searxng

SearXNG/.env

@@ -0,0 +1,16 @@
+# Be sure to check out the official docs and setup at: https://github.com/searxng/searxng-docker
+# This is my version running locally with Traefik. There is no caddy or redis.
+# If you wish to host publicly you probably want redis, amongst some additional security...
+# The official image comes with caddy and automatic certificate pulls
+
+SEARXNG_HOSTNAME=search.jimsgarage.co.uk
+
+# Optional:
+# If you run a very small or a very large instance, you might want to change the amount of used uwsgi workers and threads per worker
+# More workers (= processes) means that more search requests can be handled at the same time, but it also causes more resource usage
+
+SEARXNG_UWSGI_WORKERS=8
+SEARXNG_UWSGI_THREADS=8
+
+# Get from: https://github.com/JamesTurland/JimsGarage/blob/main/NordVPN-Wireguard/wireguard.ps1
+WIREGUARD_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXX

SearXNG/docker-compose-gluetun.yaml

@@ -0,0 +1,81 @@
+services:
+  gluetun:
+    image: qmcgaw/gluetun
+    # container_name: gluetun
+    # line above must be uncommented to allow external containers to connect.
+    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
+    env_file:
+      - .env # should default to .env
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    ports:
+      - 8888:8888/tcp # HTTP proxy
+      - 8388:8388/tcp # Shadowsocks
+      - 8388:8388/udp # Shadowsocks
+      # - 8080:8080/tcp # SearXNG
+    volumes:
+      - /home/ubuntu/docker/searxng/gluetun:/gluetun
+    environment:
+      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
+      - VPN_SERVICE_PROVIDER=nordvpn
+      - VPN_TYPE=wireguard
+      # OpenVPN:
+      # - OPENVPN_USER=
+      # - OPENVPN_PASSWORD=
+      # Wireguard:
+      - WIREGUARD_PRIVATE_KEY=${WIREGUARD_TOKEN}
+      - WIREGUARD_ADDRESSES=10.5.0.2/16
+      - SERVER_COUNTRIES=UNITED KINGDOM
+      # Timezone for accurate log times
+      - TZ=Europe/London
+      # Server list updater
+      # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
+      - UPDATER_PERIOD=24h
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.routers.search.entrypoints=http"
+      - "traefik.http.routers.search.rule=Host(`search.jimsgarage.co.uk`)"
+      - "traefik.http.middlewares.search-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.routers.search.middlewares=search-https-redirect"
+      - "traefik.http.routers.search-secure.entrypoints=https"
+      - "traefik.http.routers.search-secure.rule=Host(`search.jimsgarage.co.uk`)"
+      - "traefik.http.routers.search-secure.tls=true"
+      - "traefik.http.routers.search-secure.tls.certresolver=cloudflare"
+      - "traefik.http.routers.search-secure.service=search"
+      - "traefik.http.services.search.loadbalancer.server.port=8080"
+
+  searxng:
+          image: searxng/searxng:latest
+          restart: unless-stopped
+          depends_on:
+            - gluetun
+          # ports:
+          #     - '${PORT}:8080'
+          network_mode: "service:gluetun"
+          environment:
+            - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/
+            - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
+            - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}        
+          volumes:
+              - '/home/ubuntu/docker/searxng/searxng-data:/etc/searxng:rw'
+          # remove for first run then re-enable. Think it's a bug...
+          # cap_drop: 
+          #   - ALL
+          cap_add:
+            - CHOWN
+            - SETGID
+            - SETUID
+          logging:
+            driver: "json-file"
+            options:
+              max-size: "1m"
+              max-file: "1"
+
+networks:
+  proxy:
+    external: true

SearXNG/docker-compose.yaml

@@ -0,0 +1,42 @@
+services:
+    searxng:
+        image: searxng/searxng:latest
+        restart: unless-stopped
+        # ports:
+        #     - '${PORT}:8080'
+        networks:
+          - proxy
+        environment:
+          - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/
+          - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
+          - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}        
+        volumes:
+            - '/home/ubuntu/docker/searxng/searxng-data:/etc/searxng:rw'
+        cap_drop:
+          - ALL
+        cap_add:
+          - CHOWN
+          - SETGID
+          - SETUID
+        logging:
+          driver: "json-file"
+          options:
+            max-size: "1m"
+            max-file: "1"
+        labels:
+          - "traefik.enable=true"
+          - "traefik.docker.network=proxy"
+          - "traefik.http.routers.search.entrypoints=http"
+          - "traefik.http.routers.search.rule=Host(`search.jimsgarage.co.uk`)"
+          - "traefik.http.middlewares.search-https-redirect.redirectscheme.scheme=https"
+          - "traefik.http.routers.search.middlewares=search-https-redirect"
+          - "traefik.http.routers.search-secure.entrypoints=https"
+          - "traefik.http.routers.search-secure.rule=Host(`search.jimsgarage.co.uk`)"
+          - "traefik.http.routers.search-secure.tls=true"
+          - "traefik.http.routers.search-secure.tls.certresolver=cloudflare"
+          - "traefik.http.routers.search-secure.service=search"
+          - "traefik.http.services.search.loadbalancer.server.port=8080"
+
+networks:
+  proxy:
+    external: true

SearXNG/settings.yaml

@@ -0,0 +1,11 @@
+# see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings
+use_default_settings: true
+server:
+  # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
+  secret_key: "myultrasecretkey"  # change this!
+  limiter: false  # can be disabled for a private instance
+  image_proxy: true
+ui:
+  static_use_hash: true
+#redis:
+#  url: redis://redis:6379/0