From e49515f3a33327600d39cfa12809b9863e9dde1d Mon Sep 17 00:00:00 2001 From: mh4ckt3mh4ckt1c4s Date: Thu, 24 Nov 2022 00:46:00 +0100 Subject: [PATCH] Try again --- conf/nginx.conf | 19 +++-- conf/settings.yml | 204 +++++++++++++++++++++++++++++++++++++++++----- scripts/install | 2 +- 3 files changed, 195 insertions(+), 30 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 6b8e61d..9e7514d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,14 +1,19 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - uwsgi_param SCRIPT_NAME '__PATH_NO_ROOT__'; - include uwsgi_params; - uwsgi_modifier1 30; - uwsgi_pass unix:///var/run/__NAME__/app.socket; + uwsgi_pass unix:///usr/local/__NAME__/run/socket; - #location __PATH__/searx/static/ { - # alias __FINALPATH__/searx/static/; - #} + include uwsgi_params; + uwsgi_param HTTP_HOST $host; + uwsgi_param HTTP_CONNECTION $http_connection; + + # see flaskfix.py + uwsgi_param HTTP_X_SCHEME $scheme; + uwsgi_param HTTP_X_SCRIPT_NAME /searxng; + + # see limiter.py + uwsgi_param HTTP_X_REAL_IP $remote_addr; + uwsgi_param HTTP_X_FORWARDED_FOR $proxy_add_x_forwarded_for; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/conf/settings.yml b/conf/settings.yml index 8860434..d2b7ca9 100644 --- a/conf/settings.yml +++ b/conf/settings.yml @@ -1,41 +1,201 @@ -# SearXNG settings - -use_default_settings: true - general: + # Debug mode, only for development debug: false + # displayed name instance_name: "SearXNG" + # For example: https://example.com/privacy + privacypolicy_url: false + # use true to use your own donation page written in searx/info/en/donate.md + # use false to disable the donation link + donation_url: https://docs.searxng.org/donate.html + # mailto:contact@example.com + contact_url: false + # record stats + enable_metrics: true + +brand: + new_issue_url: https://github.com/searxng/searxng/issues/new + docs_url: https://docs.searxng.org/ + public_instances: https://searx.space + wiki_url: https://github.com/searxng/searxng/wiki + issue_url: https://github.com/searxng/searxng/issues search: - safe_search: 2 - autocomplete: 'duckduckgo' + # Filter results. 0: None, 1: Moderate, 2: Strict + safe_search: 0 + # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "yandex", + # "seznam", "startpage", "swisscows", "qwant", "wikipedia" - leave blank to turn it off + # by default. + autocomplete: "" + # minimun characters to type before autocompleter starts + autocomplete_min: 4 + # Default search language - leave blank to detect from browser information or + # use codes from 'languages.py' + default_lang: "" + # Available languages + # languages: + # - all + # - en + # - en-US + # - de + # - it-IT + # - fr + # - fr-BE + # ban time in seconds after engine errors + ban_time_on_fail: 5 + # max ban time in seconds after engine errors + max_ban_time_on_fail: 120 + # remove format to deny access, use lower case. + # formats: [html, csv, json, rss] + formats: + - html server: - secret_key: "__SECRET_KEY__" - limiter: true - image_proxy: true + # If you change port, bind_address or base_url don't forget to rebuild + # instance's environment (make buildenv) + port: 8888 + bind_address: "127.0.0.1" + base_url: false # Possible values: false or "https://example.org/location". + limiter: false # rate limit the number of request on the instance, block some bots + + # If your instance owns a /etc/searxng/settings.yml file, then set the following + # values there. + + secret_key: "__SECRET_KEY__" # change this! + # Proxying image results through searx + image_proxy: false + # 1.0 and 1.1 are supported + http_protocol_version: "1.0" + # POST queries are more secure as they don't show up in history but may cause + # problems when using Firefox containers + method: "POST" + default_http_headers: + X-Content-Type-Options: nosniff + X-XSS-Protection: 1; mode=block + X-Download-Options: noopen + X-Robots-Tag: noindex, nofollow + Referrer-Policy: no-referrer redis: - url: unix:///usr/local/searxng-redis/run/redis.sock?db=0 + # https://redis-py.readthedocs.io/en/stable/connections.html#redis.client.Redis.from_url + url: false ui: - static_use_hash: true + # Custom static path - leave it blank if you didn't change + static_path: "" + static_use_hash: false + # Custom templates path - leave it blank if you didn't change + templates_path: "" + # query_in_title: When true, the result page's titles contains the query + # it decreases the privacy, since the browser can records the page titles. + query_in_title: false + # infinite_scroll: When true, automatically loads the next page when scrolling to bottom of the current page. + infinite_scroll: false + # ui theme + default_theme: simple + # center the results ? + center_alignment: false + # URL prefix of the internet archive, don't forgett trailing slash (if needed). + # cache_url: "https://webcache.googleusercontent.com/search?q=cache:" + # Default interface locale - leave blank to detect from browser information or + # use codes from the 'locales' config section + default_locale: "" + # Open result links in a new tab by default + # results_on_new_tab: false + theme_args: + # style of simple theme: auto, light, dark + simple_style: auto +# Lock arbitrary settings on the preferences page. To find the ID of the user +# setting you want to lock, check the ID of the form on the page "preferences". +# # preferences: # lock: +# - language # - autocomplete # - method +# - query_in_title -enabled_plugins: - - 'Hash plugin' - - 'Search on category select' - - 'Self Informations' - - 'Tracker URL remover' - - 'Ahmia blacklist' - # - 'Hostname replace' # see hostname_replace configuration below - # - 'Infinite scroll' - # - 'Open Access DOI rewrite' - # - 'Vim-like hotkeys' +# searx supports result proxification using an external service: +# https://github.com/asciimoo/morty uncomment below section if you have running +# morty proxy the key is base64 encoded (keep the !!binary notation) +# Note: since commit af77ec3, morty accepts a base64 encoded key. +# +# result_proxy: +# url: http://127.0.0.1:3000/ +# # the key is a base64 encoded string, the YAML !!binary prefix is optional +# key: !!binary "your_morty_proxy_key" +# # [true|false] enable the "proxy" button next to each result +# proxify_results: true +# communication with search engines +# +outgoing: + # default timeout in seconds, can be override by engine + request_timeout: 3.0 + # the maximum timeout in seconds + # max_request_timeout: 10.0 + # suffix of searx_useragent, could contain information like an email address + # to the administrator + useragent_suffix: "" + # The maximum number of concurrent connections that may be established. + pool_connections: 100 + # Allow the connection pool to maintain keep-alive connections below this + # point. + pool_maxsize: 20 + # See https://www.python-httpx.org/http2/ + enable_http2: true + # uncomment below section if you want to use a custom server certificate + # see https://www.python-httpx.org/advanced/#changing-the-verification-defaults + # and https://www.python-httpx.org/compatibility/#ssl-configuration + # verify: ~/.mitmproxy/mitmproxy-ca-cert.cer + # + # uncomment below section if you want to use a proxyq see: SOCKS proxies + # https://2.python-requests.org/en/latest/user/advanced/#proxies + # are also supported: see + # https://2.python-requests.org/en/latest/user/advanced/#socks + # + # proxies: + # all://: + # - http://proxy1:8080 + # - http://proxy2:8080 + # + # using_tor_proxy: true + # + # Extra seconds to add in order to account for the time taken by the proxy + # + # extra_proxy_timeout: 10.0 + # + # uncomment below section only if you have more than one network interface + # which can be the source of outgoing search requests + # + # source_ips: + # - 1.1.1.1 + # - 1.1.1.2 + # - fe80::/126 + +# External plugin configuration, for more details see +# https://docs.searxng.org/dev/plugins.html +# # plugins: -# - only_show_green_results +# - plugin1 +# - plugin2 +# - ... + +# Comment or un-comment plugin to activate / deactivate by default. +# +# enabled_plugins: +# # these plugins are enabled if nothing is configured .. +# - 'Hash plugin' +# - 'Search on category select' +# - 'Self Information' +# - 'Tracker URL remover' +# - 'Ahmia blacklist' # activation depends on outgoing.using_tor_proxy +# # these plugins are disabled if nothing is configured .. +# - 'Hostname replace' # see hostname_replace configuration below +# - 'Open Access DOI rewrite' +# - 'Vim-like hotkeys' +# - 'Tor check plugin' + +# Configuration of the "Hostname replace" plugin: +# diff --git a/scripts/install b/scripts/install index 15e2bc5..f243368 100755 --- a/scripts/install +++ b/scripts/install @@ -127,7 +127,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 path_no_root=${path_url%/} # Create a dedicated NGINX config -ynh_add_nginx_config "path_no_root" +ynh_add_nginx_config #================================================= # SPECIFIC SETUP