From 911736cd219e203fd499b9fb667ec82e49a673c2 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 13 May 2023 22:52:35 +0200
Subject: [PATCH] VEGAS/searxng: add timer to automatically shuffle proxies

---
 hosts/VEGAS/services/searxng/default.nix      |  3 ++
 .../VEGAS/services/searxng/proxy-shuffle.nix  | 43 +++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 hosts/VEGAS/services/searxng/proxy-shuffle.nix

diff --git a/hosts/VEGAS/services/searxng/default.nix b/hosts/VEGAS/services/searxng/default.nix
index ae37fe9..f70ee6c 100644
--- a/hosts/VEGAS/services/searxng/default.nix
+++ b/hosts/VEGAS/services/searxng/default.nix
@@ -3,6 +3,9 @@ let
   inherit (config) links;
 in
 {
+  imports = [
+    ./proxy-shuffle.nix
+  ];
   links.searxng.protocol = "http";
 
   age.secrets.searxng-secrets.file = ../../../../secrets/searxng-secrets.age;
diff --git a/hosts/VEGAS/services/searxng/proxy-shuffle.nix b/hosts/VEGAS/services/searxng/proxy-shuffle.nix
new file mode 100644
index 0000000..48371ac
--- /dev/null
+++ b/hosts/VEGAS/services/searxng/proxy-shuffle.nix
@@ -0,0 +1,43 @@
+{ config, pkgs, ... }:
+
+{
+  systemd = {
+    timers.searx-proxy-shuffle = {
+      wantedBy = [ "timers.target" ];
+      timerConfig = {
+        AccuracySec = "5m";
+        RandomizedDelaySec = "10m";
+        OnCalendar = "*:15,45";
+      };
+    };
+    services.searx-proxy-shuffle = {
+      after = [ "searx-init.service" ];
+      path = with pkgs; [ curl jq ];
+      script = ''
+        umask 77
+        test -e /run/searx/settings.yml || exit 0
+
+        if ! curl -fsSL -D /run/searx/proxy-shuffle-curl-status.txt https://api-www.mullvad.net/www/relays/wireguard/ > /run/searx/proxylist-new.json; then
+          echo "Failed to get new proxy list"
+          cat /run/searx/proxy-shuffle-curl-status.txt
+          exit 1
+        fi
+
+        jq < /run/searx/proxylist-new.json \
+          '.[] | select(.active) | select(.country_code as $cc | ["es","se","rs","ch","ro"] | index($cc)) | "socks5://\(.socks_name):\(.socks_port)"' \
+          | shuf > /run/searx/proxies.ndjson
+
+        jq --slurpfile proxies /run/searx/proxies.ndjson < /run/searx/settings.yml > /run/searx/.settings-new.yml \
+          '.outgoing.proxies.http=$proxies | .outgoing.proxies.https=$proxies'
+
+        mv /run/searx/.settings-new.yml /run/searx/settings.yml
+      '';
+      serviceConfig = {
+        Type = "oneshot";
+        User = "searx";
+        Group = "searx";
+        ExecStartPost = "+${config.systemd.package}/bin/systemctl try-reload-or-restart uwsgi.service";
+      };
+    };
+  };
+}