summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2024-05-13 23:42:54 +0200
committerAlan Pearce2024-05-13 23:42:54 +0200
commitc4448d4e960bc895e9d73a9cf5d6f58f1dc9bd67 (patch)
treee763ed2c80ead3c0b491a95d6f8f1ac3c674f2d4
parent558d23085fab11e8f49ae583c71f203279c4e8bc (diff)
downloadnixfiles-c4448d4e960bc895e9d73a9cf5d6f58f1dc9bd67.tar.lz
nixfiles-c4448d4e960bc895e9d73a9cf5d6f58f1dc9bd67.tar.zst
nixfiles-c4448d4e960bc895e9d73a9cf5d6f58f1dc9bd67.zip
linde: deploy searchix
-rw-r--r--flake.lock206
-rw-r--r--flake.nix3
-rw-r--r--system/linde.nix49
3 files changed, 257 insertions, 1 deletions
diff --git a/flake.lock b/flake.lock
index f60b9ece..dbb7ad28 100644
--- a/flake.lock
+++ b/flake.lock
@@ -124,6 +124,22 @@
         "type": "github"
       }
     },
+    "flake-compat_2": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-utils": {
       "inputs": {
         "systems": "systems_3"
@@ -142,6 +158,71 @@
         "type": "github"
       }
     },
+    "flake-utils_2": {
+      "inputs": {
+        "systems": "systems_4"
+      },
+      "locked": {
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "gitignore": {
+      "inputs": {
+        "nixpkgs": [
+          "searchix",
+          "pre-commit-hooks",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1709087332,
+        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "type": "github"
+      }
+    },
+    "gomod2nix": {
+      "inputs": {
+        "flake-utils": [
+          "searchix",
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "searchix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1710154385,
+        "narHash": "sha256-4c3zQ2YY4BZOufaBJB4v9VBBeN2dH7iVdoJw8SDNCfI=",
+        "owner": "nix-community",
+        "repo": "gomod2nix",
+        "rev": "872b63ddd28f318489c929d25f1f0a3c6039c971",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "gomod2nix",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -250,6 +331,22 @@
         "type": "github"
       }
     },
+    "nixpkgs-stable_2": {
+      "locked": {
+        "lastModified": 1710695816,
+        "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-23.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1715266358,
@@ -266,6 +363,63 @@
         "type": "github"
       }
     },
+    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1715447595,
+        "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_4": {
+      "locked": {
+        "lastModified": 1710765496,
+        "narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "e367f7a1fb93137af22a3908f00b9a35e2d286a7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "pre-commit-hooks": {
+      "inputs": {
+        "flake-compat": "flake-compat_2",
+        "flake-utils": [
+          "searchix",
+          "flake-utils"
+        ],
+        "gitignore": "gitignore",
+        "nixpkgs": "nixpkgs_4",
+        "nixpkgs-stable": "nixpkgs-stable_2"
+      },
+      "locked": {
+        "lastModified": 1714478972,
+        "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=",
+        "owner": "cachix",
+        "repo": "pre-commit-hooks.nix",
+        "rev": "2849da033884f54822af194400f8dff435ada242",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "repo": "pre-commit-hooks.nix",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
         "agenix": "agenix",
@@ -276,10 +430,33 @@
         "nix-index-database": "nix-index-database",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_2",
+        "searchix": "searchix",
         "secrets": "secrets",
         "utils": "utils_2"
       }
     },
+    "searchix": {
+      "inputs": {
+        "flake-utils": "flake-utils_2",
+        "gomod2nix": "gomod2nix",
+        "nixpkgs": "nixpkgs_3",
+        "pre-commit-hooks": "pre-commit-hooks",
+        "simple-css": "simple-css"
+      },
+      "locked": {
+        "lastModified": 1715634290,
+        "narHash": "sha256-kIDPnyDZT0wvH07vaDdTtj102qcBLW/DRqo6sNOdahU=",
+        "ref": "refs/heads/main",
+        "rev": "6fed92fd9acc567e6a1ebd939402b9198da40b86",
+        "revCount": 114,
+        "type": "git",
+        "url": "https://git.alanpearce.eu/searchix"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://git.alanpearce.eu/searchix"
+      }
+    },
     "secrets": {
       "flake": false,
       "locked": {
@@ -296,6 +473,18 @@
         "type": "indirect"
       }
     },
+    "simple-css": {
+      "flake": false,
+      "locked": {
+        "narHash": "sha256-AAA6fucfxB8R7z66UjOps79XMxbK/gZAB+JDEpZeXGo=",
+        "type": "file",
+        "url": "https://raw.githubusercontent.com/kevquirk/simple.css/v2.3.0/simple.css"
+      },
+      "original": {
+        "type": "file",
+        "url": "https://raw.githubusercontent.com/kevquirk/simple.css/v2.3.0/simple.css"
+      }
+    },
     "systems": {
       "locked": {
         "lastModified": 1681028828,
@@ -356,6 +545,21 @@
         "type": "github"
       }
     },
+    "systems_5": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "utils": {
       "inputs": {
         "systems": "systems_2"
@@ -376,7 +580,7 @@
     },
     "utils_2": {
       "inputs": {
-        "systems": "systems_4"
+        "systems": "systems_5"
       },
       "locked": {
         "lastModified": 1710146030,
diff --git a/flake.nix b/flake.nix
index bda758e2..491ae0ab 100644
--- a/flake.nix
+++ b/flake.nix
@@ -17,6 +17,7 @@
     agenix.url = "github:ryantm/agenix";
     agenix.inputs.nixpkgs.follows = "nixpkgs";
     deploy-rs.url = "github:serokell/deploy-rs";
+    searchix.url = "git+https://git.alanpearce.eu/searchix";
   };
 
   outputs =
@@ -32,6 +33,7 @@
     , emacs-overlay
     , agenix
     , deploy-rs
+    , searchix
     , ...
     }:
     let
@@ -85,6 +87,7 @@
         specialArgs = { inherit inputs; };
         modules = [
           agenix.nixosModules.default
+          searchix.nixosModules.default
           ./system/linde.nix
         ];
       };
diff --git a/system/linde.nix b/system/linde.nix
index bbcf0b0f..97699025 100644
--- a/system/linde.nix
+++ b/system/linde.nix
@@ -146,6 +146,13 @@ in
       auto-optimise-store = true;
       trusted-users = [ "root" "nixremote" ];
       experimental-features = [ "nix-command" "flakes" ];
+      substituters = [
+        "https://nix-community.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
     };
     gc = {
       automatic = true;
@@ -678,6 +685,12 @@ in
           reverse_proxy localhost${config.services.ntfy-sh.settings.listen-http}
         '';
       };
+      "searchix.alanpearce.eu" = {
+        useACMEHost = "alanpearce.eu";
+        extraConfig = ''
+          reverse_proxy localhost:${toString config.services.searchix.settings.web.port}
+        '';
+      };
       "legit.alanpearce.eu" =
         let
           server = config.services.legit.settings.server;
@@ -803,4 +816,40 @@ in
     overrideDevices = false;
     overrideFolders = false;
   };
+
+  services.searchix = {
+    enable = true;
+    settings = {
+      web = {
+        baseURL = "https://searchix.alanpearce.eu";
+        sentryDSN = "https://26d4cd8d20157ae2f6b4726ceae1a563@o4507187730120704.ingest.de.sentry.io/4507187734970448";
+        contentSecurityPolicy = {
+          script-src = [
+            "'self'"
+            "'unsafe-inline'"
+            "https://gc.zgo.at"
+            "https://js-de.sentry-cdn.com"
+            "https://browser.sentry-cdn.com"
+          ];
+          connect-src = [
+            "'self'"
+            "https://searchix.goatcounter.com/count"
+            "*.sentry.io"
+          ];
+        };
+        extraBodyHTML = ''
+          <script
+            src="https://js-de.sentry-cdn.com/d735e99613a86e1625fb85d0e8e762de.min.js"
+            crossorigin="anonymous"></script>
+          <script data-goatcounter="https://searchix.goatcounter.com/count"
+                async src="//gc.zgo.at/count.js"></script>
+        '';
+      };
+
+      importer.sources = {
+        darwin.enable = true;
+        home-manager.enable = true;
+      };
+    };
+  };
 }