2
2
mirror of https://git.feal.no/felixalb/nixos-config.git synced 2024-12-22 04:07:28 +01:00

Prepare remote building, add searx

This commit is contained in:
Felix Albrigtsen 2023-09-13 23:21:28 +02:00
parent 82dbad07d0
commit 6b8599d30a
5 changed files with 81 additions and 7 deletions

View File

@ -24,7 +24,11 @@
options = "--delete-older-than 2d";
};
settings.experimental-features = ["nix-command" "flakes"];
settings = {
experimental-features = ["nix-command" "flakes"];
trusted-users = [ "felixalb" ];
builders-use-substitutes = true;
};
registry= {
nixpkgs.flake = inputs.nixpkgs;
@ -36,12 +40,15 @@
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
git
tree
rsync
bat
bottom
git
gnugrep
gnutar
ripgrep
rsync
tree
wget
];
services.openssh = {
@ -68,6 +75,7 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTXSL0w7OUcz1LzEt1T3I3K5RgyNV+MYz0x/1RbpDHQ felixalb@worf"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHkLmJIkBM6AMbYM/hYm27Flgya81UiGqh9/owYWmrbZ home.feal.no"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5M7hYl3saBNMAo6sczgfUvASEJWFHuERB7xvf4gxst nix-builder-voyager-worf"
];
};
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

View File

@ -26,6 +26,7 @@
./services/vaultwarden.nix
./services/calibre.nix
./services/fancontrol.nix
./services/searx.nix
# ./services/code-server.nix
];

View File

@ -11,5 +11,10 @@
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
/* security.acme = { */
/* acceptTerms = true; */
/* email = "felix@albrigtsen.it"; */
/* }; */
}

View File

@ -0,0 +1,58 @@
{ config, lib, pkgs, ... }:
let
domain = "search.feal.no";
cfg = config.services.searx.settings;
in {
sops.secrets."searx/env" = {
restartUnits = [ "searx.service" ];
};
services.searx = {
enable = true;
settings = {
general = {
debug = false;
instance_name = "Taschmex Searx";
wiki_url = false;
docs_url = false;
twitter_url = false;
};
server = {
port = 8090;
bind_address = "127.0.1.2";
secret_key = "@SEARX_SECRETKEY@";
base_url = domain;
image_proxy = true;
};
outgoing = {
request_timeout = 2.0;
useragent_suffix = "searx@albrigtsen.it";
pool_connections = 100;
pool_maxsize = 10;
};
};
environmentFile = config.sops.secrets."searx/env".path;
};
services.nginx.virtualHosts.${domain} = {
locations."/".proxyPass = "http://${cfg.server.bind_address}:${toString cfg.server.port}";
/* addSSL = true; */
/* enableACME = true; */
/* listen = [ */
/* { */
/* addr = "0.0.0.0"; */
/* port = 43443; */
/* ssl = true; */
/* } */
/* { */
/* addr = "0.0.0.0"; */
/* port = 43080; */
/* } */
/* ]; */
};
networking.firewall.allowedTCPPorts = [ 43443 43080 ];
}

View File

@ -10,6 +10,8 @@
#ENC[AES256_GCM,data:fvJA2s0OEs7PDOr/,iv:HlO9MCqBHtz1Hm9tILlEsJ2gfgTPThmmyoCXlGyy/9Y=,tag:7L1Kl4RgAFG+WLvtk30nYQ==,type:comment]
hedgedoc:
env: ENC[AES256_GCM,data:QaDReiDztJhu8n+Sa2SE9XjQS+YIMvQFqY5nSXKPUBrHk3tvEzmST8ZjjthruGWdKoEDQT0phR2KV660Hza8WQNajC85slVIQK2HFXKK8xYn5qeMQj5U1m85rmSjMNg6Rdb+rCQFWiM2KRfdkiWiAzcgOvGd2ziX3oE4tTTpBs2Jy70B+eXEVqZvYajQUyQZItCPb7BUhkhv8rVbI0Q=,iv:3ZcWie2pwfvUsXhQo1Zlpbq6r85OOWASKiwzfY30BHM=,tag:NyH6w9MQPUWvue/wo8LmAg==,type:str]
searx:
env: ENC[AES256_GCM,data:5tzCZulZV+Ls0/N/WMQ4q2A5w04gmlA12AetbcX4pzn1xKDIe/0RwmuJXcq5qIof/A==,iv:/sFUtakRVNX2n1v72FGPFRQy0UK3jKbMS1Qmnrnm/tA=,tag:sxarQL61SDovipJZAd4Ozg==,type:str]
transmission:
vpncreds: ENC[AES256_GCM,data:KWm6AGlJze0Of9Nkz0moaQCAXMwylsZ+BIZR4BnbuDRbjKRMJSWCOFBSbG3esGprLhoCnYwc9mghSeoP2AQRAT++sERpxX3JTHF9QuauNmhRWb1xLsOfQAu6vsA/0dTshQr8ivhJSnEz57rasdOraovYjVsRXd7cuclajPoS4nl3+1/IrSkAlxNzx8F0PMmyOrvoPVMmqQ4PcKFfkXc1f59O2iJ19Bmt/x5yIxU=,iv:VAYlqL8Pb5J4g+W3QClrgRftYw5UofXmG9cfEsZdLr4=,tag:zJIxYaGEedFjM8IsBfnQog==,type:str]
matrix:
@ -54,8 +56,8 @@ sops:
NENEM2VLRDBzTWM0ckdPVThaeE0xL2MKTAvsDKgaoj0Fz9CoNbP6s1kROlDbbXtB
4rFRGN+WZJrBioz5nN4kR7mVFKa4w6z6Pu3D5WLyK7UQQkZJ64avdw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-06-08T21:22:10Z"
mac: ENC[AES256_GCM,data:l7sZPbR3pihdoWEtfAB8yHAVtGfvnz+7dFos6b3TyBRhJmKlnd/zux9Lpw+KFh7y16KQDwE0rJlGf4+gkwM5SyMSHl3L4U430DeXhbcTLTGSFq7WLk5bnJgOYHv9t8zqHI8qsHJKarYca0KhtzLUFQG8U4wbJCzAJajGp9bVEyE=,iv:2xm1vi+GPt1Of5t9iWeyzcuzqFWiFjDk8juL+AnsiM8=,tag:BHLjw12RzORzUL2jI8+kdw==,type:str]
lastmodified: "2023-08-22T15:28:28Z"
mac: ENC[AES256_GCM,data:Fj4acVrxZJjJTXQAFedzdra3L3rupGbP4SnymkN/vd9dFm0iFNUXF1ZybQGtLFsEBtKZqlNxUMcyGz3/jbWfTDEoItITc+rjHFoWpTDyT81aGGSQFr/NYyGI421stn9x4uZgh2SZZAepYDWb7gLLhw24kvFW3XMV08m6XatUn9I=,iv:g7uQE40u6q373X4hiL8HPlm3rLRU/o1NTrSYcSQVgao=,tag:M0ul7bVOdwZKT4BrhcbEFw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3