diff options
| author | sefidel <contact@sefidel.net> | 2023-07-29 18:47:58 +0900 |
|---|---|---|
| committer | sefidel <contact@sefidel.net> | 2023-07-29 20:36:19 +0900 |
| commit | e07d44bba098c68185a732590f527d17b660ffa7 (patch) | |
| tree | 7e24d9aaad5b894ef83da1f2d1c2c9d8484a03a2 /systems/cobalt | |
| parent | ffa023acc799bdf1f95bea732e70746c32f7186c (diff) | |
| download | infra-e07d44bba098c68185a732590f527d17b660ffa7.tar.gz infra-e07d44bba098c68185a732590f527d17b660ffa7.zip | |
feat(systems/cobalt): add searx, but don't enable
Diffstat (limited to 'systems/cobalt')
| -rw-r--r-- | systems/cobalt/default.nix | 8 | ||||
| -rw-r--r-- | systems/cobalt/secrets/secrets.yaml | 5 |
2 files changed, 10 insertions, 3 deletions
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix index 135017c..2210f25 100644 --- a/systems/cobalt/default.nix +++ b/systems/cobalt/default.nix @@ -164,6 +164,7 @@ in # sops.secrets.openldap-admin-key = { # owner = "openldap"; # }; + sops.secrets.searx-env = { }; nix.experimentalFeatures = "nix-command flakes"; @@ -298,7 +299,12 @@ in domain = "exotic.sh"; realHost = "todo.exotic.sh"; }; - + services.searx = { + enable = false; + domain = "exotic.sh"; + realHost = "searx.labs.exotic.sh"; + secrets.searx-env = config.sops.secrets.searx-env.path; + }; services.nixos-mailserver.enable = true; # TODO: replace with dovecot.nix? diff --git a/systems/cobalt/secrets/secrets.yaml b/systems/cobalt/secrets/secrets.yaml index b0d48df..11ac4ea 100644 --- a/systems/cobalt/secrets/secrets.yaml +++ b/systems/cobalt/secrets/secrets.yaml @@ -11,6 +11,7 @@ openldap-admin-key: ENC[AES256_GCM,data:WBBDPFDW6Q4sJ5+/pK8kAe6iFgJ8gGgi3eCVNvZB sefidel-imap-pass: ENC[AES256_GCM,data:rx9hZb+BARs9gB+XLLRMLWDSx67KqkKB1/4nOOtU9i56uagMprFEeDnh8pEaioZbNlqjJRO8kWTBBvWZ,iv:WxKLp0VmwfxVFZt9cnZUbp4wn5WEHubImp8fQy2bXyg=,tag:Vzh0Ntz8iFaSIEf2wjbOKg==,type:str] internal-imap-pass: ENC[AES256_GCM,data:ydjz/NthnJZFLrR1M+p0xEy5xhM8MbPtqE10r0s1DWDFZoyXwRRrIYefFZheW29EjY3VBfr3zWcRIbNm,iv:6hU/dHADbn4pNi0vlJG8BoyQW1ohByINSO6y+nJddfY=,tag:j67D2stmq2A+ulhFIYkZPA==,type:str] grafana-admin-pass: ENC[AES256_GCM,data:88z+mLcZ5s1u/8LWYcnOOhWTkff8sv1NIhQ=,iv:YdGaKCaq1bCCLsuYIug6NFO2rhqX/Xyt5yQ/hgWOfko=,tag:D+xWcN2bC2Q1Q2mjtpWqLg==,type:str] +searx-env: ENC[AES256_GCM,data:FX5CpcDqkpUH2bsS00gFCzPFcInNMbf1Z0mBmoHXk2BJ54AVOVVM1aiVwXDyWnX2wN4gO8nHFypAY451R6UiSt7FAWlkYbBdlv7EsLyaLUR+,iv:c9B+tkipD3IbWTNCzOTvV1MtwJJsOonhxSM+31CHoXg=,tag:hP/BX6TahGqecTtUO3LorQ==,type:str] sops: kms: [] gcp_kms: [] @@ -35,8 +36,8 @@ sops: cUpBZ01CMEFjNnNuWjlYejVKajkwcGMKehqYCZP0zZHDTfJrC/5LYiE/3doa0OiM OKXhOuUX8HF8RfkyiOSMpntxuNX2jSvd9sQRYnHkUvgm793+IuQjrg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-07-25T09:21:29Z" - mac: ENC[AES256_GCM,data:u/HrbQXQBxF0xwumvM57e/gIv22J6Lw64VZM6kNWcrObHNUXJG0uB+0gAa8JQUG7zpTXxgdHLe0cjesXBAFSW6+LWfZJTbO224epID8WEwrX0inYbzB3bbb3aKFaLfMOpRYkfwnh0AAZaFfdZ3IUi1tf0mj8VqfhZIBrB7xxg7g=,iv:TYG4pSvuGAo4ainZgRn+FlE7LOR1TswEwxrZoRcXKb4=,tag:XOJQn3g6gHyoNATuxJ5tHw==,type:str] + lastmodified: "2023-07-29T09:45:09Z" + mac: ENC[AES256_GCM,data:wRAMOQhBZ9vx09tQmEDlPwCWTl9JXxB6CAfv2Ee7G2FBmdFRJbE6PC5Gg3A5VlfD+jkt++slqARiQ1TnnyuJujSL12dzDzGkQc9EH5eETpfxQUYdXdHbkm+XV6mo3MphtCnbuM8+MFHavdg/Y5YsvC3JezzrkSsSYbVCNk7m3bs=,iv:RxEP28o6vm/FtfRLWFuRVwDp9A/KS1QSdXh4ZbKCF/8=,tag:n98Q40PDfnybWAWxuG24ow==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 |