Wateir/NixServerConfig
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add of searXng

Browse source
This commit is contained in:
Wateir 2025-12-13 22:00:20 +01:00
parent 4fddfe8724
commit a3c5f8b272
3 changed files with 36 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

23
configuration.nix
View file

@ -9,6 +9,7 @@
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./package.nix ./package.nix
./searXNG.nix
]; ];
# Bootloader. # Bootloader.
@ -54,6 +55,7 @@
# Configure console keymap # Configure console keymap
console.keyMap = "fr"; console.keyMap = "fr";
programs.zsh.enable = true;
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.manager = { users.users.manager = {
@ -61,10 +63,11 @@
description = "manager"; description = "manager";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; []; packages = with pkgs; [];
shell = pkgs.zsh;
}; };
security.sudo.enable = true; security.sudo.enable = true;
security.sudo.extraRules = [ security.sudo.extraRules = [
{ {
groups = [ "wheel" ]; groups = [ "wheel" ];
@ -81,7 +84,7 @@
} }
]; ];
security.polkit.extraConfig = '' security.polkit.extraConfig = ''
polkit.addRule(function (action, subject) { polkit.addRule(function (action, subject) {
if ( if (
@ -106,28 +109,28 @@
extraSetFlags = [ extraSetFlags = [
"--ssh=false" "--ssh=false"
]; ];
useRoutingFeatures = "server"; # or "client" / "both" useRoutingFeatures = "server"; # or "client" / "both"
}; };
services.roundcube = { services.roundcube = {
enable = false; enable = false;
hostName = "webmail.example.com"; hostName = "webmail.example.com";
}; };
services.nginx.enable = false; services.nginx.enable = false;
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 443 ]; allowedTCPPorts = [ 443 ];
allowedUDPPorts = [ 41641 3478 ]; allowedUDPPorts = [ 41641 3478 ];
}; };
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;

5
package.nix
View file

@ -3,7 +3,7 @@
{ {
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -11,6 +11,9 @@
git git
cloudflared cloudflared
cloudflare-warp cloudflare-warp
zoxide
fzf
sqlite
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
]; ];

19
searXNG.nix Normal file
View file

@ -0,0 +1,19 @@
{ config,lib,pkgs, ... }:
{
services = {
searx = {
enable = true;
redisCreateLocally = true;
package = pkgs.searxng;
environmentFile = "/etc/searx.env";
settings.server = {
bind_address = "0.0.0.0";
port = 1692;
# WARNING: setting secret_key here might expose it to the nix cache
# see below for the sops or environment file instructions to prevent this
# secret_key = "$SEARXNG_SECRET";
};
};
};
}