Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

added searxng

Browse source
This commit is contained in:
Leyla Becker 2024-10-19 11:15:13 -05:00
parent b2ee04dce5
commit 7c3aaf241a
4 changed files with 57 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -48,8 +48,7 @@ to update passwords run: `nix shell nixpkgs#sops -c sops secrets/user-passwords.
## New Features
- offline access for nfs mounts (overlay with rsync might be a good option here? https://www.spinics.net/lists/linux-unionfs/msg07105.html note about nfs4 and overlay fs)
- Flake templates
- home assistant virtual machine
- searxng docker
- searxng
- nextcloud ???
- samba mounts
- firefox declarative???

40
enviroments/server/default.nix
View file

@ -84,6 +84,18 @@
default = "${config.apps.home-assistant.subdomain}.${config.apps.base_domain}";
};
};
searx = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that searx will be hosted at";
default = "search";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hosname that searx will be hosted at";
default = "${config.apps.searx.subdomain}.${config.apps.base_domain}";
};
};
};
};
@ -92,6 +104,9 @@
"services/pi-hole" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
"services/searx" = {
sopsFile = "${inputs.secrets}/defiant-services.yaml";
};
};
virtualisation = {
@ -234,8 +249,8 @@
address = "0.0.0.0";
port = 8080;
settings = {
server_url = "http://${config.apps.headscale.subdomain}.${config.apps.base_domain}";
dns_config.base_domain = config.apps.base_domain;
# server_url = "http://${config.apps.headscale.subdomain}.${config.apps.base_domain}";
dns.base_domain = config.apps.base_domain;
logtail.enabled = false;
};
};
@ -274,6 +289,18 @@
};
};
searx = {
enable = true;
environmentFile = config.sops.secrets."services/searx".path;
settings = {
server = {
port = 8083;
base_url = config.apps.searx.hostname;
secret_key = "@SEARXNG_SECRET@";
};
};
};
nginx = {
enable = false; # TODO: enable this when you want to test all the configs
virtualHosts = {
@ -300,6 +327,11 @@
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
};
${config.apps.searx.hostname} = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.searx.settings.port}";
};
};
};
};
@ -309,8 +341,8 @@
defaults.email = "jan-leila@protonmail.com";
};
# TODO: remove 8081 and 8082 when nginx is enabled
networking.firewall.allowedTCPPorts = [53 2049 3000 8081 8082];
# TODO: remove 8081, 8082, 8083 when nginx is enabled
networking.firewall.allowedTCPPorts = [53 2049 3000 8081 8082 8083];
environment.systemPackages = [
config.services.headscale.package

38
flake.lock generated
View file

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1728659696,
"narHash": "sha256-xipqQdXMZdSln1WChUWFqcrghOMYCmdRo7rgf/MtEkg=",
"lastModified": 1729281548,
"narHash": "sha256-MuojlSnwAJAwfhgmW8ZtZrwm2Sko4fqubCvReqbUzYw=",
"owner": "nix-community",
"repo": "disko",
"rev": "c7ef3964b6befa877e76316ae88f3ef251cae573",
"rev": "a6a3179ddf396dfc28a078e2f169354d0c137125",
"type": "github"
},
"original": {
@ -61,11 +61,11 @@
]
},
"locked": {
"lastModified": 1728650932,
"narHash": "sha256-mGKzqdsRyLnGNl6WjEr7+sghGgBtYHhJQ4mjpgRTCsU=",
"lastModified": 1729321331,
"narHash": "sha256-KVyQq+ez/oB30/WbdNgVD8g/bda34z8NiU187QKQb74=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "65ae9c147349829d3df0222151f53f79821c5134",
"rev": "122f70545b29ccb922e655b08acfe05bfb44ec68",
"type": "github"
},
"original": {
@ -83,11 +83,11 @@
]
},
"locked": {
"lastModified": 1728179514,
"narHash": "sha256-mOGZFPYm9SuEXnYiXhgs/JmLu7RofRaMpAYyJiWudkc=",
"lastModified": 1729302344,
"narHash": "sha256-txj6S9QC1IiUlxz41dU8QORG47Mu0vX7ldwNKud2oy4=",
"owner": "nix-community",
"repo": "nix-vscode-extensions",
"rev": "018196c371073d669510fd69dd2f6dc0ec608c41",
"rev": "a2a26f1bada2202572599346eb952bd3e130af66",
"type": "github"
},
"original": {
@ -98,11 +98,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1728269138,
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=",
"lastModified": 1729333370,
"narHash": "sha256-NU+tYe3QWzDNpB8RagpqR3hNQXn4BNuBd7ZGosMHLL8=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b",
"rev": "38279034170b1e2929b2be33bdaedbf14a57bfeb",
"type": "github"
},
"original": {
@ -114,11 +114,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1728492678,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
"lastModified": 1729256560,
"narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
"rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
"type": "github"
},
"original": {
@ -158,11 +158,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1727152771,
"narHash": "sha256-GYtrV//xaqamqRynEaHJrbklliHyAN9/4NZRXBZlahs=",
"lastModified": 1729353554,
"narHash": "sha256-mLf7siPN9HtpZIZZA1eubwNTyVsIS/kHzWvJ+oX88xU=",
"ref": "main",
"rev": "46172e93709498e57d188a1bd19349c28fe4e3e3",
"revCount": 2,
"rev": "73b4f304d4445e8ce53f395e78289f264753efeb",
"revCount": 3,
"type": "git",
"url": "https://git.jan-leila.com/jan-leila/nix-config-secrets"
},

2
secrets

@ -1 +1 @@
Subproject commit 46172e93709498e57d188a1bd19349c28fe4e3e3
Subproject commit 73b4f304d4445e8ce53f395e78289f264753efeb