Update greatyamada config
This commit is contained in:
parent
5c4921895e
commit
97bf3bb177
22 changed files with 556 additions and 212 deletions
46
hosts/greatyamada/services/searxng.nix
Normal file
46
hosts/greatyamada/services/searxng.nix
Normal file
|
@ -0,0 +1,46 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
portDefinitions = import ./_port-definitions.nix;
|
||||
nginxLocalServiceConfig = import ./nginx-local-config.nix;
|
||||
in {
|
||||
services = {
|
||||
searx = {
|
||||
enable = true;
|
||||
package = pkgs.searxng;
|
||||
environmentFile = config.sops.templates."searxng_secret_key.env".path;
|
||||
redisCreateLocally = true;
|
||||
# runInUwsgi = true;
|
||||
# uwsgiConfig = {
|
||||
# socket = "/run/searx/searxng.sock";
|
||||
# http = ":${toString portDefinitions.searxng}";
|
||||
# chmod-socket = "660";
|
||||
# };
|
||||
settings = {
|
||||
base_url = "https://searxng.rcia.dev";
|
||||
bind_address = "127.0.0.1";
|
||||
port = portDefinitions.searxng;
|
||||
public_instance = false;
|
||||
limiter = false;
|
||||
};
|
||||
|
||||
};
|
||||
nginx.virtualHosts."searxng.rcia.dev" = {
|
||||
locations."/".proxyPass =
|
||||
"http://127.0.0.1:${toString portDefinitions.searxng}";
|
||||
extraConfig = nginxLocalServiceConfig;
|
||||
forceSSL = true;
|
||||
useACMEHost = "rcia.dev";
|
||||
};
|
||||
};
|
||||
sops = {
|
||||
secrets."searxng_secret_key".owner = "searx";
|
||||
templates."searxng_secret_key.env" = {
|
||||
content = ''
|
||||
SEARXNG_SECRET=${config.sops.placeholder."searxng_secret_key"}
|
||||
'';
|
||||
owner = "searx";
|
||||
};
|
||||
};
|
||||
systemd.services.nginx.serviceConfig.ProtectHome = false;
|
||||
users.groups.searx.members = [ "nginx" ];
|
||||
}
|
Loading…
Add table
Add a link
Reference in a new issue