move privfrontends docker to the new role as well

privfrontends/configs/breezewiki/config.ini

@@ -0,0 +1,5 @@
+canonical_origin = https://bw.projectsegfau.lt
+debug = false
+port = 10416
+strict_proxy = false
+feature_search_suggestions = true

privfrontends/configs/librarian/config.yml

@@ -0,0 +1,70 @@
+DOMAIN: 'https://lbry.projectsegfau.lt'
+PORT: '3550'
+FIBER_PREFORK: false
+# Optional: Set address to bind to, example: 127.0.0.1
+ADDRESS: ''
+# Running a custom API server is not recommended and is not suitable for a public instance
+API_URL: 'https://api.na-backend.odysee.com/api/v1/proxy'
+# Block access to claims in case of DMCA
+BLOCKED_CLAIMS: 
+  - claimId
+# AUTH_TOKEN and HMAC_KEY is automatically generated
+AUTH_TOKEN: '{{librarian_auth_token}}'
+HMAC_KEY: '{{librarian_hmac_key}}'
+# Create IMAGE_CACHE_DIR before enabling image caching
+IMAGE_CACHE: false
+IMAGE_CACHE_DIR: '/var/cache/librarian'
+IMAGE_CACHE_CLEANUP_INTERVAL: 24h
+# The next 2 options will proxy video data through the instance.
+# This will cause increased bandwidth usage.
+# ENABLE_STREAM_PROXY proxies videos and ENABLE_LIVESTREAM enables livestreams.
+ENABLE_STREAM_PROXY: true
+ENABLE_LIVESTREAM: true
+# Set custom SponsorBlock URL (with https://github.com/mchangrh/sb-mirror or other)
+SPONSORBLOCK_URL: 'https://sponsor.ajay.app'
+# Advanced: Custom video streaming endpoint
+VIDEO_STREAMING_URL: 'https://proxy.lbry.projectsegfau.lt/stream'
+# Rewrite links to other frontends. example: https://yt.domain.tld
+FRONTEND:
+  youtube: 'https://invidious.projectsegfau.lt'
+  twitter: 'https://nitter.projectsegfau.lt'
+  imgur: 'https://rimgo.projectsegfau.lt'
+  instagram: ''
+  tiktok: ''
+  reddit: 'https://libreddit.projectsegfau.lt'
+# Default instance settings
+DEFAULT_SETTINGS:
+  theme: 'dark' # system, light, dark
+  relatedVideos: true
+  nsfw: false
+  autoplay: false
+  speed: '1' # 0.25, 0.5, 0.75, 1, 1.25, 1.5, 1.75, 2, 4
+  quality: '0' # 0 - Auto, 144 - 144p, 360 - 360p, 720 - 720p, 1080 - 1080p
+  sponsorblock:
+    sponsor: true
+    selfpromo: true
+    interaction: true
+    intro: false
+    outro: false
+    preview: false
+    filler_tangent: false
+# Instance privacy: This is required to get your instance listed. For more info,
+# See: https://codeberg.org/librarian/librarian/wiki/Instance-privacy
+INSTANCE_PRIVACY:
+# This is the default if you are using NGINX and have not disabled data collection.
+# Read https://codeberg.org/librarian/librarian/wiki/Instance-privacy
+  DATA_NOT_COLLECTED: true
+  DATA_COLLECTED_IP: true
+  DATA_COLLECTED_URL: true
+  DATA_COLLECTED_DEVICE: true
+  DATA_COLLECTED_DIAGNOSTIC_ONLY: false
+
+  INSTANCE_COUNTRY: "{{country}}"
+  INSTANCE_PROVIDER: "{{isp}}"
+
+  # Cloudflare use is discouraged. You can set this to false if it is not proxied (gray cloud icon)
+  INSTANCE_CLOUDFLARE: false
+  # Optional: Explain your usage of data (if collected) and how it is stored.
+  MESSAGE: ""
+  # Link to your privacy policy, leave blank if you don't have one.
+  PRIVACY_POLICY: "https://projectsegfau.lt/legal/privacy-policy"

privfrontends/configs/nitter/nitter.conf

@@ -0,0 +1,45 @@
+[Server]
+address = "0.0.0.0"
+port = 8080
+https = true  # disable to enable cookies when not using https
+httpMaxConnections = 100
+staticDir = "./public"
+title = "nitter"
+hostname = "nitter.projectsegfau.lt"
+
+[Cache]
+listMinutes = 240  # how long to cache list info (not the tweets, so keep it high)
+rssMinutes = 10  # how long to cache rss queries
+redisHost = "nitter-redis"  # Change to "nitter-redis" if using docker-compose
+redisPort = 6379
+redisPassword = ""
+redisConnections = 20  # connection pool size
+redisMaxConnections = 30
+# max, new connections are opened when none are available, but if the pool size
+# goes above this, they're closed when released. don't worry about this unless
+# you receive tons of requests per second
+
+[Config]
+hmacKey = "{{nitter_hmac_key}}"  # random key for cryptographic signing of video urls
+base64Media = false  # use base64 encoding for proxied media urls
+enableRSS = false # set this to false to disable RSS feeds
+enableDebug = false  # enable request logs and debug endpoints
+proxy = ""  # http/https url, SOCKS proxies are not supported
+proxyAuth = ""
+tokenCount = 10
+# minimum amount of usable tokens. tokens are used to authorize API requests,
+# but they expire after ~1 hour, and have a limit of 187 requests.
+# the limit gets reset every 15 minutes, and the pool is filled up so there's
+# always at least $tokenCount usable tokens. again, only increase this if
+# you receive major bursts all the time
+
+# Change default preferences here, see src/prefs_impl.nim for a complete list
+[Preferences]
+theme = "Nitter"
+replaceTwitter = "nitter.projectsegfau.lt"
+replaceYouTube = "invidious.projectsegfau.lt"
+replaceReddit = "libreddit.projectsegfau.lt"
+replaceInstagram = ""
+proxyVideos = true
+hlsPlayback = true 
+infiniteScroll = false

privfrontends/configs/searxng/settings.yml

@@ -0,0 +1,169 @@
+use_default_settings: true
+general:
+  debug: false
+  instance_name: "SearXNG | Project Segfault"
+  privacypolicy_url: https://projectsegfau.lt/legal/privacy-policy
+  donation_url: https://projectsegfau.lt/donate
+  contact_url: https://projectsegfau.lt/contact
+  enable_metrics: true
+server:
+  # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
+  secret_key: "{{searxng_secret_key}}"  # change this!
+  limiter: false # can be disabled for a private instance
+  image_proxy: true
+  method: "GET"
+  public_instance: true
+ui:
+  static_use_hash: false
+  query_in_title: true
+  infinite_scroll: true
+  default_theme: simple
+  center_alignment: true
+  default_locale: "en"
+  results_on_new_tab: true
+  theme_args:
+    simple_style: auto
+redis:
+  url: redis://redis:6379/0
+search:
+  # Filter results. 0: None, 1: Moderate, 2: Strict
+  safe_search: 1
+  # Default search language - leave blank to detect from browser information or
+  # use codes from 'languages.py'
+  default_lang: "en"
+  # ban time in seconds after engine errors
+  ban_time_on_fail: 5
+  # max ban time in seconds after engine errors
+  max_ban_time_on_fail: 120
+  suspended_times:
+    # Engine suspension time after error (in seconds; set to 0 to disable)
+    # For error "Access denied" and "HTTP error [402, 403]"
+    SearxEngineAccessDenied: 86400
+    # For error "CAPTCHA"
+    SearxEngineCaptcha: 86400
+    # For error "Too many request" and "HTTP error 429"
+    SearxEngineTooManyRequests: 3600
+    # Cloudflare CAPTCHA
+    cf_SearxEngineCaptcha: 1296000
+    cf_SearxEngineAccessDenied: 86400
+    # ReCAPTCHA
+    recaptcha_SearxEngineCaptcha: 604800
+  formats:
+    - html
+    - csv
+    - json
+    - rss
+outgoing:
+  enable_http2: true
+enabled_plugins:
+  - 'Hash plugin'
+  - 'Self Information'
+  - 'Tracker URL remover'
+  - 'Open Access DOI rewrite'
+  - 'Vim-like hotkeys'
+  - 'Tor check plugin'
+  - 'Search on category select'
+engines:
+  - name: google
+    use_mobile_ui: true
+    disabled: false
+  - name: bing
+    engine: bing
+    shortcut: bi
+    disabled: false
+  - name: duckduckgo
+    engine: duckduckgo
+    shortcut: ddg
+    disabled: true  # DDG is useless since it just scrapes bing for results anyway
+  - name: wikiquote
+    engine: mediawiki
+    shortcut: wq
+    categories: general
+    base_url: "https://{language}.wikiquote.org/"
+    number_of_results: 5
+    search_type: text
+    about:
+      website: https://www.wikiquote.org/
+      wikidata_id: Q369
+    disabled: false
+  - name: brave
+    shortcut: brave
+    engine: xpath
+    paging: true
+    time_range_support: true
+    first_page_num: 0
+    time_range_url: "&tf={time_range_val}"
+    search_url: https://search.brave.com/search?q={query}&offset={pageno}&spellcheck=1{time_range}
+    url_xpath: //a[@class="result-header"]/@href
+    title_xpath: //span[@class="snippet-title"]
+    content_xpath: //p[1][@class="snippet-description"]
+    suggestion_xpath: //div[@class="text-gray h6"]/a
+    time_range_map:
+      day: 'pd'
+      week: 'pw'
+      month: 'pm'
+      year: 'py'
+    categories: [general, web]
+    headers:
+      Accept-Encoding: gzip, deflate
+    about:
+      website: https://brave.com/search/
+      wikidata_id: Q107355971
+      use_official_api: false
+      require_api_key: false
+      results: HTML
+    disabled: false
+  - name: codeberg
+    engine: json_engine
+    search_url: https://codeberg.org/api/v1/repos/search?q={query}&limit=10
+    url_query: html_url
+    title_query: name
+    content_query: description
+    categories: [it, repos]
+    shortcut: cb
+    about:
+      website: https://codeberg.org/
+      wikidata_id:
+      official_api_documentation: https://try.gitea.io/api/swagger
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+    disabled: false
+  - name: gitlab
+    engine: json_engine
+    paging: true
+    search_url: https://gitlab.com/api/v4/projects?search={query}&page={pageno}
+    url_query: web_url
+    title_query: name_with_namespace
+    content_query: description
+    page_size: 20
+    categories: [it, repos]
+    shortcut: gl
+    timeout: 10.0
+    about:
+      website: https://about.gitlab.com/
+      wikidata_id: Q16639197
+      official_api_documentation: https://docs.gitlab.com/ee/api/
+      use_official_api: false
+      require_api_key: false
+      results: JSON
+    disabled: false
+  - name: sourcehut
+    shortcut: srht
+    engine: xpath
+    paging: true
+    search_url: https://sr.ht/projects?page={pageno}&search={query}
+    results_xpath: (//div[@class="event-list"])[1]/div[@class="event"]
+    url_xpath: ./h4/a[2]/@href
+    title_xpath: ./h4/a[2]
+    content_xpath: ./p
+    first_page_num: 1
+    categories: [it, repos]
+    disabled: false
+    about:
+      website: https://sr.ht
+      wikidata_id: Q78514485
+      official_api_documentation: https://man.sr.ht/
+      use_official_api: false
+      require_api_key: false
+      results: HTML