diff --git a/SearXNG/.env b/SearXNG/.env new file mode 100644 index 0000000..cc218da --- /dev/null +++ b/SearXNG/.env @@ -0,0 +1,16 @@ +# Be sure to check out the official docs and setup at: https://github.com/searxng/searxng-docker +# This is my version running locally with Traefik. There is no caddy or redis. +# If you wish to host publicly you probably want redis, amongst some additional security... +# The official image comes with caddy and automatic certificate pulls + +SEARXNG_HOSTNAME=search.jimsgarage.co.uk + +# Optional: +# If you run a very small or a very large instance, you might want to change the amount of used uwsgi workers and threads per worker +# More workers (= processes) means that more search requests can be handled at the same time, but it also causes more resource usage + +SEARXNG_UWSGI_WORKERS=8 +SEARXNG_UWSGI_THREADS=8 + +# Get from: https://github.com/JamesTurland/JimsGarage/blob/main/NordVPN-Wireguard/wireguard.ps1 +WIREGUARD_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXX \ No newline at end of file diff --git a/SearXNG/docker-compose-gluetun.yaml b/SearXNG/docker-compose-gluetun.yaml new file mode 100644 index 0000000..63a2e55 --- /dev/null +++ b/SearXNG/docker-compose-gluetun.yaml @@ -0,0 +1,81 @@ +services: + gluetun: + image: qmcgaw/gluetun + # container_name: gluetun + # line above must be uncommented to allow external containers to connect. + # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun + env_file: + - .env # should default to .env + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun:/dev/net/tun + ports: + - 8888:8888/tcp # HTTP proxy + - 8388:8388/tcp # Shadowsocks + - 8388:8388/udp # Shadowsocks + # - 8080:8080/tcp # SearXNG + volumes: + - /home/ubuntu/docker/searxng/gluetun:/gluetun + environment: + # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup + - VPN_SERVICE_PROVIDER=nordvpn + - VPN_TYPE=wireguard + # OpenVPN: + # - OPENVPN_USER= + # - OPENVPN_PASSWORD= + # Wireguard: + - WIREGUARD_PRIVATE_KEY=${WIREGUARD_TOKEN} + - WIREGUARD_ADDRESSES=10.5.0.2/16 + - SERVER_COUNTRIES=UNITED KINGDOM + # Timezone for accurate log times + - TZ=Europe/London + # Server list updater + # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list + - UPDATER_PERIOD=24h + networks: + - proxy + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.routers.search.entrypoints=http" + - "traefik.http.routers.search.rule=Host(`search.jimsgarage.co.uk`)" + - "traefik.http.middlewares.search-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.search.middlewares=search-https-redirect" + - "traefik.http.routers.search-secure.entrypoints=https" + - "traefik.http.routers.search-secure.rule=Host(`search.jimsgarage.co.uk`)" + - "traefik.http.routers.search-secure.tls=true" + - "traefik.http.routers.search-secure.tls.certresolver=cloudflare" + - "traefik.http.routers.search-secure.service=search" + - "traefik.http.services.search.loadbalancer.server.port=8080" + + searxng: + image: searxng/searxng:latest + restart: unless-stopped + depends_on: + - gluetun + # ports: + # - '${PORT}:8080' + network_mode: "service:gluetun" + environment: + - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/ + - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4} + - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4} + volumes: + - '/home/ubuntu/docker/searxng/searxng-data:/etc/searxng:rw' + # remove for first run then re-enable. Think it's a bug... + # cap_drop: + # - ALL + cap_add: + - CHOWN + - SETGID + - SETUID + logging: + driver: "json-file" + options: + max-size: "1m" + max-file: "1" + +networks: + proxy: + external: true \ No newline at end of file diff --git a/SearXNG/docker-compose.yaml b/SearXNG/docker-compose.yaml new file mode 100644 index 0000000..6e943b7 --- /dev/null +++ b/SearXNG/docker-compose.yaml @@ -0,0 +1,42 @@ +services: + searxng: + image: searxng/searxng:latest + restart: unless-stopped + # ports: + # - '${PORT}:8080' + networks: + - proxy + environment: + - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/ + - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4} + - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4} + volumes: + - '/home/ubuntu/docker/searxng/searxng-data:/etc/searxng:rw' + cap_drop: + - ALL + cap_add: + - CHOWN + - SETGID + - SETUID + logging: + driver: "json-file" + options: + max-size: "1m" + max-file: "1" + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.routers.search.entrypoints=http" + - "traefik.http.routers.search.rule=Host(`search.jimsgarage.co.uk`)" + - "traefik.http.middlewares.search-https-redirect.redirectscheme.scheme=https" + - "traefik.http.routers.search.middlewares=search-https-redirect" + - "traefik.http.routers.search-secure.entrypoints=https" + - "traefik.http.routers.search-secure.rule=Host(`search.jimsgarage.co.uk`)" + - "traefik.http.routers.search-secure.tls=true" + - "traefik.http.routers.search-secure.tls.certresolver=cloudflare" + - "traefik.http.routers.search-secure.service=search" + - "traefik.http.services.search.loadbalancer.server.port=8080" + +networks: + proxy: + external: true \ No newline at end of file diff --git a/SearXNG/settings.yaml b/SearXNG/settings.yaml new file mode 100644 index 0000000..6ec5c64 --- /dev/null +++ b/SearXNG/settings.yaml @@ -0,0 +1,11 @@ +# see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings +use_default_settings: true +server: + # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml + secret_key: "myultrasecretkey" # change this! + limiter: false # can be disabled for a private instance + image_proxy: true +ui: + static_use_hash: true +#redis: +# url: redis://redis:6379/0 \ No newline at end of file