diff --git a/modules/config/instances/config/searx.nix b/modules/config/instances/config/searx.nix new file mode 100644 index 0000000..3fa6244 --- /dev/null +++ b/modules/config/instances/config/searx.nix @@ -0,0 +1,34 @@ +{ instancesFunctions }: +let + inherit (instancesFunctions) + domain0 + servicePath + sslPath + sopsPath + ; + + searxLabel = "SearXNG"; + searxName = "searx"; + searxSubdomain = "search"; +in +{ + label = searxLabel; + name = searxName; + email = { + address0 = "noreply@${domain0}"; + }; + sops = { + path0 = "${sopsPath}/${searxName}"; + }; + subdomain = searxSubdomain; + paths = { + path0 = "${servicePath}/${searxLabel}"; + }; + ports = { + port0 = 8888; + }; + ssl = { + cert = "${sslPath}/${searxSubdomain}.${domain0}/fullchain.pem"; + key = "${sslPath}/${searxSubdomain}.${domain0}/key.pem"; + }; +} diff --git a/modules/home/default.nix b/modules/home/default.nix index 1da00fa..367787b 100755 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -37,6 +37,7 @@ in daVinci mpv freetube + dissent discordCanary element signal diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix index 31b465c..dbfffe6 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix @@ -171,6 +171,16 @@ in ]; keyword = "Router"; } + { + name = "${instances.searx.label} (Internet)"; + url = "https://${instances.searx.subdomain}.${instances.web.domains.url0}"; + tags = [ + "search" + "sear" + "searx" + ]; + keyword = instances.searx.label; + } { name = "${instances.syncthing.label} (${instances.synology.label})"; url = "http://${synology.ip.address0}:${toString instances.syncthing.ports.port0}"; diff --git a/modules/home/gui/apps/browsers/floorp/config/search/config/flake/icons/sx.png b/modules/home/gui/apps/browsers/floorp/config/search/config/flake/icons/sx.png new file mode 100644 index 0000000..85b11d6 Binary files /dev/null and b/modules/home/gui/apps/browsers/floorp/config/search/config/flake/icons/sx.png differ diff --git a/modules/home/gui/apps/browsers/floorp/config/search/config/flake/selfHosted.nix b/modules/home/gui/apps/browsers/floorp/config/search/config/flake/selfHosted.nix index f0df93e..0c4ccf4 100755 --- a/modules/home/gui/apps/browsers/floorp/config/search/config/flake/selfHosted.nix +++ b/modules/home/gui/apps/browsers/floorp/config/search/config/flake/selfHosted.nix @@ -27,4 +27,15 @@ in } ]; }; + "${instances.searx.label}" = { + definedAliases = [ + "@sx" + ]; + icon = ./icons/sx.png; + urls = [ + { + template = "https://${instances.searx.subdomain}.${instances.web.domains.url0}/search?q={searchTerms}"; + } + ]; + }; } diff --git a/modules/home/gui/apps/browsers/floorp/config/search/default.nix b/modules/home/gui/apps/browsers/floorp/config/search/default.nix index d2f1b33..8dbfef3 100755 --- a/modules/home/gui/apps/browsers/floorp/config/search/default.nix +++ b/modules/home/gui/apps/browsers/floorp/config/search/default.nix @@ -30,7 +30,7 @@ in { search = { force = true; - default = "Kagi"; + default = "SearXNG"; engines = aggregatedSearchEngines; order = [ "AlternativeTo" diff --git a/modules/home/gui/apps/messaging/discord/dissent/default.nix b/modules/home/gui/apps/messaging/discord/dissent/default.nix new file mode 100755 index 0000000..8ee3548 --- /dev/null +++ b/modules/home/gui/apps/messaging/discord/dissent/default.nix @@ -0,0 +1,11 @@ +{ + pkgs, + ... +}: +{ + home.packages = builtins.attrValues { + inherit (pkgs) + dissent + ; + }; +} diff --git a/modules/home/gui/desktop/hypr/land/config/bind.nix b/modules/home/gui/desktop/hypr/land/config/bind.nix index a384434..5e06db2 100755 --- a/modules/home/gui/desktop/hypr/land/config/bind.nix +++ b/modules/home/gui/desktop/hypr/land/config/bind.nix @@ -22,7 +22,7 @@ let "X, exec, freetube" "V, exec, discordcanary" "M, exec, element-desktop" - "D, exec, ghostty -e zellij a dotfiles" + "D, exec, ghostty" "P, exec, bitwarden" # Workspaces "1, workspace, 1" diff --git a/modules/home/gui/desktop/hypr/land/config/windowrulev2.nix b/modules/home/gui/desktop/hypr/land/config/windowrulev2.nix index 9c225f4..9e08592 100755 --- a/modules/home/gui/desktop/hypr/land/config/windowrulev2.nix +++ b/modules/home/gui/desktop/hypr/land/config/windowrulev2.nix @@ -28,7 +28,7 @@ let "maxsize 720 400, class:^${blueman}$" "maxsize 360 500, class:^${calculator}$" "maxsize 720 400, class:^${easyeffects}$" - "maxsize 720 400, class:^${scrcpy}$" + # "maxsize 720 400, class:^${scrcpy}$" "maxsize 720 400, class:^${mpv}$" "maxsize 720 400, class:^${vlc}$" "maxsize 640 360, class:^${nomacs}$" @@ -52,7 +52,7 @@ let "class:^${vlc}$" "class:^${nomacs}$" "class:^${flameshot}$" - "class:^${scrcpy}$" + # "class:^${scrcpy}$" "class:^${nomacs}$" "class:^${proton}$" "title:^(${picture})$" @@ -101,7 +101,7 @@ let "class:^${vlc}$" "class:^${nomacs}$" "class:^${flameshot}$" - "class:^${scrcpy}$" + # "class:^${scrcpy}$" "title:^(${picture})$" "title:^(${discord-popout})$" "title:^${bitwarden}$" diff --git a/modules/home/gui/desktop/wayland/tofi/config/settings.nix b/modules/home/gui/desktop/wayland/tofi/config/settings.nix index bbe1def..457e5ff 100755 --- a/modules/home/gui/desktop/wayland/tofi/config/settings.nix +++ b/modules/home/gui/desktop/wayland/tofi/config/settings.nix @@ -30,7 +30,7 @@ in prompt-color = "#${el.base0D}"; input-color = "#${el.base07}"; default-result-color = "#${el.base05}"; - selection-color = "#${el.base0C}"; + selection-color = "#${el.base0E}"; prompt-text = "Summon: "; width = 400; diff --git a/modules/home/gui/desktop/wayland/wpaperd/wallpaper/juliemao-1741428128332-6023.jpg b/modules/home/gui/desktop/wayland/wpaperd/wallpaper/juliemao-1741428128332-6023.jpg new file mode 100644 index 0000000..af0dc4d Binary files /dev/null and b/modules/home/gui/desktop/wayland/wpaperd/wallpaper/juliemao-1741428128332-6023.jpg differ diff --git a/modules/home/gui/desktop/wayland/wpaperd/wallpaper/wallhaven-eyrj7o.jpg b/modules/home/gui/desktop/wayland/wpaperd/wallpaper/wallhaven-eyrj7o.jpg new file mode 100644 index 0000000..011111a Binary files /dev/null and b/modules/home/gui/desktop/wayland/wpaperd/wallpaper/wallhaven-eyrj7o.jpg differ diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 1f933cc..aad138b 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -11,6 +11,7 @@ in syncthing ollama hypr + searx wayland xserver ; @@ -49,6 +50,7 @@ in website postgresql samba + searx vaultwarden forgejo wayland diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index 0ddb5c4..2fa7914 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -4,15 +4,9 @@ ... }: let - inherit (flake.config.people) - user0 - ; - inherit (flake.config.people.users.${user0}) - email - ; - inherit (flake.config.services) - instances - ; + inherit (flake.config.people) user0; + inherit (flake.config.people.users.${user0}) email; + inherit (flake.config.services) instances; domain0 = instances.web.domains.url0; domain1 = instances.web.domains.url1; domain3 = instances.web.domains.url3; @@ -42,6 +36,7 @@ in "minecraft" "ollama" "syncthing" + "searx" "vaultwarden" ] ) diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 4f9b42a..7c8d3b3 100755 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -5,20 +5,10 @@ ... }: let - inherit (flake.config.people) - user0 - ; - inherit (flake.config.people.users.${user0}) - name - ; - inherit (flake.config.machines.devices) - ceres - ; - inherit (flake.config.services.instances) - nextcloud - nginx - web - ; + inherit (flake.config.people) user0; + inherit (flake.config.people.users.${user0}) name; + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) nextcloud nginx web; service = nextcloud; localhost = web.localhost.address0; host = "${service.subdomain}.${web.domains.url1}"; diff --git a/modules/nixos/services/searx/default.nix b/modules/nixos/services/searx/default.nix new file mode 100644 index 0000000..f694da7 --- /dev/null +++ b/modules/nixos/services/searx/default.nix @@ -0,0 +1,214 @@ +{ + flake, + lib, + config, + ... +}: +let + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) searx web; + service = searx; + hostname = config.networking.hostName; + localhost = web.localhost.address0; + host = "${service.subdomain}.${web.domains.url0}"; +in +{ + services = + { + searx = { + enable = true; + redisCreateLocally = true; + uwsgiConfig = { + socket = "/run/searx/searx.sock"; + http = ":${builtins.toString service.ports.port0}"; + chmod-socket = "660"; + }; + settings = { + general = { + debug = false; + instance_name = "SearXNG Instance"; + donation_url = false; + contact_url = false; + privacypolicy_url = false; + enable_metrics = false; + }; + ui = { + static_use_hash = true; + default_locale = "en"; + query_in_title = true; + infinite_scroll = true; + center_alignment = true; + default_theme = "simple"; + theme_args.simple_style = "auto"; + search_on_category_select = true; + hotkeys = "vim"; + }; + search = { + safe_search = 0; + autocomplete_min = 2; + autocomplete = "duckduckgo"; + ban_time_on_fail = 5; + max_ban_time_on_fail = 120; + }; + server = + { + port = service.ports.port0; + bind_address = localhost; + secret_key = config.sops.secrets.searx-key.path; + limiter = false; + public_instance = false; + image_proxy = true; + method = "GET"; + } + // ( + if hostname == ceres.name then + { + base_url = "https://${host}"; + } + else + { } + ); + engines = lib.mapAttrsToList (name: value: { inherit name; } // value) { + "duckduckgo".disabled = false; + "brave".disabled = false; + "bing".disabled = false; + "mojeek".disabled = true; + "mwmbl".disabled = false; + "mwmbl".weight = 0.4; + "qwant".disabled = true; + "crowdview".disabled = false; + "crowdview".weight = 0.5; + "curlie".disabled = true; + "ddg definitions".disabled = false; + "ddg definitions".weight = 2; + "wikibooks".disabled = false; + "wikidata".disabled = false; + "wikiquote".disabled = true; + "wikisource".disabled = true; + "wikispecies".disabled = false; + "wikispecies".weight = 0.5; + "wikiversity".disabled = false; + "wikiversity".weight = 0.5; + "wikivoyage".disabled = false; + "wikivoyage".weight = 0.5; + "currency".disabled = true; + "dictzone".disabled = true; + "lingva".disabled = true; + "bing images".disabled = false; + "brave.images".disabled = false; + "duckduckgo images".disabled = false; + "google images".disabled = false; + "qwant images".disabled = true; + "1x".disabled = true; + "artic".disabled = false; + "deviantart".disabled = false; + "flickr".disabled = true; + "imgur".disabled = false; + "library of congress".disabled = false; + "material icons".disabled = true; + "material icons".weight = 0.2; + "openverse".disabled = false; + "pinterest".disabled = true; + "svgrepo".disabled = false; + "unsplash".disabled = false; + "wallhaven".disabled = false; + "wikicommons.images".disabled = false; + "yacy images".disabled = true; + "bing videos".disabled = false; + "brave.videos".disabled = true; + "duckduckgo videos".disabled = true; + "google videos".disabled = false; + "qwant videos".disabled = false; + "dailymotion".disabled = true; + "google play movies".disabled = true; + "invidious".disabled = true; + "odysee".disabled = true; + "peertube".disabled = true; + "piped".disabled = true; + "rumble".disabled = false; + "sepiasearch".disabled = false; + "vimeo".disabled = true; + "youtube".disabled = false; + "brave.news".disabled = true; + "google news".disabled = true; + }; + outgoing = { + request_timeout = 5.0; + max_request_timeout = 15.0; + pool_connections = 100; + pool_maxsize = 15; + enable_http2 = true; + }; + enabled_plugins = [ + "Basic Calculator" + "Hash plugin" + "Tor check plugin" + "Open Access DOI rewrite" + "Hostnames plugin" + "Unit converter plugin" + "Tracker URL remover" + ]; + }; + }; + } + // ( + if hostname == ceres.name then + { + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + # Use the uwsgi socket directly instead of reverse_proxy to HTTP + reverse_proxy unix//run/searx/searx.sock { + transport unix { + dial_timeout 5s + } + header_up Host {host} + header_up X-Forwarded-For {remote} + header_up X-Forwarded-Proto {scheme} + header_up X-Script-Name / + } + + tls ${service.ssl.cert} ${service.ssl.key} + encode zstd gzip + ''; + }; + }; + }; + } + else + { } + ); + + users.groups.searx.members = [ "caddy" ]; + # systemd.services.caddy.serviceConfig.ProtectHome = false; + + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = service.name; + mode = "600"; + }; + in + { + secrets = builtins.listToAttrs ( + map + (secret: { + name = "${service.name}-${secret}"; + value = sopsPath secret; + }) + [ + "key" + ] + ); + }; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; +} diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 035cf5b..be2263f 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -29,6 +29,7 @@ nextcloud-user1: ENC[AES256_GCM,data:6EsbSeWWftPjZQM=,iv:LTcx6fx55d3+SepFIoy/6cB nextcloud-user2: ENC[AES256_GCM,data:axrWMmouq5gwqdGL,iv:BPHEn47z2g7gocKO4g5vV4ZSGb+AMA3vGYheAy1zR5Q=,tag:QOWg4fdKxMhGk2qRehH2EQ==,type:str] nextcloud-user3: ENC[AES256_GCM,data:g6ldEdtBuEmPAQYAQfaO,iv:6fElE2vZh9l/KgJuNevklpIlZZdqGHgwhnOzq1n3ojE=,tag:T0Q1IkdVTeW2T1FmGnjz8A==,type:str] claude-api-key: ENC[AES256_GCM,data:QzGJPBnqx4PrDjNvGeyjl0B/W9pkBS4YWK/lrDK4sx0/eBbwMk2qvi03wOhVfvz71UVRpDIZ0F3eVtB8h8Nr94Ha/8IlFQtKxrh60XIzUs/GLB2jKZursZny8IjqZMrt9YHFOphqAWawB33g,iv:XKPqQ0sGukhy0bPXATYwjJMAfSkXdeanc4kULb5TWmA=,tag:vmH+pzU5qoOF5W0fhVfhDA==,type:str] +searx-key: ENC[AES256_GCM,data:kzKWa4xCKDEWocyMmK8FWyAqHM7BuJ1f63XFfO8Dtig=,iv:Vs27/ri4nBzJ/A0LnxsCZD/kYraFZ6tD63VhUqYFwx8=,tag:8gx+j7RenuRzjj0AY5v8uQ==,type:str] sops: kms: [] gcp_kms: [] @@ -44,8 +45,8 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-02-03T03:16:19Z" - mac: ENC[AES256_GCM,data:zoMaGiNDQ8bZwXbmgwTK07F8mGh7HZnaMPRdcftpiy1t5HuYKXU8CdiaREaGozCyIrgvTHbtQjjtL1KFTzpCkN1+bEpL+VA75vEzAkeoImRCFNMnTVdc2I5Bo0nOg8OW5HwI7Ezdv2ZrSd3qG7YW2WZHpctvOgWAoWv2z2zGHX8=,iv:1qs7/7aQ88JbAr3wEk70t/JmxfvfIAMSWXKckPmYg74=,tag:0Tpls8L13wU4WdMU4v4e5w==,type:str] + lastmodified: "2025-03-08T06:46:18Z" + mac: ENC[AES256_GCM,data:bFmkUxQE7Jl6I/FdpsWzbAu5/g9rLYH5C9jRRwY0ln+ZAANXaxfEYj5oeMZA0lDdgCJ07Hnt0RZdyYp/jyNzY+om16qKqRxv6qpqE89jfK937LsMxc6HJcuGQQcA/1QgSCU9OLWqdbDZxik3twemQd3aPAaHLF1ZEM7tx0gCOgQ=,iv:NizgZd2mb5sXm7oxRcpVKRAIyw75dASuP0eGzhBKOM8=,tag:K0rzvjQFB++gioKobt1Sow==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.4