From 2f7429a2c8f9752f92ed1456a3b0cd54236578c3 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sat, 8 Mar 2025 20:39:17 -0500
Subject: [PATCH] searx: use limiter

---
 modules/searx.nix | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/modules/searx.nix b/modules/searx.nix
index 3eb178a..9e23955 100644
--- a/modules/searx.nix
+++ b/modules/searx.nix
@@ -5,7 +5,6 @@
 }:
 let
   cfg = config.my.searx;
-  sockPath = "/run/searx/searx.sock";
 in
 {
   options.my.searx = {
@@ -25,6 +24,19 @@ in
         server.secret_key = "@SEARX_SECRET_KEY@";
       };
       environmentFile = config.sops.secrets."searx/env".path;
+      redisCreateLocally = true; # required for limiter
+      limiterSettings = {
+        real_ip = {
+          x_for = 1;
+          ipv4_prefix = 32;
+          ipv6_prefix = 56;
+        };
+        botdetection.ip_lists.pass_ip = [
+          "100.121.152.86"
+          "100.66.32.54"
+        ];
+        link_token = true;
+      };
     };
 
     services.caddy.virtualHosts."x.cy7.sh".extraConfig = ''