rotate ipv6 for searxng

clients/quadraticserver/docs/default.nix

@@ -1,147 +0,0 @@
-{
-  inputs,
-  config,
-  pkgs,
-  ...
-}:
-let
-  s3Domain = "http://127.0.0.1${config.services.minio.listenAddress}";
-  cfg = config.services.lasuite-docs;
-in
-{
-  disabledModules = [
-    "services/web-apps/lasuite-docs.nix"
-  ];
-  imports = [
-    inputs.lasuite-docs-proxy.nixosModules.default
-    "${inputs.nixpkgs-custom}/nixos/modules/services/web-apps/lasuite-docs.nix"
-  ];
-
-  systemd.services = {
-    lasuite-docs-collaboration-server.serviceConfig = {
-      EnvironmentFile = cfg.environmentFile;
-      Restart = "always";
-    };
-
-    lasuite-docs-celery.serviceConfig.Restart = "always";
-    lasuite-docs.serviceConfig.Restart = "always";
-  };
-
-  services =
-    let
-      proxySocket = "/var/run/lasuite-docs-proxy/socket";
-      authDomain = "auth.federated.nexus";
-      domain = "docs.federated.nexus";
-      s3Url = "${s3Domain}/lasuite-docs";
-      socket = "/run/lasuite-docs/socket";
-    in
-    {
-      lasuite-docs-proxy = {
-        enable = true;
-        args = [
-          "--socket"
-          proxySocket
-          "--authUri"
-          "https://docs.federated.nexus/api/v1.0/documents/media-auth/"
-          "--minioUri"
-          s3Url
-        ];
-        group = "caddy";
-      };
-      lasuite-docs = {
-        enable = true;
-        enableNginx = false;
-        redis.createLocally = true;
-        postgresql.createLocally = true;
-        backendPackage =
-          inputs.nixpkgs-master.legacyPackages.${pkgs.stdenv.hostPlatform.system}.lasuite-docs.overrideAttrs
-            (old: {
-              patches = (old.patches or [ ]) ++ [ ./enable-languages.patch ];
-            });
-        frontendPackage =
-          inputs.nixpkgs-master.legacyPackages.${pkgs.stdenv.hostPlatform.system}.lasuite-docs-frontend.overrideAttrs
-            {
-              NEXT_PUBLIC_PUBLISH_AS_MIT = "false";
-            };
-        collaborationServer.package =
-          inputs.nixpkgs-master.legacyPackages.${pkgs.stdenv.hostPlatform.system}.lasuite-docs-collaboration-server;
-        bind = "unix:${socket}";
-        inherit s3Url domain;
-
-        settings = {
-          OIDC_OP_AUTHORIZATION_ENDPOINT = "https://federated.nexus/login";
-          OIDC_OP_TOKEN_ENDPOINT = "https://${authDomain}/token";
-          OIDC_OP_USER_ENDPOINT = "https://${authDomain}/userinfo";
-          OIDC_RP_SIGN_ALGO = "HS256";
-
-          COLLABORATION_API_URL = "https://${domain}/collaboration/api/";
-          LOGIN_REDIRECT_URL = "https://${domain}";
-
-          AWS_S3_ENDPOINT_URL = s3Domain;
-          AWS_S3_ACCESS_KEY_ID = "minioadmin";
-          AWS_STORAGE_BUCKET_NAME = "lasuite-docs";
-          MEDIA_BASE_URL = "https://${domain}";
-
-          DJANGO_ALLOWED_HOSTS = domain;
-        };
-
-        environmentFile = config.age.secrets."lasuiteSecrets.age".path;
-      };
-
-      minio = {
-        enable = true;
-        rootCredentialsFile = config.age.secrets."minioCredentials.age".path;
-      };
-
-      caddy.virtualHosts."${domain}".extraConfig =
-        let
-          collabUrl = "http://localhost:${toString cfg.collaborationServer.port}";
-        in
-        ''
-          handle_errors {
-            rewrite * /{http.error.status_code}
-            file_server
-          }
-
-          redir /api/v1.0/logout/None /
-
-          root * ${cfg.frontendPackage}
-          file_server
-
-          @uuidDocs path_regexp uuidDocs ^/docs/[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}/?$
-          rewrite @uuidDocs /docs/[id]/index.html
-
-          reverse_proxy /static/admin/* unix/${socket}
-          reverse_proxy /api/* unix/${socket}
-          reverse_proxy /admin* unix/${socket}
-
-          reverse_proxy /collaboration/ws/* ${collabUrl}
-          reverse_proxy /collaboration/api/* ${collabUrl}
-
-          reverse_proxy /api/v1.0/documents/media-auth/ unix/${socket}
-
-          reverse_proxy /media/* unix/${proxySocket}
-        '';
-    };
-
-  systemd.services.minio-init = {
-    description = "Create MinIO bucket";
-    after = [ "minio.service" ];
-    requires = [ "minio.service" ];
-    wantedBy = [ "multi-user.target" ];
-    path = with pkgs; [
-      getent
-      minio-client
-    ];
-
-    serviceConfig = {
-      Type = "oneshot";
-      EnvironmentFile = config.age.secrets."minioCredentials.age".path;
-      ExecStart = pkgs.writeShellScript "init-minio" ''
-        mc alias set minio ${s3Domain} "$MINIO_ROOT_USER" "$MINIO_ROOT_PASSWORD" --api s3v4
-        mc mb --ignore-existing minio/lasuite-docs
-        mc anonymous get minio/lasuite-docs
-      '';
-    };
-  };
-}

clients/quadraticserver/network.nix

@@ -8,6 +8,7 @@
 
       address = [
         "91.99.155.129/32"
+        "2a01:4f8:c012:d202::1/64"
       ]
       # Assign 64 IPv6 addresses
       ++ builtins.genList (i: "2a01:4f8:c012:d202::${builtins.toString (i + 1)}/64") 64;

clients/quadraticserver/searxng.nix

@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ lib, config, ... }:
 {
   services =
     let
@@ -12,8 +12,7 @@
           let
             enginesByCategory = {
               general = {
-                duckduckgo = { };
-                startpage = { };
+                brave.disabled = false;
               };
 
               "social media" = {
@@ -65,7 +64,7 @@
           {
             general = {
               instance_name = "Federated Nexus Search";
-              contact_url = "mailto:henry@henryhiles.com";
+              contact_url = "mailto:info@federated.nexus";
             };
 
             search = {
@@ -91,6 +90,11 @@
               "searx.plugins.tracker_url_remover.SXNGPlugin".active = true;
             };
 
+            outgoing = {
+              source_ips = config.systemd.network.networks."30-wan".address;
+              retries = 32;
+            };
+
             categories_as_tabs = builtins.listToAttrs (
               map (category: {
                 name = category;