From c4448d4e960bc895e9d73a9cf5d6f58f1dc9bd67 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Mon, 13 May 2024 23:42:54 +0200
Subject: linde: deploy searchix
---
flake.lock | 206 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
flake.nix | 3 +
system/linde.nix | 49 +++++++++++++
3 files changed, 257 insertions(+), 1 deletion(-)
diff --git a/flake.lock b/flake.lock
index f60b9ece..dbb7ad28 100644
--- a/flake.lock
+++ b/flake.lock
@@ -124,6 +124,22 @@
"type": "github"
}
},
+ "flake-compat_2": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1696426674,
+ "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+ "type": "github"
+ },
+ "original": {
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "type": "github"
+ }
+ },
"flake-utils": {
"inputs": {
"systems": "systems_3"
@@ -142,6 +158,71 @@
"type": "github"
}
},
+ "flake-utils_2": {
+ "inputs": {
+ "systems": "systems_4"
+ },
+ "locked": {
+ "lastModified": 1710146030,
+ "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
+ "gitignore": {
+ "inputs": {
+ "nixpkgs": [
+ "searchix",
+ "pre-commit-hooks",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1709087332,
+ "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+ "type": "github"
+ },
+ "original": {
+ "owner": "hercules-ci",
+ "repo": "gitignore.nix",
+ "type": "github"
+ }
+ },
+ "gomod2nix": {
+ "inputs": {
+ "flake-utils": [
+ "searchix",
+ "flake-utils"
+ ],
+ "nixpkgs": [
+ "searchix",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1710154385,
+ "narHash": "sha256-4c3zQ2YY4BZOufaBJB4v9VBBeN2dH7iVdoJw8SDNCfI=",
+ "owner": "nix-community",
+ "repo": "gomod2nix",
+ "rev": "872b63ddd28f318489c929d25f1f0a3c6039c971",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "repo": "gomod2nix",
+ "type": "github"
+ }
+ },
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -250,6 +331,22 @@
"type": "github"
}
},
+ "nixpkgs-stable_2": {
+ "locked": {
+ "lastModified": 1710695816,
+ "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-23.11",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"nixpkgs_2": {
"locked": {
"lastModified": 1715266358,
@@ -266,6 +363,63 @@
"type": "github"
}
},
+ "nixpkgs_3": {
+ "locked": {
+ "lastModified": 1715447595,
+ "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "nixpkgs_4": {
+ "locked": {
+ "lastModified": 1710765496,
+ "narHash": "sha256-p7ryWEeQfMwTB6E0wIUd5V2cFTgq+DRRBz2hYGnJZyA=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "e367f7a1fb93137af22a3908f00b9a35e2d286a7",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixpkgs-unstable",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
+ "pre-commit-hooks": {
+ "inputs": {
+ "flake-compat": "flake-compat_2",
+ "flake-utils": [
+ "searchix",
+ "flake-utils"
+ ],
+ "gitignore": "gitignore",
+ "nixpkgs": "nixpkgs_4",
+ "nixpkgs-stable": "nixpkgs-stable_2"
+ },
+ "locked": {
+ "lastModified": 1714478972,
+ "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=",
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+ "rev": "2849da033884f54822af194400f8dff435ada242",
+ "type": "github"
+ },
+ "original": {
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+ "type": "github"
+ }
+ },
"root": {
"inputs": {
"agenix": "agenix",
@@ -276,10 +430,33 @@
"nix-index-database": "nix-index-database",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
+ "searchix": "searchix",
"secrets": "secrets",
"utils": "utils_2"
}
},
+ "searchix": {
+ "inputs": {
+ "flake-utils": "flake-utils_2",
+ "gomod2nix": "gomod2nix",
+ "nixpkgs": "nixpkgs_3",
+ "pre-commit-hooks": "pre-commit-hooks",
+ "simple-css": "simple-css"
+ },
+ "locked": {
+ "lastModified": 1715634290,
+ "narHash": "sha256-kIDPnyDZT0wvH07vaDdTtj102qcBLW/DRqo6sNOdahU=",
+ "ref": "refs/heads/main",
+ "rev": "6fed92fd9acc567e6a1ebd939402b9198da40b86",
+ "revCount": 114,
+ "type": "git",
+ "url": "https://git.alanpearce.eu/searchix"
+ },
+ "original": {
+ "type": "git",
+ "url": "https://git.alanpearce.eu/searchix"
+ }
+ },
"secrets": {
"flake": false,
"locked": {
@@ -296,6 +473,18 @@
"type": "indirect"
}
},
+ "simple-css": {
+ "flake": false,
+ "locked": {
+ "narHash": "sha256-AAA6fucfxB8R7z66UjOps79XMxbK/gZAB+JDEpZeXGo=",
+ "type": "file",
+ "url": "https://raw.githubusercontent.com/kevquirk/simple.css/v2.3.0/simple.css"
+ },
+ "original": {
+ "type": "file",
+ "url": "https://raw.githubusercontent.com/kevquirk/simple.css/v2.3.0/simple.css"
+ }
+ },
"systems": {
"locked": {
"lastModified": 1681028828,
@@ -356,6 +545,21 @@
"type": "github"
}
},
+ "systems_5": {
+ "locked": {
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ },
"utils": {
"inputs": {
"systems": "systems_2"
@@ -376,7 +580,7 @@
},
"utils_2": {
"inputs": {
- "systems": "systems_4"
+ "systems": "systems_5"
},
"locked": {
"lastModified": 1710146030,
diff --git a/flake.nix b/flake.nix
index bda758e2..491ae0ab 100644
--- a/flake.nix
+++ b/flake.nix
@@ -17,6 +17,7 @@
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs";
+ searchix.url = "git+https://git.alanpearce.eu/searchix";
};
outputs =
@@ -32,6 +33,7 @@
, emacs-overlay
, agenix
, deploy-rs
+ , searchix
, ...
}:
let
@@ -85,6 +87,7 @@
specialArgs = { inherit inputs; };
modules = [
agenix.nixosModules.default
+ searchix.nixosModules.default
./system/linde.nix
];
};
diff --git a/system/linde.nix b/system/linde.nix
index bbcf0b0f..97699025 100644
--- a/system/linde.nix
+++ b/system/linde.nix
@@ -146,6 +146,13 @@ in
auto-optimise-store = true;
trusted-users = [ "root" "nixremote" ];
experimental-features = [ "nix-command" "flakes" ];
+ substituters = [
+ "https://nix-community.cachix.org"
+ ];
+
+ trusted-public-keys = [
+ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+ ];
};
gc = {
automatic = true;
@@ -678,6 +685,12 @@ in
reverse_proxy localhost${config.services.ntfy-sh.settings.listen-http}
'';
};
+ "searchix.alanpearce.eu" = {
+ useACMEHost = "alanpearce.eu";
+ extraConfig = ''
+ reverse_proxy localhost:${toString config.services.searchix.settings.web.port}
+ '';
+ };
"legit.alanpearce.eu" =
let
server = config.services.legit.settings.server;
@@ -803,4 +816,40 @@ in
overrideDevices = false;
overrideFolders = false;
};
+
+ services.searchix = {
+ enable = true;
+ settings = {
+ web = {
+ baseURL = "https://searchix.alanpearce.eu";
+ sentryDSN = "https://26d4cd8d20157ae2f6b4726ceae1a563@o4507187730120704.ingest.de.sentry.io/4507187734970448";
+ contentSecurityPolicy = {
+ script-src = [
+ "'self'"
+ "'unsafe-inline'"
+ "https://gc.zgo.at"
+ "https://js-de.sentry-cdn.com"
+ "https://browser.sentry-cdn.com"
+ ];
+ connect-src = [
+ "'self'"
+ "https://searchix.goatcounter.com/count"
+ "*.sentry.io"
+ ];
+ };
+ extraBodyHTML = ''
+
+
+ '';
+ };
+
+ importer.sources = {
+ darwin.enable = true;
+ home-manager.enable = true;
+ };
+ };
+ };
}
--
cgit 1.4.1