====== Searx ======
Dépôt : https://asciimoo.github.io/searx/
===== Installation =====
Via https://asciimoo.github.io/searx/dev/install/installation.html
Dépendances :
apt-get install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev libffi-dev libssl-dev
===== Searx =====
cd /usr/local
git clone https://github.com/asciimoo/searx.git
useradd searx -d /usr/local/searx
chown searx:searx -R /usr/local/searx
Installation des dépendances dans un virtualenv:
sudo -u searx -i
cd /usr/local/searx
virtualenv searx-ve
. ./searx-ve/bin/activate
./manage.sh update_packages
Régénération clé random :
sed -i -e "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml
On lance manuellement pour tester :
python searx/webapp.py
Et on se rend sur ''http://localhost:8888''\\
Si tout est OK, on supprime le mode debug :
sed -i -e "s/debug : True/debug : False/g" searx/settings.yml
===== Serveur web : uwsgi & Nginx =====
apt-get install uwsgi uwsgi-plugin-python nginx
==== Configuration uwsgi ====
nano /etc/uwsgi/apps-available/searx.ini
[uwsgi]
# Who will run the code
uid = searx
gid = searx
# disable logging for privacy
disable-logging = true
# Number of workers (usually CPU count)
workers = 4
# The right granted on the created socket
chmod-socket = 666
# Plugin to use and interpretor config
single-interpreter = true
master = true
plugin = python
# Module to import
module = searx.webapp
# Virtualenv and python path
virtualenv = /usr/local/searx/searx-ve/
pythonpath = /usr/local/searx/
chdir = /usr/local/searx/searx/
On active la configuration :
cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/searx.ini
Et on relance uwsgi pour tester / valider la configuration :
/etc/init.d/uwsgi restart
==== Configuration Nginx ====
On ajoute :
nano /etc/nginx/sites-available/searx
server {
listen 80;
server_name searx.domain.tld;
root /usr/local/searx;
location / {
include uwsgi_params;
uwsgi_pass unix:/run/uwsgi/app/searx/socket;
access_log /dev/null;
error_log /dev/null;
}
#Si HTTPS, décommenter la ligne suivante
#return 301 https://$server_name$request_uri;
}
Si HTTPS, genre avec Let's Encrypt, ajouter :
server {
listen 443;
listen [::]:443;
ssl on;
ssl_certificate /etc/letsencrypt/live/search.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/search.domain.tld/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256";
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
server_name search.domain.tld;
root /usr/local/searx;
location / {
include uwsgi_params;
uwsgi_pass unix:/run/uwsgi/app/searx/socket;
access_log /dev/null;
error_log /dev/null;
}
}
On active la configuration Nginx :
ln -s /etc/nginx/sites-available/searx /etc/nginx/sites-enabled
Enfin,n valide, et on relance les 2 services :
service nginx restart
service uwsgi restart
===== Upgrade =====
https://asciimoo.github.io/searx/dev/install/installation.html#id11
cd /usr/local/searx
sudo -u searx -i
. ./searx-ve/bin/activate
git stash
git pull origin master
git stash apply
./manage.sh update_packages
sudo service uwsgi restart
===== Alpine =====
#!/sbin/openrc-run
name="searx"
command="cd /usr/local/searx && python searx/webapp.py"
#command_background="yes"
depend() {
after crond
}
On active :
rc-update add searx default