blob: 9f5931494c3e23af5209059d5405301666f618d6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
{ pkgs, lib, config, ... }: let
environmentFile = "/run/searx/searxng.env";
generateEnvironmentFile = ''
umask 077
echo "SEARXNG_SECRET=$(head -c 56 /dev/urandom | base64)" > ${environmentFile}
ls /run/searx
'';
in {
options = {
searxng.enable = lib.mkEnableOption "enables searxng service";
};
config = lib.mkIf config.searxng.enable {
# Generate secret key
systemd.services.searx-environment-file = {
description = "Generate environment file with secret key for searx";
wantedBy = [ "searx-init.service" ];
partOf = [ "searx-init.service" ];
before = [ "searx-init.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "searx";
RuntimeDirectory = "searx";
RuntimeDirectoryMode = "750";
ConditionPathExists = "!${environmentFile}";
};
script = generateEnvironmentFile;
};
# Configure searxng
services.searx = {
enable = true;
redisCreateLocally = true;
package = pkgs.searxng;
inherit environmentFile; # Provides secret key
settings = {
general = {
instance_name = "TJK Search";
donation_url = "https://tjkeller.xyz";
enable_metrics = false;
};
# Search engine settings
search = {
safe_search = 2; # Strict
autocomplete = "";
default_lang = "en-US";
};
preferences.lock = [ "safesearch" ]; # Lock safe_search at strict
# https://docs.searxng.org/admin/plugins.html
enabled_plugins = [
"Tor check plugin"
"Tracker URL remover"
"Basic Calculator"
"Unit converter plugin"
"Hash plugin"
"Self Information"
"Open Access DOI rewrite"
"Hostnames plugin"
];
hostnames.replace = {
"(.*\.)?youtube\.com$" = "piped.tjkeller.xyz";
"(.*\.)?youtu\.be$" = "piped.tjkeller.xyz";
"(.*\.)?reddit\.com$" = "old.reddit.com";
};
# Enable / disabled search engines from default list
engines = lib.mapAttrsToList (name: value: { inherit name; disabled = !value; }) {
# Images
"artic" = false;
"deviantart" = false;
"flickr" = false;
"library of congress" = false;
"openverse" = false;
"pinterest" = false;
"public domain image archive" = false;
"unsplash" = false;
"wallhaven" = false;
"wikicommons.images" = false;
# Videos
"bitchute" = true;
"dailymotion" = false;
"piped" = false;
"rumble" = true;
"sepiasearch" = false;
"vimeo" = false;
"wikicommons.videos" = false;
# Music
"piped.music" = false;
# Files
"1337x" = true;
"annas archive" = true;
"library genesis" = true;
# Apps
"fdroid" = true;
};
};
};
};
}
|
