harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(nix): add Sops secret and update Searx configuration

Browse source 
- Added a new Sops secret for `searx/secret_key` with a corresponding configuration path.
- Updated Searx settings to include the `secret_key` reference.
- Ensures secure integration of secret management with Searx service.
This commit is contained in:
Harald Hoyer 2026-02-06 13:09:38 +01:00
parent 6597561ec4
commit ba985dc3fd
1 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
systems/x86_64-linux/sgx/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, ... }:
{ {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
@ -16,6 +16,7 @@
sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml; sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml;
sops.secrets.backup-pw.sopsFile = ../../../.secrets/sgx/backup-s3.yaml; sops.secrets.backup-pw.sopsFile = ../../../.secrets/sgx/backup-s3.yaml;
sops.secrets."searx/secret_key".sopsFile = ../../../.secrets/sgx/searx.yaml;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
claude-code claude-code
@ -30,6 +31,11 @@
uwsgiConfig = { uwsgiConfig = {
http = ":8081"; http = ":8081";
}; };
settings = {
server = {
secret_key = config.sops.secrets."searx/secret_key".path;
};
};
}; };
metacfg = { metacfg = {