diff --git a/hosts/architect/default.nix b/hosts/architect/default.nix index 0d2cef1..1b7ade5 100644 --- a/hosts/architect/default.nix +++ b/hosts/architect/default.nix @@ -40,7 +40,7 @@ in ./keycloak.nix # ./runas.nix ./tailscale.nix - # ./searx.nix + ./searx.nix ./plex.nix ./headscale.nix ]; diff --git a/hosts/architect/searx.nix b/hosts/architect/searx.nix index 492ffa0..75a686e 100644 --- a/hosts/architect/searx.nix +++ b/hosts/architect/searx.nix @@ -1,8 +1,7 @@ -{ mach-nix, lib, config, pkgs, ... }: +{ config, pkgs, ... }: let - domain = "gugol.giugl.io"; - network = import ./network.nix; + domain = "search.giugl.io"; in { services = { @@ -19,14 +18,14 @@ in }; general = { - instance_name = "Pepe's Gugol"; - contact_url = "mailto:gugol@depasquale.giugl.io"; - enable_metrics = false; + instance_name = "PepoSearch"; + contact_url = "mailto:search@depasquale.giugl.io"; + enable_metrics = true; }; search = { safe_search = 0; - autocomplete = "qwant"; + autocomplete = "google"; prefer_configured_language = false; }; @@ -43,24 +42,23 @@ in { name = "google"; disabled = false; } { name = "bing"; disabled = false; } { name = "qwant"; disabled = false; } - { name = "duckduckgo"; disabled = false; } + { name = "brave"; disabled = false; } + # keep getting access denied (!?) + { name = "duckduckgo"; disabled = true; } ]; }; }; - - nginx.virtualHosts.${domain} = { - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://127.0.0.1:${toString config.services.searx.settings.server.port}"; - }; - }; }; - networking.extraHosts = '' - ${network.architect-lan} ${domain} - ${network.architect-wg} ${domain} - ${network.architect-ts} ${domain} - ''; + architect.vhost.${domain} = with config.architect.networks; { + dnsInterfaces = [ "tailscale" ]; + locations."/" = { + port = config.services.searx.settings.server.port; + allowLan = true; + + allow = [ + tailscale.net + ]; + }; + }; }