nixos-config/hosts/defiant/services/searx.nix

{ config, pkgs, lib, ... }:
let
  cfg = config.services.searx;
  domain = "search.home.feal.no";
in {
  services.searx = {
    enable = true;
    environmentFile = config.sops.secrets."searx/envfile".path;
    settings = {
      server = {
        secret_key = "@SEARX_SECRET_KEY@";
        base_url = "http://${domain}";
      };
    };

    runInUwsgi = true;
    uwsgiConfig = {
      socket = "/run/searx/searx.sock";
      chmod-socket = "660";
    };

    redisCreateLocally = true;
  };

  sops.secrets."searx/envfile" = {
    owner = "searx";
    group = "searx";
  };

  users.groups."searx".members = [ "nginx" ];

  services.nginx.virtualHosts."${domain}" = {
    locations."/".extraConfig = ''
      include ${config.services.nginx.package}/conf/uwsgi_params;
      uwsgi_pass unix:${cfg.uwsgiConfig.socket};
    '';
  };
}
defiant: add SearXNG 2024-12-31 12:52:07 +01:00			`{ config, pkgs, lib, ... }:`
			`let`
			`cfg = config.services.searx;`
			`domain = "search.home.feal.no";`
			`in {`
			`services.searx = {`
			`enable = true;`
			`environmentFile = config.sops.secrets."searx/envfile".path;`
			`settings = {`
			`server = {`
			`secret_key = "@SEARX_SECRET_KEY@";`
			`base_url = "http://${domain}";`
			`};`
			`};`

			`runInUwsgi = true;`
			`uwsgiConfig = {`
			`socket = "/run/searx/searx.sock";`
			`chmod-socket = "660";`
			`};`

			`redisCreateLocally = true;`
			`};`

			`sops.secrets."searx/envfile" = {`
			`owner = "searx";`
			`group = "searx";`
			`};`

			`users.groups."searx".members = [ "nginx" ];`

			`services.nginx.virtualHosts."${domain}" = {`
			`locations."/".extraConfig = ''`
			`include ${config.services.nginx.package}/conf/uwsgi_params;`
			`uwsgi_pass unix:${cfg.uwsgiConfig.socket};`
			`'';`
			`};`
			`}`