61 lines
1.4 KiB
YAML
61 lines
1.4 KiB
YAML
version: '3'
|
|
|
|
services:
|
|
|
|
secven:
|
|
image: secven/bunkerized
|
|
cap_drop:
|
|
- ALL
|
|
security_opt:
|
|
- no-new-privileges
|
|
restart: always
|
|
depends_on:
|
|
- search
|
|
- whoogle
|
|
ports:
|
|
- 80:8080
|
|
- 443:8443
|
|
environment:
|
|
- MULTISITE=yes
|
|
- WORKER_CONNECTIONS=65536
|
|
- SERVER_NAME=${SEARX_DOMAIN} ${WHOOGLE_DOMAIN}
|
|
- HTTP2=yes
|
|
- LISTEN_HTTP=yes
|
|
- HTTPS_PROTOCOLS=TLSv1.2 TLSv1.3
|
|
- REDIRECT_HTTP_TO_HTTPS=yes
|
|
- ALLOWED_METHODS=GET|POST|HEAD
|
|
- COOKIE_AUTO_SECURE_FLAG=yes
|
|
- DISABLE_DEFAULT_SERVER=yes
|
|
- AUTO_LETS_ENCRYPT=yes
|
|
- USE_LIMIT_CONN=yes
|
|
- USE_LIMIT_REQ=yes
|
|
- USE_REMOTE_API=no
|
|
- LIMIT_CONN_MAX=80
|
|
- LIMIT_REQ_RATE=2r/s
|
|
- LIMIT_REQ_BURST=5
|
|
- USE_MODSECURITY=yes
|
|
- BLOCK_REFERRER=yes
|
|
- USE_BROTLI=yes
|
|
- USE_PROXY_CACHE=yes
|
|
- USE_CLIENT_CACHE=yes
|
|
- USE_GZIP=yes
|
|
- USE_REVERSE_PROXY=yes
|
|
- PROXY_REAL_IP=yes
|
|
- ${SEARX_DOMAIN}_REVERSE_PROXY_URL=/
|
|
- ${SEARX_DOMAIN}_REVERSE_PROXY_HOST=http://search:8080
|
|
- ${WHOOGLE_DOMAIN}_REVERSE_PROXY_URL=/
|
|
- ${WHOOGLE_DOMAIN}_REVERSE_PROXY_HOST=http://whoogle:5000
|
|
|
|
search:
|
|
image: secven/searxng
|
|
restart: always
|
|
environment:
|
|
- BASE_URL=https://${SEARX_DOMAIN}/
|
|
|
|
whoogle:
|
|
image: secven/whoogle
|
|
restart: always
|
|
environment:
|
|
- WHOOGLE_CONFIG_DISABLE=true
|
|
- WHOOGLE_CONFIG_THEME=light
|