From 2c08bf0287bb72601a82bb3b3fb6b3bcaf077ac5 Mon Sep 17 00:00:00 2001 From: Nick Date: Sat, 8 Mar 2025 03:31:43 -0600 Subject: [PATCH] feat: added searXNG to Ceres --- modules/nixos/services/searx/default.nix | 32 ++++++++++++++++-------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/modules/nixos/services/searx/default.nix b/modules/nixos/services/searx/default.nix index d917b4b..2c953ed 100644 --- a/modules/nixos/services/searx/default.nix +++ b/modules/nixos/services/searx/default.nix @@ -5,7 +5,7 @@ ... }: let - inherit (flake.config.machines.devices) mars ceres; + inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) searx web; service = searx; hostname = config.networking.hostName; @@ -50,15 +50,24 @@ in ban_time_on_fail = 5; max_ban_time_on_fail = 120; }; - server = { - port = service.ports.port0; - bind_address = localhost; - secret_key = config.sops.secrets.searx-key.path; - limiter = true; - public_instance = false; - image_proxy = true; - method = "GET"; - } // (if hostname == ceres.name then { base_url = host; } else { }); + server = + { + port = service.ports.port0; + bind_address = localhost; + secret_key = config.sops.secrets.searx-key.path; + limiter = true; + public_instance = false; + image_proxy = true; + method = "GET"; + } + // ( + if hostname == ceres.name then + { + base_url = host; + } + else + { } + ); engines = lib.mapAttrsToList (name: value: { inherit name; } // value) { "duckduckgo".disabled = false; "brave".disabled = false; @@ -171,6 +180,9 @@ in { } ); + users.groups.searx.members = [ "caddy" ]; + systemd.services.caddy.serviceConfig.ProtectHome = false; + sops = let sopsPath = secret: {