diff --git a/hosts/velarion/machine.nix b/hosts/velarion/machine.nix index 145b0e6..d438145 100644 --- a/hosts/velarion/machine.nix +++ b/hosts/velarion/machine.nix @@ -51,7 +51,6 @@ in matrix = ns1; chat = ns1; turn = ns1; - search = ns1; }; TXT = [ @@ -137,11 +136,6 @@ in enable = true; domain = "roundcube.${domain}"; }; - searxng = { - enable = true; - domain = "search.${domain}"; - port = 8888; - }; synapse = { enable = true; element = { diff --git a/services/default.nix b/services/default.nix index 410d70f..8760ef3 100644 --- a/services/default.nix +++ b/services/default.nix @@ -15,7 +15,6 @@ ./prosody ./redis ./roundcube - ./searxng ./synapse ./uptime-kuma ./vaultwarden diff --git a/services/searxng/network.nix b/services/searxng/network.nix deleted file mode 100644 index d7953f5..0000000 --- a/services/searxng/network.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - ... -}: -let - cfg = config.machine.searxng; -in -with lib; -mkIf enable { - networking.firewall = { - allowedTCPPorts = [ cfg.port ]; - }; - - services.nginx.virtualHosts = - mkIf (cfg.domain != null) { - "${cfg.domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://[::1]:${toString cfg.port}"; - proxyWebsockets = true; - }; - }; - }; -} diff --git a/services/searxng/options.nix b/services/searxng/options.nix deleted file mode 100644 index 9823334..0000000 --- a/services/searxng/options.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, ... }: -with lib; -{ - options.machine.searxng = { - enable = mkEnableOption "SearXNG"; - domain = mkOption { - type = types.nullOr types.str; - default = null; - description = "Domain name. If not set, will be disabled, and use the localhost."; - }; - port = mkOption { - type = types.port; - default = 8888; - description = "Listen port."; - }; - }; -} diff --git a/services/searxng/service.nix b/services/searxng/service.nix deleted file mode 100644 index c5d6e4b..0000000 --- a/services/searxng/service.nix +++ /dev/null @@ -1,163 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - cfg = config.machine.searxng; -in -with lib; -mkIf enable { - services.searx = { - enable = true; - redisCreateLocally = true; - - # Rate limiting - limiterSettings = { - real_ip = { - x_for = 1; - ipv4_prefix = 32; - ipv6_prefix = 56; - }; - - botdetection = { - ip_limit = { - filter_link_local = true; - link_token = true; - }; - }; - }; - - settings = { - # Instance settings - general = { - debug = false; - instance_name = "SearXNG Instance"; - donation_url = false; - contact_url = false; - privacypolicy_url = false; - enable_metrics = false; - }; - - # User interface - ui = { - static_use_hash = true; - default_locale = "en"; - query_in_title = true; - infinite_scroll = false; - center_alignment = true; - default_theme = "simple"; - theme_args.simple_style = "auto"; - search_on_category_select = false; - hotkeys = "vim"; - }; - - # Search engine settings - search = { - safe_search = 2; - autocomplete_min = 2; - autocomplete = "duckduckgo"; - ban_time_on_fail = 5; - max_ban_time_on_fail = 120; - }; - - # Server configuration - server = { - base_url = cfg.domain != null ? "https://${cfg.domain}" : null; - port = cfg.port; - bind_address = "127.0.0.1"; - limiter = true; - public_instance = true; - image_proxy = true; - method = "GET"; - }; - - # Search engines - engines = lib.mapAttrsToList (name: value: { inherit name; } // value) { - "duckduckgo".disabled = true; - "brave".disabled = true; - "bing".disabled = false; - "mojeek".disabled = true; - "mwmbl".disabled = false; - "mwmbl".weight = 0.4; - "qwant".disabled = true; - "crowdview".disabled = false; - "crowdview".weight = 0.5; - "curlie".disabled = true; - "ddg definitions".disabled = false; - "ddg definitions".weight = 2; - "wikibooks".disabled = false; - "wikidata".disabled = false; - "wikiquote".disabled = true; - "wikisource".disabled = true; - "wikispecies".disabled = false; - "wikispecies".weight = 0.5; - "wikiversity".disabled = false; - "wikiversity".weight = 0.5; - "wikivoyage".disabled = false; - "wikivoyage".weight = 0.5; - "currency".disabled = true; - "dictzone".disabled = true; - "lingva".disabled = true; - "bing images".disabled = false; - "brave.images".disabled = true; - "duckduckgo images".disabled = true; - "google images".disabled = false; - "qwant images".disabled = true; - "1x".disabled = true; - "artic".disabled = false; - "deviantart".disabled = false; - "flickr".disabled = true; - "imgur".disabled = false; - "library of congress".disabled = false; - "material icons".disabled = true; - "material icons".weight = 0.2; - "openverse".disabled = false; - "pinterest".disabled = true; - "svgrepo".disabled = false; - "unsplash".disabled = false; - "wallhaven".disabled = false; - "wikicommons.images".disabled = false; - "yacy images".disabled = true; - "bing videos".disabled = false; - "brave.videos".disabled = true; - "duckduckgo videos".disabled = true; - "google videos".disabled = false; - "qwant videos".disabled = false; - "dailymotion".disabled = true; - "google play movies".disabled = true; - "invidious".disabled = true; - "odysee".disabled = true; - "peertube".disabled = false; - "piped".disabled = true; - "rumble".disabled = false; - "sepiasearch".disabled = false; - "vimeo".disabled = true; - "youtube".disabled = false; - "brave.news".disabled = true; - "google news".disabled = true; - }; - - # Outgoing requests - outgoing = { - request_timeout = 5.0; - max_request_timeout = 15.0; - pool_connections = 100; - pool_maxsize = 15; - enable_http2 = true; - }; - - # Enabled plugins - enabled_plugins = [ - "Basic Calculator" - "Hash plugin" - "Tor check plugin" - "Open Access DOI rewrite" - "Hostnames plugin" - "Unit converter plugin" - "Tracker URL remover" - ]; - }; - }; -} diff --git a/users/rus07tam/hosts/velarion.nix b/users/rus07tam/hosts/velarion.nix index e140d9d..b319a3e 100644 --- a/users/rus07tam/hosts/velarion.nix +++ b/users/rus07tam/hosts/velarion.nix @@ -1,3 +1,5 @@ { - imports = [ ]; + imports = [ + ./../modules/openclaw + ]; } diff --git a/services/searxng/default.nix b/users/rus07tam/modules/openclaw/default.nix similarity index 53% rename from services/searxng/default.nix rename to users/rus07tam/modules/openclaw/default.nix index 16b18a3..643132e 100644 --- a/services/searxng/default.nix +++ b/users/rus07tam/modules/openclaw/default.nix @@ -1,7 +1,6 @@ { imports = [ - ./network.nix - ./options.nix + ./secrets.nix ./service.nix ]; } diff --git a/users/rus07tam/modules/openclaw/secrets.nix b/users/rus07tam/modules/openclaw/secrets.nix new file mode 100644 index 0000000..16ffaf1 --- /dev/null +++ b/users/rus07tam/modules/openclaw/secrets.nix @@ -0,0 +1,6 @@ +{ + sops.secrets = { + "rus07tam/openclaw/gatewayToken" = { }; + "rus07tam/openclaw/telegramToken" = { }; + }; +} diff --git a/users/rus07tam/modules/openclaw/service.nix b/users/rus07tam/modules/openclaw/service.nix new file mode 100644 index 0000000..2aaa8f8 --- /dev/null +++ b/users/rus07tam/modules/openclaw/service.nix @@ -0,0 +1,48 @@ +{ + sec, + inputs, + ... +}: { + imports = [ + inputs.nix-openclaw.homeManagerModules.openclaw + ]; + + programs.openclaw = { + enable = true; + installApp = false; + systemd.enable = true; + + bundledPlugins = { + summarize.enable = true; + }; + + instances.default = { + enable = true; + systemd.enable = true; + + config = { + agents.defaults = { + model.primary = "openrouter/qwen/qwen3-coder:free"; + sandbox.mode = "off"; + }; + + gateway = { + mode = "local"; + auth.token = sec."rus07tam/openclaw/gatewayToken".path; + }; + + channels.telegram = { + tokenFile = sec."rus07tam/openclaw/telegramToken".path; + allowFrom = [6146757977]; + groups = { + "*" = { + requireMention = true; + }; + }; + }; + + plugins.entries.telegram.enabled = true; + }; + }; + }; +}