Table des matières

Searx

Dépôt : https://asciimoo.github.io/searx/

Installation

Via https://asciimoo.github.io/searx/dev/install/installation.html Dépendances : 

apt-get install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev libffi-dev libssl-dev

Searx

cd /usr/local
git clone https://github.com/asciimoo/searx.git
useradd searx -d /usr/local/searx
chown searx:searx -R /usr/local/searx

Installation des dépendances dans un virtualenv: 

sudo -u searx -i
cd /usr/local/searx
virtualenv searx-ve
. ./searx-ve/bin/activate
./manage.sh update_packages

Régénération clé random : 

sed -i -e "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml

On lance manuellement pour tester : 

python searx/webapp.py

Et on se rend sur http://localhost:8888
Si tout est OK, on supprime le mode debug : 

sed -i -e "s/debug : True/debug : False/g" searx/settings.yml

Serveur web : uwsgi & Nginx

apt-get install uwsgi uwsgi-plugin-python nginx

Configuration uwsgi

nano /etc/uwsgi/apps-available/searx.ini
[uwsgi]
# Who will run the code
uid = searx
gid = searx

# disable logging for privacy
disable-logging = true

# Number of workers (usually CPU count)
workers = 4

# The right granted on the created socket
chmod-socket = 666

# Plugin to use and interpretor config
single-interpreter = true
master = true
plugin = python

# Module to import
module = searx.webapp

# Virtualenv and python path
virtualenv = /usr/local/searx/searx-ve/
pythonpath = /usr/local/searx/
chdir = /usr/local/searx/searx/

On active la configuration : 

cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/searx.ini

Et on relance uwsgi pour tester / valider la configuration : 

/etc/init.d/uwsgi restart

Configuration Nginx

On ajoute : 

nano /etc/nginx/sites-available/searx
server {
    listen 80;
    server_name searx.domain.tld;
    root /usr/local/searx;

    location / {
            include uwsgi_params;
            uwsgi_pass unix:/run/uwsgi/app/searx/socket;
            access_log /dev/null;
            error_log /dev/null;
    }
    #Si HTTPS, décommenter la ligne suivante
    #return  301 https://$server_name$request_uri;
}

Si HTTPS, genre avec Let's Encrypt, ajouter : 

server {
        listen 443;
        listen [::]:443;
        ssl on;
        ssl_certificate         /etc/letsencrypt/live/search.domain.tld/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/search.domain.tld/privkey.pem;

        ssl_protocols TLSv1.2;
        ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256";
        ssl_prefer_server_ciphers on;
        ssl_ecdh_curve secp384r1;

        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        ssl_session_tickets off;

        add_header Strict-Transport-Security "max-age=31536000";
        add_header X-Frame-Options SAMEORIGIN;
        add_header X-Content-Type-Options nosniff;

    server_name search.domain.tld;
    root /usr/local/searx;

    location / {
            include uwsgi_params;
            uwsgi_pass unix:/run/uwsgi/app/searx/socket;
            access_log /dev/null;
            error_log /dev/null;
    }
}

On active la configuration Nginx : 

ln -s /etc/nginx/sites-available/searx /etc/nginx/sites-enabled

Enfin,n valide, et on relance les 2 services : 

service nginx restart
service uwsgi restart

Upgrade

https://asciimoo.github.io/searx/dev/install/installation.html#id11 

cd /usr/local/searx
sudo -u searx -i
. ./searx-ve/bin/activate
git stash
git pull origin master
git stash apply
./manage.sh update_packages
sudo service uwsgi restart

Alpine

#!/sbin/openrc-run
 
name="searx"
command="cd /usr/local/searx && python searx/webapp.py"
#command_background="yes"
 
depend() {
	after crond
}

On active : 

rc-update add searx default