; + + buildPhase = '' + for bodyFile in *.body.html; do + baseName=$(basename "$bodyFile" .body.html) + title=$(echo "Distrust - ''${baseName^}" | sed "s/\\w(-)\\w/ /g") + bodyContent=$(cat "$bodyFile") + + awk -v title="$title" -v body="$bodyContent" '{ + gsub(/%%TITLE%%/, title); + gsub(/%%BODY%%/, body); + print; + }' template.html > "$baseName.html" + done + ''; + + installPhase = '' + mkdir -p $out + cp * $out/ + rm -f $out/template.html $out/*.body.html $out/*.nix + ''; +} diff --git a/homepage/donate.body.html b/homepage/donate.body.html new file mode 100644 index 0000000..5e5c52f --- /dev/null +++ b/homepage/donate.body.html @@ -0,0 +1,25 @@ +

Ways to Support Distrust

+
+

If you would like to support us with what we do, do not donate any money to me. I am simply a systems administrator. Please send your money to these groups instead that are actively fighting for your right to privacy:

+ +

If for some reason you do want to make a donation to myself, you may donate to my personal BTC and XMR addresses, listed below:

+ +

I greatly appreciate your gratitude if you consider this choice.

+

Non-Financial Ways of Supporting Distrust

+
+

Some other ways of supporting Distrust and it's goals without spending a dime are by strengthening the networks it relies on. Below are some examples.

+ +

All of these are great examples on how you can help Distrust and others online in staying safe and anonymous by donating hardware you can find anywhere to their respective networks. Even an old PC with 8GB of RAM could feasibly host all of these.

diff --git a/homepage/home.body.html b/homepage/home.body.html new file mode 100644 index 0000000..9f4d61d --- /dev/null +++ b/homepage/home.body.html @@ -0,0 +1,35 @@ +

What is Distrust?

+
+

Distrust is a family of services that works off one simple principle:

+ +

Pricing starts at a minimum of $1 per month, and upgrades to lifetime access as soon as you have paid $100 total. Payment is in BTC or XMR only.

+

These services are run at cost, and anything donated beyond the hosting expenses will be donated to the TOR project + (which we highly recommend supporting yourself).

+

The services we host are as follows, all available through either TOR + or the clearnet.

+ +

We also host nodes for Bitcoin (BTC), Monero (XMR), an IPFS gateway, and a TOR relay +to strengthen their respective networks. They are all available over clearnet and TOR using this main webpages IP + and .onion URL.

+

All services have a strict no-metrics policy, with logs being kept for at most 1 hour (for debugging purposes).

+

The server runs a hardened NixOS config, and is updated when appropriate for any security/hardening tweaks. This NixOS config is auditable and freely accessible over TOR + and clearnet.

+

If you are interested, email me + with your desired username. Immediate payment is not required, and can be delayed for up to a month; We will still provision your account.

diff --git a/homepage/legal.body.html b/homepage/legal.body.html new file mode 100644 index 0000000..2ad4df1 --- /dev/null +++ b/homepage/legal.body.html @@ -0,0 +1,12 @@ +

Privacy Policy

+
+

Distrust is dedicated to protecting your privacy and upholding your right to anonymity, freedom of expression, and digital security.

+

The only personal information required is a username for account setup; no extra data, analytics, or trackers are used.

+

Service logs are maintained for no more than one hour, strictly for operational debugging, after which they are automatically deleted.

+

All payments are processed through privacy-focused cryptocurrencies (BTC and XMR), and any funds received beyond core hosting costs are donated to privacy advocacy initiatives such as the TOR Project.

+

Server infrastructure is hardened, publicly auditable, and accessible only via secure means by the sole administrator. You can view the NixOS system configuration used to deploy the server on the clearnet as well as over TOR.

+

Files uploaded to our services are not encrypted by default. If there is anything you want to remain private you must take measures to encrypt it yourself. +

Your data is never sold or shared, except where strictly required by German law (I strongly recommend you read up on it here before you store any unencrypted data on our servers), and users can request access to or deletion of their minimal personal information at any time.

+

To request account deletion, simply send me an email using your @distrust.network address. I will aim to reply within 48h and action the request within 72h to 96h.

+

Anonymous account provisioning is fully supported, and users can reach out via the secure contact details provided for any privacy-related questions or requests.

+

Every aspect of our policy is designed to maximize your privacy and align with our mission of supporting a safer, more private internet for all.

diff --git a/site/logo.png b/homepage/logo.png similarity index 100% rename from site/logo.png rename to homepage/logo.png diff --git a/homepage/template.html b/homepage/template.html new file mode 100644 index 0000000..a751645 --- /dev/null +++ b/homepage/template.html @@ -0,0 +1,109 @@ + + + + %%TITLE%% + + + + + + + + + + + + + + + + + + + + +
+

Distrust

+ +
+

"We know where you are. We know where you've been. We can more or less know what you're thinking about." + Eric Schmidt, Former Google CEO

+
+ %%BODY%% +
+ Home Contact About DonatePrivacy Policy & TOS + +

Highlight Types: Hoverable, Internal Link, External Link.

+
+ + diff --git a/services/site.nix b/services/site.nix index fe87ed1..908dddb 100644 --- a/services/site.nix +++ b/services/site.nix @@ -1,4 +1,7 @@ -{config, ...}: { +{config, pkgs, ...}: +let + distrust-homepage = import ../homepage/default.nix { inherit pkgs; }; +in { age.secrets."hidden_service/site" = { file = ../secrets/hidden_service/site; }; @@ -10,7 +13,8 @@ secretKey = config.age.secrets."hidden_service/site".path; }; virtualHostConfig = '' - root * /etc/nixos/site + redir / /home.html + root * ${distrust-homepage} file_server ''; }; diff --git a/site/about.html b/site/about.html deleted file mode 100644 index 24f368c..0000000 --- a/site/about.html +++ /dev/null @@ -1,111 +0,0 @@ - - - - Distrust - About - - - - - - - - - - - - - - - - - - - - -
-

Distrust

- An eye, crossed out. -
-

"We know where you are. We know where you've been. We can more or less know what you're thinking about." - Eric Schmidt, Former Google CEO

-

About Us

-
-

Distrust is currently just myself (root@distrust.network), I'm the webmaster, the postmaster, the Nix ninja, and the privacy freak who came up with this concept all in one.

-

I do not plan to make my identity public, as I see no need for it. What I will say is that I have been contributing to the FOSS community for over a decade now, and I never plan to stop giving back to the community that powers the tools we use to stay private an anonymous online.

-

What sets apart Distrust from similar services is that we don't want your money. We want a free, private, and non-compromising internet for all. Whether it be you, me writing this, a potential whistleblower, or a religious/racial/sexual/gender minority trying to escape discrimination or persecution.

-

This is the main driving factor behind our payment model, which aims to cover only the costs of hosting and domain expenses, and donates the rest directly to The TOR Project, one of the largest organisations fighting for digital freedom, all while preserving your anonymity through the use of Bitcoin and Monero payments.

-

Security

-
-

We try to keep things under lock-and-key as much as possible. Remote access into the server is only possible for myself, using an SSH Key that only exists as part of a pin-locked hardware PGP key. This ensures no one but myself can access the server infrastructure.

-

Failing that, root login is disabled by default, with only a single unpriviliged user accessible via SSH. This user requires a complex password to access sudo, and does not have read or write permissions to any confidential service data.

-

As proof of our word, our NixOS system configuration is publicly auditable, find links for it on the homepage and in our privacy policy.

-
- Contact Home DonatePrivacy Policy -

Highlight Types: Hoverable, Internal Link, External Link.

-
- - diff --git a/site/donate.html b/site/donate.html deleted file mode 100644 index c542328..0000000 --- a/site/donate.html +++ /dev/null @@ -1,126 +0,0 @@ - - - - Distrust - Donate - - - - - - - - - - - - - - - - - - - - -
-

Distrust

- An eye, crossed out. -
-

"We know where you are. We know where you've been. We can more or less know what you're thinking about." - Eric Schmidt, Former Google CEO

-

Ways to Support Distrust

-
-

If you would like to support us with what we do, do not donate any money to me. I am simply a systems administrator. Please send your money to these groups instead that are actively fighting for your right to privacy:

- -

If for some reason you do want to make a donation to myself, you may donate to my personal BTC and XMR addresses, listed below:

-
    -
  • BTC: bc1qt0m95yl7tx3z7pm0a9zvqh3dsauwkzu9q30am2
    • -
  • XMR: 49xPCPCeWcFg3v5bBjwZMFieZi7jYPtRQcLj8nndntu1ZsL3Hk3wozFDWMkJTSETasBJi2wAZwS1MWf9RhdN87dWJF3ueBb
    • -
-

I greatly appreciate your gratitude if you consider this choice.

-

Non-Financial Ways of Supporting Distrust

-
-

Some other ways of supporting Distrust and it's goals without spending a dime are by strengthening the networks it relies on. Below are some examples.

- -

All of these are great examples on how you can help Distrust and others online in staying safe and anonymous by donating hardware you can find anywhere to their respective networks. Even an old PC with 8GB of RAM could feasibly host all of these.

-
- Contact About Home Privacy Policy -

Highlight Types: Hoverable, Internal Link, External Link.

-
- - - diff --git a/site/index.html b/site/index.html deleted file mode 100644 index 35ecb09..0000000 --- a/site/index.html +++ /dev/null @@ -1,136 +0,0 @@ - - - - Distrust - - - - - - - - - - - - - - - - - - - - -
-

Distrust

- An eye, crossed out. -
-

"We know where you are. We know where you've been. We can more or less know what you're thinking about." - Eric Schmidt, Former Google CEO

-

What is Distrust?

-
-

Distrust is a family of services that works off one simple principle:

-
    -
  • Freedoms of expression, knowledge, and privacy must be upheld as basic human rights, not privileges.
    • -
-

Pricing starts at a minimum of $1 per month, and upgrades to lifetime access as soon as you have paid $100 total. Payment is in BTC or XMR only.

-

These services are run at cost, and anything donated beyond the hosting expenses will be donated to the TOR project - (which we highly recommend supporting yourself).

-

The services we host are as follows, all available through either TOR - or the clearnet.

- -

We also host nodes for Bitcoin (BTC), Monero (XMR), an IPFS gateway, and a TOR relay - to strengthen their respective networks. They are all available over clearnet and TOR using this main webpages IP - and .onion URL.

-

All services have a strict no-metrics policy, with logs being kept for at most 1 hour (for debugging purposes).

-

The server runs a hardened NixOS config, and is updated when appropriate for any security/hardening tweaks. This NixOS config is auditable and freely accessible over TOR - and clearnet.

-

If you are interested, email me - with your desired username. Immediate payment is not required, and can be delayed for up to a month; We will still provision your account.

-
- Contact About DonatePrivacy Policy - -

Highlight Types: Hoverable, Internal Link, External Link.

-
- - diff --git a/site/privacy-policy.html b/site/privacy-policy.html deleted file mode 100644 index 02ed4c0..0000000 --- a/site/privacy-policy.html +++ /dev/null @@ -1,102 +0,0 @@ - - - - Distrust - - - - - - - - - - - - - - - - - - - - -
-

Distrust

- An eye, crossed out. -
-

"We know where you are. We know where you've been. We can more or less know what you're thinking about." - Eric Schmidt, Former Google CEO

-

Privacy Policy

-
-

Distrust is dedicated to protecting your privacy and upholding your right to anonymity, freedom of expression, and digital security.

-

The only personal information required is a username for account setup; no extra data, analytics, or trackers are used.

-

Service logs are maintained for no more than one hour, strictly for operational debugging, after which they are automatically deleted.

-

All payments are processed through privacy-focused cryptocurrencies (BTC and XMR), and any funds received beyond core hosting costs are donated to privacy advocacy initiatives such as the TOR Project.

-

Server infrastructure is hardened, publicly auditable, and accessible only via secure means by the sole administrator. You can view the NixOS system configuration used to deploy the server on the clearnet as well as over TOR.

-

Files uploaded to our services are not encrypted by default. If there is anything you want to remain private you must take measures to encrypt it yourself. -

Your data is never sold or shared, except where strictly required by German law (I strongly recommend you read up on it here before you store any unencrypted data on our servers), and users can request access to or deletion of their minimal personal information at any time.

-

To request account deletion, simply send me an email using your @distrust.network address. I will aim to reply within 48h and action the request within 72h to 96h.

-

Anonymous account provisioning is fully supported, and users can reach out via the secure contact details provided for any privacy-related questions or requests.

-

Every aspect of our policy is designed to maximize your privacy and align with our mission of supporting a safer, more private internet for all.

-
- Contact About DonateHome -

Highlight Types: Hoverable, Internal Link, External Link.

-
- -