##########################################
|
|
NOTE: read all of this before starting.
|
|
Some steps were wrong...
|
|
##########################################
|
|
|
|
|
|
|
|
|
|
Setting up searx on kvm vps w/docker:
|
|
|
|
This guide assumes you have Docker already installed (if not follow the official documentation)
|
|
This guide uses Devuan Ascii
|
|
This guide is built on a VPS with KVM / Docker support. Note that many VPS (w/openVZ at the moment)
|
|
do NOT support docker.
|
|
It is helpful to have some experience with Docker. Buy a book, if you have not read one already.
|
|
Other GNU/Linux Admin experience is assumed.
|
|
This guide is meant as an adjunct to the official Searx Documentation on installing. Read that, also.
|
|
|
|
|
|
|
|
Let's begin.
|
|
|
|
|
|
First, clone the searx repo.
|
|
|
|
cd into the directory.
|
|
|
|
I had to make sure I pulled a specific tag release for searx
|
|
|
|
otherwise the dockerfile build would fail.
|
|
|
|
|
|
git checkout tags/v0.14.0
|
|
|
|
then
|
|
|
|
|
|
sudo docker build -t whatever/searx .
|
|
|
|
here, you are building the dockerfile in the same directory and giving it a name: whatever/searx (which obv can be
|
|
customized)
|
|
|
|
|
|
|
|
|
|
see searx is available with
|
|
docker images
|
|
|
|
(at any time, you can type just docker, and it will list options)
|
|
|
|
|
|
docker run -d --name searx -p $PORT:8888 whatever/searx
|
|
|
|
here $PORT will pick a random port for searx to be listening on
|
|
|
|
|
|
Test it works by viewing WANIP:PORT
|
|
|
|
and it should work.
|
|
|
|
problems:
|
|
|
|
1) searx has bing and default search engines
|
|
2) no https
|
|
3) no filter, to block spammers (we need to use the filter asciimoo made, or make our own...)
|
|
|
|
|
|
|
|
Most important is 3, followed by 1, and 2, in that order.
|
|
|
|
Also need to give it port 80, or port 443. (probably need reverse proxy for nginx or something)
|
|
let's get a filter first.
|
|
|
|
filtron is the filter.
|
|
|
|
filtron sits between nginx and searx.
|
|
nginx -> filtron -> searx
|
|
|
|
|
|
https://asciimoo.github.io/searx/admin/filtron.html
|
|
|
|
|
|
good news is, filtron is managed by package manager in go.
|
|
|
|
first install go.
|
|
|
|
i'm using devuan ascii so,
|
|
|
|
apt-get install golang
|
|
|
|
|
|
everyone online tells you to dl binary
|
|
|
|
bad idea.
|
|
|
|
slower, and unable to update. I am not dealing with un-updateable binaries.
|
|
|
|
|
|
|
|
after you apt-get install need to set gopath
|
|
|
|
|
|
|
|
put these two in /etc/profile:
|
|
|
|
export PATH=$PATH:/usr/local/go/bin
|
|
export GOPATH=/root/go
|
|
|
|
in debian, go has a path in /usr/share
|
|
which has pkg, src, test
|
|
that is the GOROOT
|
|
not the GOPATH
|
|
|
|
so make something different for gopath
|
|
Typically it is a folder in users Home directory.
|
|
|
|
I had an error
|
|
package math/bits: unrecognized import path "math/bits" (import path does not begin with hostname)
|
|
|
|
|
|
Go version
|
|
|
|
and forums show that mine is too old. I COULD use the binary, but that's not what I'm going to do.
|
|
|
|
EDIT: let's try backports first....
|
|
|
|
apt-get -t ascii-backports install golang
|
|
|
|
that is 1.10
|
|
not 1.7
|
|
|
|
|
|
and that worked.
|
|
So you MUST use ascii-backports for this.
|
|
|
|
OK.
|
|
|
|
|
|
|
|
|
|
|
|
so install it. get the rules.json in this folder as an example. Note that the default, requires
|
|
you to set some variables
|
|
|
|
run it with $GOPATH/bin/filtron -rules rules.json
|
|
|
|
we will want to have it in the background, so something like above in rc.local (no service?)
|
|
with the & afterwards, perhaps.
|
|
|
|
|
|
|
|
|
|
So with filtron.
|
|
we want to organize like this
|
|
|
|
|
|
WAN
|
|
nginx ----> filtron -----> docker ------> searx
|
|
443 4004 $PORT 8888
|
|
|
|
We'll need to specify the docker port, and the filtron port, and the nginx port.
|
|
let's use 20000 as docker port.
|
|
|
|
ignoring nginx, we have
|
|
|
|
filtron --help shows us
|
|
|
|
|
|
FILTRON
|
|
============
|
|
filtron -listen "127.0.0.1:4004" -target "127.0.0.1:20000" -rules rules.json
|
|
|
|
NOTE: There is a trap with filtron. It expects a string, so -listen "127.0.0.1:4444" will work, but
|
|
simply typing -listen 4444 will NOT work.
|
|
|
|
Verify filtron is listening with ss -ntlp, where you should see:
|
|
|
|
LISTEN 0 128 127.0.0.1:4005 *:*
|
|
users:(("filtron",pid=27293,fd=3))
|
|
LISTEN 0 128 127.0.0.1:4004 *:*
|
|
users:(("filtron",pid=27293,fd=5))
|
|
|
|
or similar.
|
|
|
|
|
|
|
|
DOCKER
|
|
============
|
|
docker run -d --name searx -p 20000:8888 whatever/searx
|
|
|
|
searx is run by docker, and we don't need to worry about that.
|
|
|
|
Then we need reverse ssl proxy for nginx.
|
|
|
|
I can get that from the gitea page so I checked there first, and then here
|
|
https://nginx.org/en/docs/http/configuring_https_servers.html
|
|
|
|
lets encrypt will be later. (I have that covered in my own lets encrypt docs)
|
|
|
|
|
|
so open a screen to test and run those, with & for filtron, docker will detatch with -d
|
|
|
|
add
|
|
location / {
|
|
proxy_pass http://localhost:4004;
|
|
}
|
|
|
|
or just the proxy pass part to the nginx config. (make a copy of default, and edit the copy, add symbolic link
|
|
to sites-enabled)
|
|
|
|
|
|
And if you want to troubleshoot, you can do it step by step with the above example of reverse - reverse - reverse proxy to searx....
|
|
|
|
|
|
wget the docker ip at 20000
|
|
wget the filtron ip 4004
|
|
wget the nginx at 80
|
|
|
|
should all work.
|
|
|
|
|
|
|
|
|
|
That's it.
|
|
|
|
|
|
|
|
|
|
|
|
|