linde: add stable searchix instance
1 file changed, 119 insertions(+), 0 deletions(-)
changed files
M system/linde.nix → system/linde.nix
@@ -6,6 +6,7 @@ { config, lib, pkgs, + searchix, ... }:@@ -660,6 +661,36 @@ } } ''; }; + "stable.searchix.ovh" = { + extraConfig = '' + root ${pkgs.searchix}/lib/searchix + handle /static/* { + file_server + } + handle_errors { + rewrite * /error.html + templates + file_server + } + handle { + reverse_proxy localhost:51314 { + health_uri /health + health_status 2xx + } + } + encode zstd gzip { + match { + header Content-Type text/* + header Content-Type application/json* + header Content-Type application/javascript* + header Content-Type application/opensearchdescription+xml + header Content-Type application/atom+xml* + header Content-Type application/rss+xml* + header Content-Type image/svg+xml* + } + } + ''; + }; "binarycache.${domain}" = let ns = config.services.nix-serve;@@ -1320,4 +1351,92 @@ }; }; }; }; + + containers.searchix-stable = { + autoStart = true; + config = + { ... }: + { + imports = [ + searchix.nixosModules.web + ]; + + system.stateVersion = "25.05"; + + services.searchix = { + enable = true; + environment = { + GOMEMLIMIT = "2000MiB"; + }; + settings = { + web = { + baseURL = "https://status.searchix.ovh"; + port = 51314; + sentryDSN = "https://c17b225c82834b878cac25158b294ed0@glitch.alin.ovh/3"; + contentSecurityPolicy = { + script-src = [ + (config.services.searchix.settings.web.baseURL + "/static/") + "'unsafe-inline'" + "https://searchix-stable.stats.${domain}" + "https://browser.sentry-cdn.com" + ]; + img-src = [ + "'self'" + "https://searchix-stable.stats.${domain}" + ]; + connect-src = [ + "'self'" + "https://searchix-stable.stats.${domain}/count" + "https://glitch.${domain}" + ]; + worker-src = [ + "blob:" + ]; + }; + extraHeadHTML = '' + <script + src="https://browser.sentry-cdn.com/9.15.0/bundle.min.js" + crossorigin="anonymous"></script> + <script> + Sentry.init({ + dsn: "https://d05b2b16373349cbac259028c10d5250@glitch.alin.ovh/4", + tracesSampleRate: 0.01, + }); + </script> + <script data-goatcounter="https://searchix-stable.stats.${domain}/count" + async src="//searchix-stable.stats.${domain}/count.v4.js" + crossorigin="anonymous" + integrity="sha384-nRw6qfbWyJha9LhsOtSb2YJDyZdKvvCFh0fJYlkquSFjUxp9FVNugbfy8q1jdxI+"></script> + ''; + }; + + importer = { + timeout = "45m"; + updateAt = "07:00:00"; + sources = + let + stableVersion = "25.05"; + in + { + nixpkgs = { + enable = true; + fetcher = "channel-nixpkgs"; + channel = "nixos-${stableVersion}"; + timeout = "30m"; + manpages = { + enable = true; + path = "/doc/manpage-urls.json"; + }; + }; + nixos = { + enable = true; + fetcher = "channel-nixpkgs"; + channel = "nixos-${stableVersion}"; + }; + }; + }; + }; + }; + }; + }; }