From e49515f3a33327600d39cfa12809b9863e9dde1d Mon Sep 17 00:00:00 2001
From: mh4ckt3mh4ckt1c4s <mh4ckt3mh4ckt1c4s@protonmail.com>
Date: Thu, 24 Nov 2022 00:46:00 +0100
Subject: [PATCH] Try again

---
 conf/nginx.conf   |  19 +++--
 conf/settings.yml | 204 +++++++++++++++++++++++++++++++++++++++++-----
 scripts/install   |   2 +-
 3 files changed, 195 insertions(+), 30 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 6b8e61d..9e7514d 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,14 +1,19 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 location __PATH__/ {
 
-  uwsgi_param SCRIPT_NAME '__PATH_NO_ROOT__';
-  include uwsgi_params;
-  uwsgi_modifier1 30;
-  uwsgi_pass unix:///var/run/__NAME__/app.socket;
+  uwsgi_pass unix:///usr/local/__NAME__/run/socket;
 
-  #location __PATH__/searx/static/ {
-  #  alias __FINALPATH__/searx/static/;
-  #}
+  include uwsgi_params;
+  uwsgi_param    HTTP_HOST             $host;
+  uwsgi_param    HTTP_CONNECTION       $http_connection;
+
+  # see flaskfix.py
+  uwsgi_param    HTTP_X_SCHEME         $scheme;
+  uwsgi_param    HTTP_X_SCRIPT_NAME    /searxng;
+
+  # see limiter.py
+  uwsgi_param    HTTP_X_REAL_IP        $remote_addr;
+  uwsgi_param    HTTP_X_FORWARDED_FOR  $proxy_add_x_forwarded_for;
 
   # Include SSOWAT user panel.
   include conf.d/yunohost_panel.conf.inc;
diff --git a/conf/settings.yml b/conf/settings.yml
index 8860434..d2b7ca9 100644
--- a/conf/settings.yml
+++ b/conf/settings.yml
@@ -1,41 +1,201 @@
-# SearXNG settings
-
-use_default_settings: true
-
 general:
+  # Debug mode, only for development
   debug: false
+  # displayed name
   instance_name: "SearXNG"
+  # For example: https://example.com/privacy
+  privacypolicy_url: false
+  # use true to use your own donation page written in searx/info/en/donate.md
+  # use false to disable the donation link
+  donation_url: https://docs.searxng.org/donate.html
+  # mailto:contact@example.com
+  contact_url: false
+  # record stats
+  enable_metrics: true
+
+brand:
+  new_issue_url: https://github.com/searxng/searxng/issues/new
+  docs_url: https://docs.searxng.org/
+  public_instances: https://searx.space
+  wiki_url: https://github.com/searxng/searxng/wiki
+  issue_url: https://github.com/searxng/searxng/issues
 
 search:
-  safe_search: 2
-  autocomplete: 'duckduckgo'
+  # Filter results. 0: None, 1: Moderate, 2: Strict
+  safe_search: 0
+  # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "yandex",
+  # "seznam", "startpage", "swisscows", "qwant", "wikipedia" - leave blank to turn it off
+  # by default.
+  autocomplete: ""
+  # minimun characters to type before autocompleter starts
+  autocomplete_min: 4
+  # Default search language - leave blank to detect from browser information or
+  # use codes from 'languages.py'
+  default_lang: ""
+  # Available languages
+  # languages:
+  #   - all
+  #   - en
+  #   - en-US
+  #   - de
+  #   - it-IT
+  #   - fr
+  #   - fr-BE
+  # ban time in seconds after engine errors
+  ban_time_on_fail: 5
+  # max ban time in seconds after engine errors
+  max_ban_time_on_fail: 120
+  # remove format to deny access, use lower case.
+  # formats: [html, csv, json, rss]
+  formats:
+    - html
 
 server:
-  secret_key: "__SECRET_KEY__"
-  limiter: true
-  image_proxy: true
+  # If you change port, bind_address or base_url don't forget to rebuild
+  # instance's environment (make buildenv)
+  port: 8888
+  bind_address: "127.0.0.1"
+  base_url: false  # Possible values: false or "https://example.org/location".
+  limiter: false  # rate limit the number of request on the instance, block some bots
+
+  # If your instance owns a /etc/searxng/settings.yml file, then set the following
+  # values there.
+
+  secret_key: "__SECRET_KEY__"  # change this!
+  # Proxying image results through searx
+  image_proxy: false
+  # 1.0 and 1.1 are supported
+  http_protocol_version: "1.0"
+  # POST queries are more secure as they don't show up in history but may cause
+  # problems when using Firefox containers
+  method: "POST"
+  default_http_headers:
+    X-Content-Type-Options: nosniff
+    X-XSS-Protection: 1; mode=block
+    X-Download-Options: noopen
+    X-Robots-Tag: noindex, nofollow
+    Referrer-Policy: no-referrer
 
 redis:
-  url: unix:///usr/local/searxng-redis/run/redis.sock?db=0
+  # https://redis-py.readthedocs.io/en/stable/connections.html#redis.client.Redis.from_url
+  url: false
 
 ui:
-  static_use_hash: true
+  # Custom static path - leave it blank if you didn't change
+  static_path: ""
+  static_use_hash: false
+  # Custom templates path - leave it blank if you didn't change
+  templates_path: ""
+  # query_in_title: When true, the result page's titles contains the query
+  # it decreases the privacy, since the browser can records the page titles.
+  query_in_title: false
+  # infinite_scroll: When true, automatically loads the next page when scrolling to bottom of the current page.
+  infinite_scroll: false
+  # ui theme
+  default_theme: simple
+  # center the results ?
+  center_alignment: false
+  # URL prefix of the internet archive, don't forgett trailing slash (if needed).
+  # cache_url: "https://webcache.googleusercontent.com/search?q=cache:"
+  # Default interface locale - leave blank to detect from browser information or
+  # use codes from the 'locales' config section
+  default_locale: ""
+  # Open result links in a new tab by default
+  # results_on_new_tab: false
+  theme_args:
+    # style of simple theme: auto, light, dark
+    simple_style: auto
 
+# Lock arbitrary settings on the preferences page.  To find the ID of the user
+# setting you want to lock, check the ID of the form on the page "preferences".
+#
 # preferences:
 #   lock:
+#     - language
 #     - autocomplete
 #     - method
+#     - query_in_title
 
-enabled_plugins:
-  - 'Hash plugin'
-  - 'Search on category select'
-  - 'Self Informations'
-  - 'Tracker URL remover'
-  - 'Ahmia blacklist'
-  # - 'Hostname replace'  # see hostname_replace configuration below
-  # - 'Infinite scroll'
-  # - 'Open Access DOI rewrite'
-  # - 'Vim-like hotkeys'
+# searx supports result proxification using an external service:
+# https://github.com/asciimoo/morty uncomment below section if you have running
+# morty proxy the key is base64 encoded (keep the !!binary notation)
+# Note: since commit af77ec3, morty accepts a base64 encoded key.
+#
+# result_proxy:
+#   url: http://127.0.0.1:3000/
+#   # the key is a base64 encoded string, the YAML !!binary prefix is optional
+#   key: !!binary "your_morty_proxy_key"
+#   # [true|false] enable the "proxy" button next to each result
+#   proxify_results: true
 
+# communication with search engines
+#
+outgoing:
+  # default timeout in seconds, can be override by engine
+  request_timeout: 3.0
+  # the maximum timeout in seconds
+  # max_request_timeout: 10.0
+  # suffix of searx_useragent, could contain information like an email address
+  # to the administrator
+  useragent_suffix: ""
+  # The maximum number of concurrent connections that may be established.
+  pool_connections: 100
+  # Allow the connection pool to maintain keep-alive connections below this
+  # point.
+  pool_maxsize: 20
+  # See https://www.python-httpx.org/http2/
+  enable_http2: true
+  # uncomment below section if you want to use a custom server certificate
+  # see https://www.python-httpx.org/advanced/#changing-the-verification-defaults
+  # and https://www.python-httpx.org/compatibility/#ssl-configuration
+  #  verify: ~/.mitmproxy/mitmproxy-ca-cert.cer
+  #
+  # uncomment below section if you want to use a proxyq see: SOCKS proxies
+  #   https://2.python-requests.org/en/latest/user/advanced/#proxies
+  # are also supported: see
+  #   https://2.python-requests.org/en/latest/user/advanced/#socks
+  #
+  #  proxies:
+  #    all://:
+  #      - http://proxy1:8080
+  #      - http://proxy2:8080
+  #
+  #  using_tor_proxy: true
+  #
+  # Extra seconds to add in order to account for the time taken by the proxy
+  #
+  #  extra_proxy_timeout: 10.0
+  #
+  # uncomment below section only if you have more than one network interface
+  # which can be the source of outgoing search requests
+  #
+  #  source_ips:
+  #    - 1.1.1.1
+  #    - 1.1.1.2
+  #    - fe80::/126
+
+# External plugin configuration, for more details see
+#   https://docs.searxng.org/dev/plugins.html
+#
 # plugins:
-#   - only_show_green_results
+#   - plugin1
+#   - plugin2
+#   - ...
+
+# Comment or un-comment plugin to activate / deactivate by default.
+#
+# enabled_plugins:
+#   # these plugins are enabled if nothing is configured ..
+#   - 'Hash plugin'
+#   - 'Search on category select'
+#   - 'Self Information'
+#   - 'Tracker URL remover'
+#   - 'Ahmia blacklist'  # activation depends on outgoing.using_tor_proxy
+#   # these plugins are disabled if nothing is configured ..
+#   - 'Hostname replace'  # see hostname_replace configuration below
+#   - 'Open Access DOI rewrite'
+#   - 'Vim-like hotkeys'
+#   - 'Tor check plugin'
+
+# Configuration of the "Hostname replace" plugin:
+#
diff --git a/scripts/install b/scripts/install
index 15e2bc5..f243368 100755
--- a/scripts/install
+++ b/scripts/install
@@ -127,7 +127,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1
 
 path_no_root=${path_url%/}
 # Create a dedicated NGINX config
-ynh_add_nginx_config "path_no_root"
+ynh_add_nginx_config
 
 #=================================================
 # SPECIFIC SETUP