diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 668e10a..5ebea98 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -73,6 +73,10 @@ enable = true; subdomain = "git"; }; + searx = { + enable = true; + subdomain = "search"; + }; }; networking = { hostId = "c51763d6"; diff --git a/configurations/nixos/defiant/services.nix b/configurations/nixos/defiant/services.nix index 6b42717..f98e680 100644 --- a/configurations/nixos/defiant/services.nix +++ b/configurations/nixos/defiant/services.nix @@ -81,18 +81,6 @@ in { default = "${config.apps.home-assistant.subdomain}.${config.apps.base_domain}"; }; }; - searx = { - subdomain = lib.mkOption { - type = lib.types.str; - description = "subdomain of base domain that searx will be hosted at"; - default = "search"; - }; - hostname = lib.mkOption { - type = lib.types.str; - description = "hostname that searx will be hosted at"; - default = "${config.apps.searx.subdomain}.${config.apps.base_domain}"; - }; - }; nextcloud = { subdomain = lib.mkOption { type = lib.types.str; @@ -113,9 +101,6 @@ in { "services/pi-hole" = { sopsFile = "${inputs.secrets}/defiant-services.yaml"; }; - "services/searx" = { - sopsFile = "${inputs.secrets}/defiant-services.yaml"; - }; "services/nextcloud_adminpass" = { sopsFile = "${inputs.secrets}/defiant-services.yaml"; owner = config.users.users.nextcloud.name; @@ -265,17 +250,6 @@ in { }; }; - searx = { - enable = true; - environmentFile = config.sops.secrets."services/searx".path; - settings = { - server = { - port = 8083; - secret_key = "@SEARXNG_SECRET@"; - }; - }; - }; - # nextcloud here is built using its auto setup mysql db because it was not playing nice with postgres nextcloud = { enable = true; @@ -307,11 +281,6 @@ in { # enableACME = true; locations."/".proxyPass = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; }; - ${config.apps.searx.hostname} = { - # forceSSL = true; - # enableACME = true; - locations."/".proxyPass = "http://localhost:${toString config.services.searx.settings.server.port}"; - }; }; }; }; @@ -333,7 +302,6 @@ in { config.services.forgejo.settings.server.HTTP_PORT config.services.home-assistant.config.http.server_port config.services.postgresql.settings.port - config.services.searx.settings.server.port ]); environment.systemPackages = [ diff --git a/modules/nixos-modules/server/default.nix b/modules/nixos-modules/server/default.nix index 65d79d9..c38d60c 100644 --- a/modules/nixos-modules/server/default.nix +++ b/modules/nixos-modules/server/default.nix @@ -5,5 +5,6 @@ ./postgres.nix ./jellyfin.nix ./forgejo.nix + ./searx.nix ]; } diff --git a/modules/nixos-modules/server/searx.nix b/modules/nixos-modules/server/searx.nix new file mode 100644 index 0000000..5af4c57 --- /dev/null +++ b/modules/nixos-modules/server/searx.nix @@ -0,0 +1,40 @@ +{ + config, + lib, + inputs, + ... +}: { + options.host.searx = { + enable = lib.mkEnableOption "should searx be enabled on this computer"; + subdomain = lib.mkOption { + type = lib.types.str; + description = "subdomain of base domain that searx will be hosted at"; + default = "searx"; + }; + }; + + config = lib.mkIf config.host.searx.enable { + sops.secrets = { + "services/searx" = { + sopsFile = "${inputs.secrets}/defiant-services.yaml"; + }; + }; + host = { + reverse_proxy.subdomains.${config.host.searx.subdomain} = { + target = "http://localhost:${toString config.services.searx.settings.server.port}"; + }; + }; + services = { + searx = { + enable = true; + environmentFile = config.sops.secrets."services/searx".path; + settings = { + server = { + port = 8083; + secret_key = "@SEARXNG_SECRET@"; + }; + }; + }; + }; + }; +}