Compare commits
19 Commits
Author | SHA1 | Date |
---|---|---|
meaz | 5b906cdb6d | |
meaz | a53f30722a | |
antilopa | f94a1fbbe0 | |
meaz | bc44fee53e | |
meaz | 2e6569b394 | |
meaz | 68f90c6bd3 | |
meaz | 0ffbfb1024 | |
muppeth | c1ec59c2d7 | |
meaz | 7872a9cdcc | |
meaz | 8b896c6f09 | |
meaz | dfc2a68215 | |
muppeth | bbe18c8d8b | |
meaz | 96d61fca64 | |
meaz | c566eee790 | |
meaz | 63bc0a3a3c | |
meaz | db086010f8 | |
meaz | 12a4011bb0 | |
meaz | e58a59483f | |
meaz | ae639a24ef |
|
@ -14,3 +14,9 @@ Then you can access SearX from your computer on http://192.168.33.10
|
|||
## Playbook
|
||||
The playbook includes nginx role and deploys entire stack needed to run Searx. Additional role is also available in the Ansible roles repos in git.
|
||||
|
||||
## Searx or Searxng?
|
||||
You can choose to deploy either searx or searxng by setting `searx_or_searxng` var in `/defaults/main.yml` to one or the other. Default is set to `searxng`.
|
||||
You can also decide to deploy filtron for searx or limiter for searxng. Default is set to deploy limiter for searxng.
|
||||
|
||||
## Theme
|
||||
You can deploy/update custom theme with `--tags theme`.
|
||||
|
|
|
@ -13,6 +13,6 @@ Vagrant.configure("2") do |config|
|
|||
libvirt.memory = 256
|
||||
end
|
||||
searx.vm.network "private_network", ip: "192.168.33.10"
|
||||
|
||||
config.vm.provision "shell", inline: "apt install acl"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,8 +1,14 @@
|
|||
---
|
||||
|
||||
searx_git_repo: 'https://github.com/asciimoo/searx.git'
|
||||
# What do you want to install?
|
||||
searx_or_searxng: 'searxng'
|
||||
searx_filtron: 'false' # Set it to true to deploy filtron with searx
|
||||
searx_limiter: 'true' # Set it to true to deploy filtron with searxng
|
||||
|
||||
# Deployement
|
||||
searx_git_repo: 'https://github.com/{{ searx_or_searxng }}/{{ searx_or_searxng }}.git'
|
||||
searx_instance_name: 'searx'
|
||||
searx_version: 'master'
|
||||
searx_git_branch: 'master'
|
||||
searx_username: 'searx'
|
||||
searx_group: 'searx'
|
||||
searx_pkg:
|
||||
|
@ -26,23 +32,13 @@ searx_pip_pkgs:
|
|||
- wheel
|
||||
- pip
|
||||
- pyyaml
|
||||
searx_config_path: '/etc/searx'
|
||||
searx_contact_url: 'contact@example.com'
|
||||
searx_git_url: 'https://github.com/searx/searx'
|
||||
searx_git_branch: 'master'
|
||||
searx_git_issues: 'https://github.com/searx/searx/issues'
|
||||
searx_git_docs: 'https://searx.github.io/searx'
|
||||
searx_public_instance: 'https://searx.space'
|
||||
searx_git_wiki: 'https://github.com/searx/searx/wiki'
|
||||
searx_twitter_url: 'https://twitter.com/Searx_engine'
|
||||
|
||||
searx_filtron_username: 'filtron'
|
||||
searx_filtron_group: 'filtron'
|
||||
searx_filtron_home: '/home/filtron'
|
||||
searx_filtron_work: 'work'
|
||||
searx_userhome: '/var/www/searx'
|
||||
searx_app_dir: '{{ searx_userhome }}/searx-src'
|
||||
searx_theme_dir: '/var/www/searx-themes'
|
||||
|
||||
|
||||
# searx.ini
|
||||
searx_config_path: '/etc/{{ searx_or_searxng }}'
|
||||
searx_disable_logging: 'true'
|
||||
searx_workers: '4'
|
||||
searx_chmod_socket: '666'
|
||||
|
@ -50,23 +46,53 @@ searx_single_interpreter: 'true'
|
|||
searx_master: 'true'
|
||||
searx_plugin: 'python3,http'
|
||||
searx_module: 'searx.webapp'
|
||||
|
||||
# Filtron (searx)
|
||||
searx_filtron_username: 'filtron'
|
||||
searx_filtron_group: 'filtron'
|
||||
searx_filtron_home: '/home/filtron'
|
||||
searx_filtron_work: 'work'
|
||||
searx_host_listen: '127.0.0.1:8888'
|
||||
|
||||
# Socket
|
||||
searx_redis_socket: '/var/run/redis/redis-server.sock' # This for limiter (searxng).
|
||||
searx_socket: '/var/run/uwsgi/app/searx/searx.sock'
|
||||
|
||||
## Settings file
|
||||
searx_contact_url: 'contact@example.com'
|
||||
searx_onion_url: 'False'
|
||||
searx_git_issues: 'https://github.com/{{ searx_or_searxng }}/{{ searx_or_searxng }}/issues'
|
||||
searx_git_docs: 'https://{{ searx_or_searxng }}.github.io/{{ searx_or_searxng }}'
|
||||
searx_public_instances: 'https://searx.space'
|
||||
searx_public_instance: 'false'
|
||||
searx_git_wiki: 'https://github.com/{{ searx_or_searxng }}/{{ searx_or_searxng }}/wiki'
|
||||
searx_secretkey: '909cb8a9c66a1ab97bab80010bf8b22b' # run openssl rand -hex 16 to generate new random key
|
||||
searx_image_proxy: 'true'
|
||||
searx_bind_address: '192.168.33.10'
|
||||
searx_safe_search: 1 # Filter results. 0: None, 1: Moderate, 2: Strict
|
||||
searx_static_use_hash: 'false'
|
||||
searx_query_in_title: 'false'
|
||||
|
||||
|
||||
### Searx settings only
|
||||
searx_twitter_url: 'https://twitter.com/Searx_engine'
|
||||
|
||||
### Searx ui settings
|
||||
searxng_category_select: 'true'
|
||||
|
||||
## Theme
|
||||
searx_theme_dir: '/var/www/searx-themes'
|
||||
searx_default_theme: 'oscar'
|
||||
searx_theme_args: 'logicodev'
|
||||
searxng_default_theme: 'simple'
|
||||
#searx_custom_themes:
|
||||
# - name: '' #add name of the theme
|
||||
# repo: '' #add git repository of the theme
|
||||
# version: 'main' #add branch name
|
||||
# static_folder: '' #add static folder name
|
||||
# template_folder: '' #add template folder name
|
||||
|
||||
# settings file
|
||||
searx_secretkey: '909cb8a9c66a1ab97bab80010bf8b22b' # run openssl rand -hex 16 to generate new random key
|
||||
searx_default_theme: 'oscar'
|
||||
searx_image_proxy: 'True'
|
||||
searx_bind_address: '192.168.33.10'
|
||||
searx_theme_args: 'logicodev'
|
||||
searx_safe_search: 1 # Filter results. 0: None, 1: Moderate, 2: Strict
|
||||
|
||||
#nginx
|
||||
# Nginx
|
||||
nginx_default_vhost: 'searx'
|
||||
nginx_default_vhost_ssl: 'searx'
|
||||
nginx_www_dir: '/var/www/'
|
||||
|
@ -76,10 +102,17 @@ nginx_vhosts:
|
|||
template: 'searx'
|
||||
proto: 'http'
|
||||
listen: '80'
|
||||
upstream_proto: 'http'
|
||||
upstream_port: '8888' # change to 4004 if using Filtron
|
||||
#upstream_name: '127.0.0.1' # if defined, it will deploy filtron or limiter
|
||||
#real_ip_from: '10.0.0.0/22' uncomment and set proper ip if your instqnce is behind extra reverse proxy
|
||||
root: 'searx'
|
||||
use_access_log: 'true'
|
||||
use_error_log: 'true'
|
||||
nginx_error_log_level: 'warn'
|
||||
state: 'enable'
|
||||
header_cto: 'none'
|
||||
header_xss: 'none'
|
||||
header_csp: "default-src 'self'; script-src 'self'; connect-src 'self'; img- src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';"
|
||||
letsencrypt: 'false'
|
||||
filtron: 'true'
|
||||
state: 'enable'
|
||||
|
|
|
@ -9,3 +9,8 @@
|
|||
service:
|
||||
name: filtron
|
||||
state: restarted
|
||||
|
||||
- name: restart redis
|
||||
service:
|
||||
name: redis
|
||||
state: restarted
|
|
@ -1,6 +1,11 @@
|
|||
---
|
||||
|
||||
- name: '[Check] - Make sure searx direcotry does not exist'
|
||||
- name: '[Check] - Make sure searx directory does not exist'
|
||||
file:
|
||||
state: 'absent'
|
||||
path: '{{ searx_userhome }}'
|
||||
|
||||
- name: '[Check] - Make sure filron directory does not exist'
|
||||
file:
|
||||
state: 'absent'
|
||||
path: '{{ searx_filtron_home }}'
|
|
@ -10,11 +10,23 @@
|
|||
|
||||
- name: '[CONFIG] - Deploy searx config'
|
||||
template:
|
||||
src: 'settings.yml.j2'
|
||||
src: 'settings.searx.yml.j2'
|
||||
dest: "{{ searx_config_path }}/settings.yml"
|
||||
owner: "{{ searx_username }}"
|
||||
group: "{{ searx_group }}"
|
||||
mode: 0644
|
||||
when: searx_or_searxng == 'searx'
|
||||
notify:
|
||||
restart searx
|
||||
|
||||
- name: '[CONFIG] - Deploy searxng config'
|
||||
template:
|
||||
src: 'settings.searxng.yml.j2'
|
||||
dest: "{{ searx_config_path }}/settings.yml"
|
||||
owner: "{{ searx_username }}"
|
||||
group: "{{ searx_group }}"
|
||||
mode: 0644
|
||||
when: searx_or_searxng == 'searxng'
|
||||
notify:
|
||||
restart searx
|
||||
|
||||
|
|
|
@ -4,11 +4,17 @@
|
|||
git:
|
||||
repo: "{{ item.repo }}"
|
||||
dest: "{{ searx_theme_dir }}/{{ item.name }}"
|
||||
version: "{{ item.version }}"
|
||||
with_items: "{{ searx_custom_themes }}"
|
||||
tags: theme
|
||||
become: true
|
||||
become_user: "{{ searx_username }}"
|
||||
|
||||
- file:
|
||||
path: "{{ searx_app_dir }}/searx/static/themes/{{ item.name }}"
|
||||
state: absent
|
||||
with_items: "{{ searx_custom_themes }}"
|
||||
tags: theme
|
||||
|
||||
- name: "[THEME] - Sync static folder"
|
||||
synchronize:
|
||||
|
@ -22,6 +28,7 @@
|
|||
with_items: "{{ searx_custom_themes }}"
|
||||
notify:
|
||||
- "restart searx"
|
||||
tags: theme
|
||||
|
||||
- name: "[THEME] - Sync templates folder"
|
||||
synchronize:
|
||||
|
@ -35,11 +42,4 @@
|
|||
with_items: "{{ searx_custom_themes }}"
|
||||
notify:
|
||||
- "restart searx"
|
||||
|
||||
- name: "[THEME] - Change owner"
|
||||
file:
|
||||
path: "{{ searx_theme_dir }}"
|
||||
owner: '{{ searx_username }}'
|
||||
group: '{{ searx_group }}'
|
||||
state: directory
|
||||
recurse: yes
|
||||
tags: theme
|
||||
|
|
|
@ -1,5 +1,26 @@
|
|||
---
|
||||
|
||||
- name: "[USER] - Add user filtron"
|
||||
user:
|
||||
name: '{{ searx_filtron_username }}'
|
||||
shell: /bin/bash
|
||||
# group: '{{ searx_filtron_group }}'
|
||||
home: '{{ searx_filtron_home }}'
|
||||
|
||||
- name: "[USER] - Setup filtron user profile"
|
||||
copy:
|
||||
src: filtron_profile
|
||||
dest: "{{ searx_filtron_home }}/.profile"
|
||||
owner: "{{ searx_filtron_username }}"
|
||||
|
||||
- name: '[USER] - Make sure .profile file exists for searx user'
|
||||
file:
|
||||
path: '{{ searx_userhome }}/.profile'
|
||||
state: 'touch'
|
||||
mode: 0644
|
||||
owner: '{{ searx_username }}'
|
||||
group: '{{ searx_group }}'
|
||||
|
||||
- name: "[FILTRON] - Create work dir"
|
||||
file:
|
||||
path: '{{ searx_filtron_home }}/work'
|
||||
|
@ -8,11 +29,19 @@
|
|||
state: directory
|
||||
recurse: yes
|
||||
|
||||
- name: "[FILTRON] - get filtron"
|
||||
- name: "[FILTRON] - get filtron for searx"
|
||||
shell: "export GOPATH=$HOME/work; /usr/bin/go get github.com/asciimoo/filtron"
|
||||
become: true
|
||||
become_method: sudo
|
||||
become_user: "{{ searx_filtron_username }}"
|
||||
when: searx_or_searxng == 'searx'
|
||||
|
||||
- name: "[FILTRON] - get filtron for searxng"
|
||||
shell: "export GOPATH=$HOME/work; /usr/bin/go get github.com/searxng/filtron"
|
||||
become: true
|
||||
become_method: sudo
|
||||
become_user: "{{ searx_filtron_username }}"
|
||||
when: searx_or_searxng == 'searxng'
|
||||
|
||||
- name: "[FILTRON] - deploy rules"
|
||||
copy:
|
||||
|
|
|
@ -1,8 +1,18 @@
|
|||
---
|
||||
|
||||
- name: '[GIT] - Clone git repo'
|
||||
- name: '[GIT] - Give www dir ownership to {{ searx_username }}'
|
||||
file:
|
||||
path: '/var/www/'
|
||||
state: directory
|
||||
recurse: true
|
||||
owner: "{{ searx_username }}"
|
||||
group: "{{ searx_group }}"
|
||||
|
||||
- name: '[GIT] - Clone searx git repo'
|
||||
git:
|
||||
repo: '{{ searx_git_repo }}'
|
||||
dest: '{{ searx_app_dir }}'
|
||||
version: '{{ searx_version }}'
|
||||
version: '{{ searx_git_branch }}'
|
||||
force: yes
|
||||
become: true
|
||||
become_user: "{{ searx_username }}"
|
|
@ -1,28 +1,35 @@
|
|||
---
|
||||
|
||||
- name: remove existing searx dir
|
||||
include: check.yml
|
||||
include_tasks: check.yml
|
||||
|
||||
- name: Install dependencies
|
||||
include: installdeps.yml
|
||||
|
||||
- name: Clone git repo
|
||||
include: git.yml
|
||||
include_tasks: installdeps.yml
|
||||
|
||||
- name: Add user
|
||||
include: user.yml
|
||||
include_tasks: user.yml
|
||||
|
||||
- name: Clone git repo
|
||||
include_tasks: git.yml
|
||||
|
||||
- name: Install filtron
|
||||
include: filtron.yml
|
||||
include_tasks: filtron.yml
|
||||
when: searx_or_searxng == 'searx' and searx_filtron == "true"
|
||||
|
||||
- name: Install redis
|
||||
include_tasks: redis.yml
|
||||
when: searx_or_searxng == 'searxng' and searx_limiter == "true"
|
||||
|
||||
- name: Deploy systemd
|
||||
include: systemd.yml
|
||||
include_tasks: systemd.yml
|
||||
when: searx_or_searxng == 'searx' and searx_filtron == "true"
|
||||
|
||||
- name: Install the app
|
||||
include: installapp.yml
|
||||
include_tasks: installapp.yml
|
||||
|
||||
- name: Configure app
|
||||
include: configure.yml
|
||||
include_tasks: configure.yml
|
||||
|
||||
- include: custom_themes.yml
|
||||
- include_tasks: custom_themes.yml
|
||||
when: searx_custom_themes is defined
|
||||
tags: theme
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
|
||||
- name: '[REDIS] - Install Redis'
|
||||
apt:
|
||||
name: "redis"
|
||||
update_cache: yes
|
||||
|
||||
- name: '[REDIS] - Enable Redis socket path'
|
||||
lineinfile:
|
||||
path: /etc/redis/redis.conf
|
||||
regexp: '^# unixsocket '
|
||||
line: unixsocket {{ searx_redis_socket }}
|
||||
notify:
|
||||
restart redis
|
||||
|
||||
- name: '[REDIS] - Set permission to the socket to all members of the redis user group'
|
||||
lineinfile:
|
||||
path: /etc/redis/redis.conf
|
||||
regexp: '^# unixsocketperm 700'
|
||||
line: unixsocketperm 770
|
||||
notify:
|
||||
restart redis
|
||||
|
||||
- name: '[REDIS] - Add {{ searx_username }} user to redis group'
|
||||
user:
|
||||
name: '{{ searx_username }}'
|
||||
shell: /bin/bash
|
||||
groups: '{{ searx_group }},redis'
|
||||
home: '{{ searx_userhome }}'
|
||||
append: yes
|
|
@ -19,24 +19,3 @@
|
|||
group: '{{ searx_group }}'
|
||||
state: directory
|
||||
recurse: yes
|
||||
|
||||
- name: "[USER] - Add user filtron"
|
||||
user:
|
||||
name: '{{ searx_filtron_username }}'
|
||||
shell: /bin/bash
|
||||
# group: '{{ searx_filtron_group }}'
|
||||
home: '{{ searx_filtron_home }}'
|
||||
|
||||
- name: "[USER] - Setup filtron user profile"
|
||||
copy:
|
||||
src: filtron_profile
|
||||
dest: "{{ searx_filtron_home }}/.profile"
|
||||
owner: "{{ searx_filtron_username }}"
|
||||
|
||||
- name: '[USER] - Make sure .profile file exists for seax user'
|
||||
file:
|
||||
path: '{{ searx_userhome }}/.profile'
|
||||
state: 'touch'
|
||||
mode: 0644
|
||||
owner: '{{ searx_username }}'
|
||||
group: '{{ searx_group }}'
|
||||
|
|
|
@ -1,7 +1,18 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
# -*- mode: conf; coding: utf-8 -*-
|
||||
[uwsgi]
|
||||
# Who will run the code
|
||||
|
||||
# uWSGI core
|
||||
# ----------
|
||||
#
|
||||
# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#uwsgi-core
|
||||
|
||||
# Who will run the code / Hint: in emperor-tyrant mode uid & gid setting will be
|
||||
# ignored [1]. Mode emperor-tyrant is the default on fedora (/etc/uwsgi.ini).
|
||||
#
|
||||
# [1] https://uwsgi-docs.readthedocs.io/en/latest/Emperor.html#tyrant-mode-secure-multi-user-hosting
|
||||
#
|
||||
uid = {{ searx_username }}
|
||||
gid = {{ searx_group }}
|
||||
|
||||
|
@ -13,34 +24,92 @@ env = LC_ALL=C.UTF-8
|
|||
# chdir to specified directory before apps loading
|
||||
chdir = {{ searx_app_dir }}/searx
|
||||
|
||||
# searx configuration (settings.yml)
|
||||
# SearXNG configuration (settings.yml)
|
||||
{% if searx_or_searxng == 'searx' %}
|
||||
env = SEARX_SETTINGS_PATH={{ searx_config_path }}/settings.yml
|
||||
{% else %}
|
||||
env = SEARXNG_SETTINGS_PATH={{ searx_config_path }}/settings.yml
|
||||
{% endif %}
|
||||
|
||||
# disable logging for privacy
|
||||
# logger = systemd
|
||||
disable-logging = {{ searx_disable_logging }}
|
||||
|
||||
# Number of workers (usually CPU count)
|
||||
workers = {{ searx_workers }}
|
||||
|
||||
# The right granted on the created socket
|
||||
chmod-socket = {{ searx_chmod_socket }}
|
||||
|
||||
# Plugin to use and interpretor config
|
||||
# Plugin to use and interpreter config
|
||||
single-interpreter = {{ searx_single_interpreter }}
|
||||
|
||||
# enable master process
|
||||
master = {{ searx_master }}
|
||||
plugin = {{ searx_plugin }}
|
||||
|
||||
# load apps in each worker instead of the master
|
||||
lazy-apps = true
|
||||
|
||||
# load uWSGI plugins
|
||||
plugin = {{ searx_plugin }}
|
||||
|
||||
# By default the Python plugin does not initialize the GIL. This means your
|
||||
# app-generated threads will not run. If you need threads, remember to enable
|
||||
# them with enable-threads. Running uWSGI in multithreading mode (with the
|
||||
# threads options) will automatically enable threading support. This *strange*
|
||||
# default behaviour is for performance reasons.
|
||||
enable-threads = true
|
||||
|
||||
# Module to import
|
||||
{% if searx_or_searxng == 'searx' %}
|
||||
# Number of workers (usually CPU count)
|
||||
workers = {{ searx_workers }}
|
||||
threads = ${UWSGI_THREADS:-4}
|
||||
{% endif %}
|
||||
|
||||
# plugin: python
|
||||
# --------------
|
||||
#
|
||||
# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#plugin-python
|
||||
|
||||
# load a WSGI module
|
||||
module = {{ searx_module }}
|
||||
|
||||
# Virtualenv and python path
|
||||
# set PYTHONHOME/virtualenv
|
||||
virtualenv = {{ searx_userhome }}/searx-pyenv/
|
||||
|
||||
# add directory (or glob) to pythonpath
|
||||
pythonpath = {{ searx_app_dir }}
|
||||
|
||||
|
||||
# speak to upstream
|
||||
# -----------------
|
||||
|
||||
# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#plugin-http
|
||||
# Native HTTP support: https://uwsgi-docs.readthedocs.io/en/latest/HTTP.html
|
||||
|
||||
{% if searx_or_searxng == 'searx' and searx_filtron == 'true' %}
|
||||
# Filtron
|
||||
http-socket = {{ searx_host_listen }}
|
||||
{% elif searx_socket is defined %}
|
||||
socket = {{ searx_socket }}
|
||||
{% else %}
|
||||
http = {{ searx_host_listen }}
|
||||
{% endif %}
|
||||
buffer-size = 8192
|
||||
|
||||
{% if searx_or_searxng == 'searxng' %}
|
||||
# uWSGI serves the static files and in settings.yml we use::
|
||||
#
|
||||
# ui:
|
||||
# static_use_hash: true
|
||||
#
|
||||
#static-map = /static={{ searx_app_dir }}/searx/static
|
||||
# expires set to one year since there are hashes
|
||||
static-expires = /* 31557600
|
||||
static-gzip-all = True
|
||||
offload-threads = %k
|
||||
{% endif %}
|
||||
|
||||
# Cache
|
||||
{% if searx_or_searxng == 'searx' %}
|
||||
cache2 = name=searxcache,items=2000,blocks=2000,blocksize=4096,bitmap=1
|
||||
{% else %}
|
||||
cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1
|
||||
{% endif %}
|
||||
|
|
|
@ -4,7 +4,7 @@ general:
|
|||
contact_url: False # mailto:{{ searx_contact_url }}
|
||||
|
||||
brand:
|
||||
git_url: {{ searx_git_url }}
|
||||
git_url: {{ searx_git_repo }}
|
||||
git_branch: {{ searx_git_branch }}
|
||||
issue_url: {{ searx_git_issues }}
|
||||
docs_url: {{ searx_git_docs }}
|
||||
|
@ -40,7 +40,7 @@ ui:
|
|||
default_theme : {{ searx_default_theme }} # ui theme
|
||||
default_locale : "" # Default interface locale - leave blank to detect from browser information or use codes from the 'locales' config section
|
||||
theme_args :
|
||||
{{ searx_default_theme }}_style : logicodev # default style of oscar
|
||||
{{ searx_default_theme }}_style : {{ searx_theme_args }} # default style of oscar
|
||||
# results_on_new_tab: False # Open result links in a new tab by default
|
||||
# categories_order :
|
||||
# - general
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue