Merge branch 'main' into 2411

README.md

@@ -6,4 +6,15 @@ nix --extra-experimental-features "nix-command flakes" build ".#nixosConfigurati
 nixos-rebuild switch --update-input nixpkgs --update-input unstable --no-write-lock-file --refresh --flake git+https://github.com/adrlau/nix-dotfiles.git --upgrade
 
 
-nix why-depends .\#nixosConfigurations.eowyn.config.system.build.toplevel pkgs.python3.12-libarcus-4.12.0 --impure
+
+
+show flake attrs
+```nix flake show .#```
+
+
+why depends: 
+```nix why-depends /run/current-system /nix/store/...```
+```nix why-depends .#```
+```nix why-depends .#nixosConfigurations.galadriel nixpkgs#python312Packages.botorch```
+```nix why-depends .\#nixosConfigurations.eowyn.config.system.build.toplevel pkgs.python3.12-libarcus-4.12.0 --impure```
+

flake.nix

@@ -82,7 +82,7 @@
         };
    
        aragon = nixpkgs.lib.nixosSystem {
-          system = "x84_64-linux";
+            system = "x86_64-linux";
           specialArgs = {
             inherit inputs;
           };

machines/elrond/configuration.nix

@@ -9,7 +9,6 @@
       ./hardware-configuration.nix
       ../../profiles/webhost.nix
       ../../profiles/base.nix
-      ../../services/gate.nix
       #../../services/ozai.nix
       ./routes.nix
     ];

machines/elrond/routes.nix

@@ -1,14 +1,14 @@
 { config, pkgs, lib, ... }:
 {
   services.nginx =  {
-    virtualHosts."lauterer.it" = {
-        forceSSL = true;
-        useACMEHost = config.networking.domain;
-        locations."/" = {
-          proxyWebsockets = true;
-          proxyPass = "http://100.84.215.84";
-        };
-    };  
+    #virtualHosts."lauterer.it" = {
+    #    forceSSL = true;
+    #    useACMEHost = config.networking.domain;
+    #    locations."/" = {
+    #      proxyWebsockets = true;
+    #      proxyPass = "http://100.84.215.84";
+    #    };
+    #};  
 
     virtualHosts."managment.lauterer.it" = {
       forceSSL = true;
@@ -50,16 +50,16 @@
       #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
     };
 
-    virtualHosts."hybel.lauterer.it" = {
-      forceSSL = true;
-      useACMEHost = config.networking.domain;
-      locations."/" = {
-        proxyWebsockets = true;
-        proxyPass = "http://100.109.23.4:8123";
-      };
-      # ignorerer sikkerhet for littegran for å oprettholde lettvinthet og app kompatibilitet.
-      #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
-    };
+    # virtualHosts."hybel.lauterer.it" = {
+    #   forceSSL = true;
+    #   useACMEHost = config.networking.domain;
+    #   locations."/" = {
+    #     proxyWebsockets = true;
+    #     proxyPass = "http://100.109.23.4:8123";
+    #   };
+    #   # ignorerer sikkerhet for littegran for å oprettholde lettvinthet og app kompatibilitet.
+    #   #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
+    # };
 
 
     virtualHosts."jellyfin.lauterer.it" = {
@@ -81,6 +81,8 @@
         basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
       };
 
+
+
       virtualHosts."rss.lauterer.it" = {
         forceSSL = true;
         useACMEHost = config.networking.domain;
@@ -91,6 +93,18 @@
         #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
       };
 
+
+      virtualHosts."ai.lauterer.it" = {
+        forceSSL = true;
+        useACMEHost = config.networking.domain;
+        locations."/" = {
+          proxyWebsockets = true;
+          proxyPass = "http://100.84.215.84:11111";
+        };
+        #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
+      };
+
+
       #virtualHosts."azul.256.no" = {
       #  forceSSL = true;
       #  useACMEHost = config.networking.domain;
@@ -101,15 +115,15 @@
       #  #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
       #};
 
-      virtualHosts."azul.256.no" = {
-        forceSSL = true;
-        useACMEHost = config.networking.domain;
-        locations."/" = {
-          proxyWebsockets = true;
-          proxyPass = "http://localhost:8095";
-        };
-        #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
-      };  
+     # virtualHosts."azul.256.no" = {
+     #   forceSSL = true;
+     #   useACMEHost = config.networking.domain;
+     #   locations."/" = {
+     #     proxyWebsockets = true;
+     #     proxyPass = "http://localhost:8095";
+     #   };
+     #   #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
+     # };  
  
  
     #virtualHosts."shiori.lauterer.it" = config.services.nginx.virtualHosts."archive.lauterer.it";
@@ -123,7 +137,7 @@
           proxyPass = "http://100.84.215.84:8082";
         };
         #basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
-      };  
+    };  
 
 
 

profiles/ai.nix

@@ -13,7 +13,6 @@
 	    ollama
       openai-whisper
       openai-whisper-cpp
-      whisper-ctranslate2
       wyoming-faster-whisper
       wyoming-piper
       subtitlr

services/searxng.nix

@@ -0,0 +1,180 @@
+{ config, pkgs, lib, ... }:
+{
+  environment.systemPackages = [
+
+  ];
+
+
+services.searx = {
+  enable = false;
+  redisCreateLocally = true;
+
+  # Rate limiting
+  limiterSettings = {
+    real_ip = {
+      x_for = 1;
+      ipv4_prefix = 32;
+      ipv6_prefix = 56;
+    };
+
+    botdetection = {
+      ip_limit = {
+        filter_link_local = true;
+        link_token = true;
+      };
+    };
+  };
+
+  # UWSGI configuration should be true for non single user instances.
+  runInUwsgi = false;
+
+  uwsgiConfig = {
+    socket = "/run/searx/searx.sock";
+    http = ":8888";
+    chmod-socket = "660";
+  };
+
+  # Searx configuration
+  settings = {
+    # Instance settings
+    general = {
+      debug = false;
+      instance_name = "SearXNG Instance";
+      donation_url = false;
+      contact_url = false;
+      privacypolicy_url = false;
+      enable_metrics = false;
+    };
+
+    # User interface
+    ui = {
+      static_use_hash = true;
+      default_locale = "en";
+      query_in_title = true;
+      infinite_scroll = false;
+      center_alignment = true;
+      default_theme = "simple";
+      theme_args.simple_style = "auto";
+      search_on_category_select = false;
+      hotkeys = "vim";
+    };
+
+    # Search engine settings
+    search = {
+      safe_search = 2;
+      autocomplete_min = 2;
+      autocomplete = "duckduckgo";
+      ban_time_on_fail = 5;
+      max_ban_time_on_fail = 120;
+    };
+
+    # Server configuration
+    server = {
+      base_url = "https://search.lauterer.it";
+      port = 8888;
+      bind_address = "127.0.0.1";
+      secret_key = config.sops.secrets.searx.path;
+      limiter = true;
+      public_instance = false;
+      image_proxy = true;
+      method = "GET";
+    };
+
+    # Search engines
+    engines = lib.mapAttrsToList (name: value: { inherit name; } // value) {
+      "duckduckgo".disabled = false;
+      "brave".disabled = true;
+      "bing".disabled = false;
+      "mojeek".disabled = true;
+      "mwmbl".disabled = false;
+      "mwmbl".weight = 0.4;
+      "qwant".disabled = true;
+      "crowdview".disabled = false;
+      "crowdview".weight = 0.5;
+      "curlie".disabled = true;
+      "ddg definitions".disabled = false;
+      "ddg definitions".weight = 2;
+      "wikibooks".disabled = false;
+      "wikidata".disabled = false;
+      "wikiquote".disabled = true;
+      "wikisource".disabled = true;
+      "wikispecies".disabled = false;
+      "wikispecies".weight = 0.5;
+      "wikiversity".disabled = false;
+      "wikiversity".weight = 0.5;
+      "wikivoyage".disabled = false;
+      "wikivoyage".weight = 0.5;
+      "currency".disabled = true;
+      "dictzone".disabled = true;
+      "lingva".disabled = true;
+      "bing images".disabled = false;
+      "brave.images".disabled = true;
+      "duckduckgo images".disabled = false;
+      "google images".disabled = false;
+      "qwant images".disabled = true;
+      "1x".disabled = true;
+      "artic".disabled = false;
+      "deviantart".disabled = true;
+      "flickr".disabled = true;
+      "imgur".disabled = false;
+      "library of congress".disabled = false;
+      "material icons".disabled = true;
+      "material icons".weight = 0.2;
+      "openverse".disabled = false;
+      "pinterest".disabled = true;
+      "svgrepo".disabled = false;
+      "unsplash".disabled = false;
+      "wallhaven".disabled = false;
+      "wikicommons.images".disabled = false;
+      "yacy images".disabled = true;
+      "bing videos".disabled = true;
+      "brave.videos".disabled = true;
+      "duckduckgo videos".disabled = false;
+      "google videos".disabled = false;
+      "qwant videos".disabled = false;
+      "dailymotion".disabled = true;
+      "google play movies".disabled = true;
+      "invidious".disabled = false;
+      "odysee".disabled = true;
+      "peertube".disabled = false;
+      "piped".disabled = true;
+      "rumble".disabled = false;
+      "sepiasearch".disabled = false;
+      "vimeo".disabled = true;
+      "youtube".disabled = true;
+      "brave.news".disabled = true;
+      "google news".disabled = true;
+    };
+
+    # Outgoing requests
+    outgoing = {
+      request_timeout = 5.0;
+      max_request_timeout = 15.0;
+      pool_connections = 100;
+      pool_maxsize = 15;
+      enable_http2 = true;
+    };
+
+    # Enabled plugins
+    enabled_plugins = [
+      "Basic Calculator"
+      "Hash plugin"
+      "Hostnames plugin"
+      "Self Information"
+      "Tor check plugin"
+      "Open Access DOI rewrite"
+      "Hostnames plugin"
+      "Unit converter plugin"
+      "Tracker URL remover"
+    ];
+  };
+};
+
+# Systemd configuration
+#systemd.services.nginx.serviceConfig.ProtectHome = false;
+
+# User management
+users.groups.searx.members = ["nginx"];
+
+
+ }