Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

added searxng

Browse source
This commit is contained in:
Leyla Becker 2024-10-19 11:15:13 -05:00
parent b2ee04dce5
commit 7c3aaf241a
4 changed files with 57 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -48,8 +48,7 @@ to update passwords run: `nix shell nixpkgs#sops -c sops secrets/user-passwords.
## New Features ## New Features
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs) - offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- Flake templates - Flake templates
- home assistant virtual machine - searxng
- searxng docker
- nextcloud ??? - nextcloud ???
- samba mounts - samba mounts
- firefox declarative??? - firefox declarative???

40
enviroments/server/default.nix
View file

@ -84,6 +84,18 @@
default = "${config.apps.home-assistant.subdomain}.${config.apps.base_domain}"; default = "${config.apps.home-assistant.subdomain}.${config.apps.base_domain}";
}; };
}; };
searx = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that searx will be hosted at";
default = "search";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hosname that searx will be hosted at";
default = "${config.apps.searx.subdomain}.${config.apps.base_domain}";
};
};
}; };
}; };
@ -92,6 +104,9 @@
"services/pi-hole" = { "services/pi-hole" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml"; sopsFile = "${inputs.secrets}/defiant-services.yaml";
}; };
"services/searx" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
}; };
virtualisation = { virtualisation = {
@ -234,8 +249,8 @@
address = "0.0.0.0"; address = "0.0.0.0";
port = 8080; port = 8080;
settings = { settings = {
server_url = "http://${config.apps.headscale.subdomain}.${config.apps.base_domain}"; # server_url = "http://${config.apps.headscale.subdomain}.${config.apps.base_domain}";
dns_config.base_domain = config.apps.base_domain; dns.base_domain = config.apps.base_domain;
logtail.enabled = false; logtail.enabled = false;
}; };
}; };
@ -274,6 +289,18 @@
}; };
}; };
searx = {
enable = true;
environmentFile = config.sops.secrets."services/searx".path;
settings = {
server = {
port = 8083;
base_url = config.apps.searx.hostname;
secret_key = "@SEARXNG_SECRET@";
};
};
};
nginx = { nginx = {
enable = false; # TODO: enable this when you want to test all the configs enable = false; # TODO: enable this when you want to test all the configs
virtualHosts = { virtualHosts = {
@ -300,6 +327,11 @@
enableACME = true; enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; locations."/".proxyPass = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
}; };
${config.apps.searx.hostname} = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.searx.settings.port}";
};
}; };
}; };
}; };
@ -309,8 +341,8 @@
defaults.email = "jan-leila@protonmail.com"; defaults.email = "jan-leila@protonmail.com";
}; };
# TODO: remove 8081 and 8082 when nginx is enabled # TODO: remove 8081, 8082, 8083 when nginx is enabled
networking.firewall.allowedTCPPorts = [53 2049 3000 8081 8082]; networking.firewall.allowedTCPPorts = [53 2049 3000 8081 8082 8083];
environment.systemPackages = [ environment.systemPackages = [
config.services.headscale.package config.services.headscale.package

38
flake.lock generated
View file

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728659696, "lastModified": 1729281548,
"narHash": "sha256-xipqQdXMZdSln1WChUWFqcrghOMYCmdRo7rgf/MtEkg=", "narHash": "sha256-MuojlSnwAJAwfhgmW8ZtZrwm2Sko4fqubCvReqbUzYw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "c7ef3964b6befa877e76316ae88f3ef251cae573", "rev": "a6a3179ddf396dfc28a078e2f169354d0c137125",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -61,11 +61,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728650932, "lastModified": 1729321331,
"narHash": "sha256-mGKzqdsRyLnGNl6WjEr7+sghGgBtYHhJQ4mjpgRTCsU=", "narHash": "sha256-KVyQq+ez/oB30/WbdNgVD8g/bda34z8NiU187QKQb74=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "65ae9c147349829d3df0222151f53f79821c5134", "rev": "122f70545b29ccb922e655b08acfe05bfb44ec68",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -83,11 +83,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728179514, "lastModified": 1729302344,
"narHash": "sha256-mOGZFPYm9SuEXnYiXhgs/JmLu7RofRaMpAYyJiWudkc=", "narHash": "sha256-txj6S9QC1IiUlxz41dU8QORG47Mu0vX7ldwNKud2oy4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "018196c371073d669510fd69dd2f6dc0ec608c41", "rev": "a2a26f1bada2202572599346eb952bd3e130af66",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -98,11 +98,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1728269138, "lastModified": 1729333370,
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=", "narHash": "sha256-NU+tYe3QWzDNpB8RagpqR3hNQXn4BNuBd7ZGosMHLL8=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b", "rev": "38279034170b1e2929b2be33bdaedbf14a57bfeb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -114,11 +114,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1728492678, "lastModified": 1729256560,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", "narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", "rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -158,11 +158,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1727152771, "lastModified": 1729353554,
"narHash": "sha256-GYtrV//xaqamqRynEaHJrbklliHyAN9/4NZRXBZlahs=", "narHash": "sha256-mLf7siPN9HtpZIZZA1eubwNTyVsIS/kHzWvJ+oX88xU=",
"ref": "main", "ref": "main",
"rev": "46172e93709498e57d188a1bd19349c28fe4e3e3", "rev": "73b4f304d4445e8ce53f395e78289f264753efeb",
"revCount": 2, "revCount": 3,
"type": "git", "type": "git",
"url": "https://git.jan-leila.com/jan-leila/nix-config-secrets" "url": "https://git.jan-leila.com/jan-leila/nix-config-secrets"
}, },

2
secrets

@ -1 +1 @@
Subproject commit 46172e93709498e57d188a1bd19349c28fe4e3e3 Subproject commit 73b4f304d4445e8ce53f395e78289f264753efeb