beagle: setup SearX(NG)
This commit is contained in:
parent
6540e7e33f
commit
cf5fbef43c
GPG key ID:
053EA6E00116533A
6 changed files with 37 additions and 24 deletions
|
|
@ -2,6 +2,7 @@
|
|||
imports = [
|
||||
./modules/kanidm.nix
|
||||
./modules/matrix.nix
|
||||
./modules/searx.nix
|
||||
./modules/reverse-proxy.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -50,6 +50,15 @@
|
|||
'';
|
||||
};
|
||||
};
|
||||
|
||||
"searx.peprolinbot.com" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
||||
# Rest of configuration done in services.searx.configreNginx
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
27
machines/beagle/modules/searx.nix
Normal file
27
machines/beagle/modules/searx.nix
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
clan.core.vars.generators.searx = {
|
||||
prompts.secret-key = {
|
||||
description = "SearX server.secret_key";
|
||||
type = "hidden";
|
||||
};
|
||||
|
||||
files.environment-file.secret = true;
|
||||
script = ''
|
||||
cat <<EOL > $out/environment-file
|
||||
SEARX_SECRET_KEY=$(<$prompts/secret-key)
|
||||
EOL
|
||||
'';
|
||||
};
|
||||
|
||||
services.searx = {
|
||||
enable = true;
|
||||
domain = "searx.peprolinbot.com";
|
||||
configureNginx = true;
|
||||
redisCreateLocally = true;
|
||||
environmentFile = config.clan.core.vars.generators.searx.files.environment-file.path;
|
||||
settings = {
|
||||
server.secret_key = "$SEARX_SECRET_KEY";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1 +0,0 @@
|
|||
../../../../../../sops/machines/beagle
|
||||
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
"data": "ENC[AES256_GCM,data:6ChD8x6SoPaXkbRiOhPtLQi7Re+dXkPyIylpCRKbIU3MLkUgt4qlNKQPOpLH8Kqm2bvUQ6m0eKlMfIdxW7hfZmZnJJ0xqjeaAtlsOQkLrGOiGINd7AIQR/JzcxNAPhUy7kDOxJpu/tL3emG+AC7SSM41isUmFWJUOlokBFOIcah4gdFRqtIpH4RoLEEOTI61XWc=,iv:pycKyu8DbOIpNVMSk+fxbD4q9HlvcvZ29hO5ZKt/nCE=,tag:WsaHkmyIlGThsaUSIlpvHA==,type:str]",
|
||||
"sops": {
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age1hcamqavws9xv6lda9wcv3vmtd47wg8nc3w6zmum9a9e42g0044nq3lp298",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4VkJCNlVSNUFBWTRxTGha\nYjg2SEIwREEzY3dJU1EvUUNLc0pPTG54ZmxRCndNbThWako3cm11VDd3Zlkzd2RK\ndVlEYzNraTJSK3lLYjh0K1VMUUxGVFEKLS0tIEN5ODQ2SkVnNGIrcVlpVVRHZHIx\nbVpvbFphQVdmTXFxMTMrMkdEaVg5Z0kKWPbjeciIjsNPIExBMvRHvfUhaDibDWet\nP94LhgEdwP0P81fEY+kXBcSDpSvpBlOmy+5irJnnycZxbcUo7APSQA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1lrg2j5a90yy4ccj4c8yrmkk4rx029t5hfh6n5a2nte77pwlspp8qvgmtmg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKc1NaeUlxYnQyV1QrcmU3\neEsxZmc4dEJJS3BrNkZzV3h0eUdEWU5ZZXlzCjYwbVRJMzFFS0pYVjZEcjdUQzFR\nL1dZRTBCWlNlbjV3YWQyQksreE1BZDAKLS0tIGxlekJERWVBUW5sNCtmMGpBTUhq\ndEhXMThxWWpSeW5CZWpPZ3NhdmxHVE0KLcumlX/WnKeUA1IGljYEl0p8bOZumTxo\nWxKTUV5noeNFStsyZM3t7nnrb61c7LbDPhw5iMeRCCTg5h8lDHobWg==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1r2sw9uncvkqtklypw4rttufhw86lhhqrghed8l2kda6hdrd9ypyqm7y863",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrdzJxNFRPaFpBK1RtNDdn\nVXhMNm52V2p1WXFqVGMwN1JyRFRyczZ0N3dNClY1YU5KNkNPWGJwK3NieWhvZzNU\neWlkQUJsZFJrdE90TXZjS3IzUEhRTTQKLS0tIHJCRWdEQmhlaTNiNUMzMDBLY3Q3\nMzgyUlBaaThxeGdGSmdxVEtwdE5rcFkKN0jk27yKXmsAF1p9Yd5ovWCZX6UAHUcd\nIF0tguoT1QgkFDO8ur9FbJCLwJeB2Cn+tPktpWZoxZ6XfepcSQosUA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2025-12-27T13:06:12Z",
|
||||
"mac": "ENC[AES256_GCM,data:wvtVJx1mXIpvJsn3d1wP6n/D8U5N1BD19XGGVCg/DOUlauoi9HWycBF85zINg1qgksgJLDL/j5dsAz+guRxW7XuW0a5mWgtWs5W1G2Lp7DhHznUyA6y1LBzmD2RdSO5ZQl3ma0w+Zyl4KI4/CI/VNy/Yy1K8lqW2u6xG31eoOgo=,iv:J3uCdT2ZKPvEwUD/ERK4VK3hAnvNe/0wzJDGLf9aOz0=,tag:Sap5JOCrZElahv6JvZ/YUg==,type:str]",
|
||||
"version": "3.11.0"
|
||||
}
|
||||
}
|
||||
|
|
@ -1 +0,0 @@
|
|||
../../../../../../sops/users/pedro
|
||||
Loading…
Add table
Add a link
Reference in a new issue