notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

Compare commits

base: notohh:20949f330006d1ce1151c01f5594952a76fa36d6
Branches Tags
notohh:master
..
compare: notohh:98245da210f89d4d5447d7340c0ec69a581d0b57
Branches Tags
notohh:master

4 commits
20949f3300 ... 98245da210

Author SHA1 Message Date
notohh
98245da210
traefik: init searxng
All checks were successful
/ check (push) Successful in 34s
 2023-10-10 15:42:45 -04:00
notohh
4796cce931
redis: init searxng 2023-10-10 15:42:36 -04:00
notohh
0aff8c08db
sops: add searxng-secret 2023-10-10 15:42:29 -04:00
notohh
a613280f7e
yuki: switch searxng to nix 2023-10-10 15:42:00 -04:00
5 changed files with 64 additions and 21 deletions
Show stats Expand all files Collapse all files

12
hosts/arashi/services/redis.nix
View file

@ -13,5 +13,17 @@
protected-mode = "no"; protected-mode = "no";
}; };
}; };
searxng = {
enable = true;
openFirewall = true;
port = 6380;
bind = null;
databases = 16;
logLevel = "debug";
requirePass = "searxng";
settings = {
protected-mode = "no";
};
};
}; };
} }

11
hosts/sora/services/traefik.nix
View file

@ -18,7 +18,6 @@
rule = "HostSNI(`*`)"; rule = "HostSNI(`*`)";
entrypoints = ["gitssh"]; entrypoints = ["gitssh"];
service = "gitssh"; service = "gitssh";
tls.passthrough = true;
}; };
}; };
}; };
@ -105,8 +104,16 @@
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
searxng = {
rule = "Host(`search.flake.sh`)";
entrypoints = ["websecure"];
service = "searxng";
tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production";
};
}; };
services = { services = {
gitssh.loadBalancer.servers = [{url = "tcp://100.121.201.47:2222";}];
uptime-kuma.loadBalancer.servers = [{url = "http://100.87.54.48:4000";}]; uptime-kuma.loadBalancer.servers = [{url = "http://100.87.54.48:4000";}];
gotify.loadBalancer.servers = [{url = "http://100.87.54.48:3000";}]; gotify.loadBalancer.servers = [{url = "http://100.87.54.48:3000";}];
conduit.loadBalancer.servers = [{url = "http://100.121.201.47:6167";}]; conduit.loadBalancer.servers = [{url = "http://100.121.201.47:6167";}];
@ -117,7 +124,7 @@
grafana.loadBalancer.servers = [{url = "http://100.121.201.47:3100";}]; grafana.loadBalancer.servers = [{url = "http://100.121.201.47:3100";}];
hedgedoc.loadBalancer.servers = [{url = "http://100.121.201.47:3300";}]; hedgedoc.loadBalancer.servers = [{url = "http://100.121.201.47:3300";}];
vaultwarden.loadBalancer.servers = [{url = "http://100.121.201.47:8222";}]; vaultwarden.loadBalancer.servers = [{url = "http://100.121.201.47:8222";}];
gitssh.loadBalancer.servers = [{url = "tcp://100.121.201.47:2222";}]; searxng.loadBalancer.servers = [{url = "http://100.110.140.130:8100";}];
}; };
}; };
}; };

51
hosts/yuki/services/searxng.nix
View file

@ -1,14 +1,43 @@
_: { {
virtualisation.oci-containers.containers.searxng = { pkgs,
image = "searxng/searxng:2023.6.10-5f11155c"; config,
volumes = [ ...
"/home/notoh/docker/searxng:/etc/searxng:rw" }: {
]; sops.secrets.searxng-secret = {};
environment = { networking.firewall.allowedTCPPorts = [8100];
INSTANCE_NAME = "SearXNG"; services.searx = {
package = pkgs.searxng;
enable = true;
environmentFile = config.sops.secrets.searxng-secret.path;
settings = {
general = {
debug = false;
instance_name = "SearXNG flake.sh";
enable_metrics = false;
contact_url = "mailto:contact@notohh.dev";
};
ui = {
default_theme = "simple";
theme_args = {
simple_style = "dark";
};
};
search = {
autocomplete = "google";
safe_search = 0;
default_lang = "en-US";
};
server = {
port = 8100;
bind_address = "0.0.0.0";
secret_key = "@SEARXNG_SECRET@";
base_url = "https://search.flake.sh/";
public_instance = true;
infinite_scroll = true;
};
redis = {
url = "redis://:searxng@100.94.214.100:6380";
};
}; };
ports = [
"8100:8080"
];
}; };
} }

6
hosts/yuki/services/traefik.nix
View file

@ -15,11 +15,6 @@ _: {
entrypoints = ["web"]; entrypoints = ["web"];
service = "homarr"; service = "homarr";
}; };
searxng = {
rule = "Host(`searxng.internal.flake.sh`)";
entryPoints = ["web"];
service = "searxng";
};
stash = { stash = {
rule = "Host(`stash.internal.flake.sh`)"; rule = "Host(`stash.internal.flake.sh`)";
entrypoints = ["web"]; entrypoints = ["web"];
@ -45,7 +40,6 @@ _: {
stash.loadBalancer.servers = [{url = "http://localhost:9999";}]; stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
homarr.loadBalancer.servers = [{url = "http://localhost:7575";}]; homarr.loadBalancer.servers = [{url = "http://localhost:7575";}];
dashdot.loadBalancer.servers = [{url = "http://localhost:4000";}]; dashdot.loadBalancer.servers = [{url = "http://localhost:4000";}];
searxng.loadBalancer.servers = [{url = "http://localhost:8100";}];
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}]; jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}]; jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}];
}; };

5
secrets/secrets.yaml
View file

@ -12,6 +12,7 @@ tsauth-sora: ENC[AES256_GCM,data:3jzPB0whb9xHudVl/MhNeCUgjDfzzQpxGJGqfMf2GqEtfEk
tsauth-sakura: ENC[AES256_GCM,data:iN77ArKDnltxrWGCz8bMqMHBAp45oGUk+n5ilAE0tY2rz01PGaCmIgPFSDfNaMphH6gX+AbEd5Y=,iv:k/lBIZW7aKT3u+dgcFnQORah2yHZXAmY+PBv53tM1ao=,tag:9/pebj3D9LURTedqkduoaw==,type:str] tsauth-sakura: ENC[AES256_GCM,data:iN77ArKDnltxrWGCz8bMqMHBAp45oGUk+n5ilAE0tY2rz01PGaCmIgPFSDfNaMphH6gX+AbEd5Y=,iv:k/lBIZW7aKT3u+dgcFnQORah2yHZXAmY+PBv53tM1ao=,tag:9/pebj3D9LURTedqkduoaw==,type:str]
forgejo-runner-token: ENC[AES256_GCM,data:uHwIBG2Ktdhs2nhfbidHSEkv7bwLnWzHZEa01sfnv2oYvtlHdnTXJQ==,iv:IRS+qLbIFl5GXxChogs6yxsUD4MxnjCw2VF3dxCvSnI=,tag:elTaJSO1ex4qrF9Wu8gx2A==,type:str] forgejo-runner-token: ENC[AES256_GCM,data:uHwIBG2Ktdhs2nhfbidHSEkv7bwLnWzHZEa01sfnv2oYvtlHdnTXJQ==,iv:IRS+qLbIFl5GXxChogs6yxsUD4MxnjCw2VF3dxCvSnI=,tag:elTaJSO1ex4qrF9Wu8gx2A==,type:str]
basegbot-runner-token: ENC[AES256_GCM,data:2ZnyRdou8U7SPYgntnzoibxOoQltUCnzXIMVYiPQj9Qfa3vaT6SY6w==,iv:RS66X1ophQDl1Mph0x0yzJb/v1x2o7d5+Z1FJRAXsSA=,tag:4wOI4fHkOGE8r1FsAoy+aw==,type:str] basegbot-runner-token: ENC[AES256_GCM,data:2ZnyRdou8U7SPYgntnzoibxOoQltUCnzXIMVYiPQj9Qfa3vaT6SY6w==,iv:RS66X1ophQDl1Mph0x0yzJb/v1x2o7d5+Z1FJRAXsSA=,tag:4wOI4fHkOGE8r1FsAoy+aw==,type:str]
searxng-secret: ENC[AES256_GCM,data:SSvspQVRp79zJq0hzaqzuJIWFtVUoaqHGH9PXUViiXb9UKJM34t82o2J5K69RcOSBL7HadqmxcT4Eh8e8ZUJnquD7rrPdWb2Ih4zS7MmG94=,iv:wrQNNU7CjzfePNe1tWEXmN30vC0jTp+PtgfI3/XH22g=,tag:QAt/QL846hLLIMLQZUM3mQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -27,8 +28,8 @@ sops:
YWNQcURKMSs2U0pOa3E0cTdCZ3RnalkKGayA7DBUQS+kn+6OYVBc6oTunF0qeZdt YWNQcURKMSs2U0pOa3E0cTdCZ3RnalkKGayA7DBUQS+kn+6OYVBc6oTunF0qeZdt
5b9DLHgh0HRWFm09XGSOog8K315d93Wzblw1My1/dXeEQX/ryinqUQ== 5b9DLHgh0HRWFm09XGSOog8K315d93Wzblw1My1/dXeEQX/ryinqUQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-10-08T03:17:36Z" lastmodified: "2023-10-10T19:01:17Z"
mac: ENC[AES256_GCM,data:l+CNLRubxiyHpkI4vf1+/8Uk8iKrAebFrPiMn4Cr5k4uQZAA5dXIdyMkUzxxVo0drlSDC4dBgji+6Cd85nKutfo9oqFCXTOj80ZM/WfUl+Rb0PUpZy7CG1u95y6npu4lD34SNXCspraXFHEE00ziuc70YksGJd2m+gCz7GFY3c8=,iv:7gacwYd0a/c4R3IaCAOUg7kl+Be1N2CFnZiXiBh4PbY=,tag:QPev8mRYUxgXJlOIfQ1QFw==,type:str] mac: ENC[AES256_GCM,data:R+UqQiqRkLfFNcB8M1TkIpCLswnOubHeweTsFrAcwNccPSVHkLZkUnLZet4EiPJwZ3Ss4h66aFeR5bL5Z+MvR99Fr3x2rZusM1FGlPFK2gf0GdpboRq5BsJ93N1yTux5geDqyX502XK3TA1/HruN72Hor7b+9PxVOAkBEdb/MW0=,iv:RS2FMtqxvenTG9GYwlS/L8r2nuDUmkkdscXI+d8KRcY=,tag:pDJY0dSfCxMPS/oHU2yylg==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.8.0 version: 3.8.0