From f4d7c2231b23f4c1e7f40d747255dd6110b8b24c Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Sat, 8 Mar 2025 02:42:38 -0600
Subject: [PATCH] feat: added searXNG to Ceres

---
 modules/nixos/services/searx/default.nix | 58 ++----------------------
 1 file changed, 5 insertions(+), 53 deletions(-)

diff --git a/modules/nixos/services/searx/default.nix b/modules/nixos/services/searx/default.nix
index cedda66..02f8cad 100644
--- a/modules/nixos/services/searx/default.nix
+++ b/modules/nixos/services/searx/default.nix
@@ -149,62 +149,14 @@ in
             virtualHosts = {
               "${host}" = {
                 extraConfig = ''
-                  @api {
-                    path /config
-                    path /healthz
-                    path /stats/errors
-                    path /stats/checker
-                  }
+                  redir /.well-known/carddav /remote.php/dav/ 301
+                  redir /.well-known/caldav /remote.php/dav/ 301
 
-                  @static {
-                    path /static/*
-                  }
-
-                  @notstatic {
-                    not path /static/*
-                  }
-
-                  @imageproxy {
-                    path /image_proxy
-                  }
-
-                  @notimageproxy {
-                    not path /image_proxy
-                  }
-
-                  header @api {
-                    Access-Control-Allow-Methods "GET, OPTIONS"
-                    Access-Control-Allow-Origin "*"
-                  }
-
-                  header @static {
-                    Cache-Control "public, max-age=31536000"
-                    defer
-                  }
-
-                  header @notstatic {
-                    Cache-Control "no-cache, no-store"
-                    Pragma "no-cache"
-                  }
-
-                  header @imageproxy {
-                    Content-Security-Policy "default-src 'none'; img-src 'self' data:"
-                  }
-
-                  header @notimageproxy {
-                    Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"
-                  }
-
-                  handle {
-                    encode zstd gzip
-
-                    reverse_proxy unix/${config.services.searx.uwsgiConfig.socket} {
-                      transport unix
-                      transport protocol uwsgi
-                    }
-                  }
+                  reverse_proxy ${localhost}:${toString service.ports.port0}
 
                   tls ${service.ssl.cert} ${service.ssl.key}
+
+                  encode zstd gzip
                 '';
               };
             };