diff --git a/hosts/nachtigall/apps/searx.nix b/hosts/nachtigall/apps/searx.nix
new file mode 100644
index 0000000..8c2e8e7
--- /dev/null
+++ b/hosts/nachtigall/apps/searx.nix
@@ -0,0 +1,69 @@
+{
+  flake,
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  age.secrets.searx-environment = {
+    file = "${flake.self}/secrets/searx-environment.age";
+    mode = "700";
+  };
+
+  services.nginx.virtualHosts."search.pub.solar" = {
+    enableACME = true;
+    forceSSL = true;
+
+    locations."/".proxyPass = "http://unix:/run/searx/searx.socket";
+  };
+
+  users.users.nginx.extraGroups = [ "searx" ];
+
+  services.searx = {
+    enable = true;
+    runInUwsgi = true;
+    package = searxng;
+
+    uwsgiConfig = {
+      disable-logging = true;
+      socket = "/run/searx/searx.sock";
+      chmod-socket = "660";
+    };
+
+    environmentFile = config.age.secrets.searx-environment.path; 
+
+    settings = {
+      use_default_settings: true;
+      server.secret_key = "@SEARX_SECRET_KEY@";
+
+      general = {
+        instance_name = "search.pub.solar";
+        privacypolicy_url: "https://pub.solar/privacy";
+        # use true to use your own donation page written in searx/info/en/donate.md
+        # use false to disable the donation link
+        donation_url: false
+        # mailto:contact@example.com
+        contact_url: false
+        enable_metrics: false
+      };
+
+      search = {
+        # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "yandex", "mwmbl",
+        # "seznam", "startpage", "swisscows", "qwant", "wikipedia" - leave blank to turn it off
+        # by default.
+        autocomplete: "duckduckgo"
+        # minimun characters to type before autocompleter starts
+        autocomplete_min: 4
+      };
+
+      ui = {
+        # query_in_title: When true, the result page's titles contains the query
+        # it decreases the privacy, since the browser can records the page titles.
+        query_in_title = false;
+        # infinite_scroll: When true, automatically loads the next page when scrolling to bottom of the current page.
+        infinite_scroll = true;
+      };
+    };
+  };
+}
diff --git a/hosts/nachtigall/default.nix b/hosts/nachtigall/default.nix
index f4c1ed8..067b5a5 100644
--- a/hosts/nachtigall/default.nix
+++ b/hosts/nachtigall/default.nix
@@ -21,6 +21,7 @@
       ./apps/nginx-website.nix
       ./apps/opensearch.nix
       ./apps/postgresql.nix
+      ./apps/searx.nix
 
       ./apps/matrix/mautrix-telegram.nix
       ./apps/matrix/synapse.nix
diff --git a/secrets/searx-environment.age b/secrets/searx-environment.age
new file mode 100644
index 0000000..76db500
Binary files /dev/null and b/secrets/searx-environment.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 2b0bdc9..4690924 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -38,4 +38,6 @@ in {
 
   "nextcloud-secrets.age".publicKeys = nachtigallKeys ++ baseKeys;
   "nextcloud-admin-pass.age".publicKeys = nachtigallKeys ++ baseKeys;
+
+  "searx-environment.age".publicKeys = nachtigallKeys ++ baseKeys;
 }
diff --git a/terraform/dns.tf b/terraform/dns.tf
index c97b39e..79200e1 100644
--- a/terraform/dns.tf
+++ b/terraform/dns.tf
@@ -113,6 +113,11 @@ resource "namecheap_domain_records" "pub-solar" {
     type = "CNAME"
     address = "nachtigall.pub.solar."
   }
+  record {
+    hostname = "search"
+    type = "CNAME"
+    address = "nachtigall.pub.solar."
+  }
   record {
     hostname = "mastodon"
     type = "CNAME"