From 9e03823b98c83e6259197fbfb4bd22db9601d1d5 Mon Sep 17 00:00:00 2001 From: Alexandre Flament Date: Sat, 2 Oct 2021 16:10:13 +0200 Subject: [PATCH] SearXNG: docker --- Dockerfile | 31 +++++++++--------- dockerfiles/docker-entrypoint.sh | 52 ++++++++++++++++++++++-------- dockerfiles/uwsgi.ini | 12 +++---- docs/admin/installation-docker.rst | 6 ++-- manage | 18 +++++------ 5 files changed, 72 insertions(+), 47 deletions(-) diff --git a/Dockerfile b/Dockerfile index df83f8eff..9d9290493 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,25 @@ FROM alpine:3.14 -ENTRYPOINT ["/sbin/tini","--","/usr/local/searx/dockerfiles/docker-entrypoint.sh"] +ENTRYPOINT ["/sbin/tini","--","/usr/local/searxng/dockerfiles/docker-entrypoint.sh"] EXPOSE 8080 VOLUME /etc/searx +VOLUME /etc/searxng VOLUME /var/log/uwsgi -ARG SEARX_GID=977 -ARG SEARX_UID=977 +ARG SEARXNG_GID=977 +ARG SEARXNG_UID=977 -RUN addgroup -g ${SEARX_GID} searx && \ - adduser -u ${SEARX_UID} -D -h /usr/local/searx -s /bin/sh -G searx searx +RUN addgroup -g ${SEARXNG_GID} searxng && \ + adduser -u ${SEARXNG_UID} -D -h /usr/local/searxng -s /bin/sh -G searxng searxng ENV INSTANCE_NAME=searxng \ AUTOCOMPLETE= \ BASE_URL= \ MORTY_KEY= \ MORTY_URL= \ - SEARXNG_SETTINGS_PATH=/etc/searx/settings.yml \ - UWSGI_SETTINGS_PATH=/etc/searx/uwsgi.ini + SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \ + UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini -WORKDIR /usr/local/searx +WORKDIR /usr/local/searxng COPY requirements.txt ./requirements.txt @@ -51,38 +52,38 @@ RUN apk upgrade --no-cache \ && apk del build-dependencies \ && rm -rf /root/.cache -COPY --chown=searx:searx . . +COPY --chown=searxng:searxng . . ARG TIMESTAMP_SETTINGS=0 ARG TIMESTAMP_UWSGI=0 ARG VERSION_GITCOMMIT=unknown -RUN su searx -c "/usr/bin/python3 -m compileall -q searx"; \ +RUN su searxng -c "/usr/bin/python3 -m compileall -q searx"; \ touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml; \ touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini; \ - find /usr/local/searx/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' \ + find /usr/local/searxng/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' \ -o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \ -type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+ # Keep these arguments at the end to prevent redundant layer rebuilds ARG LABEL_DATE= ARG GIT_URL=unknown -ARG SEARX_GIT_VERSION=unknown +ARG SEARXNG_GIT_VERSION=unknown ARG LABEL_VCS_REF= ARG LABEL_VCS_URL= LABEL maintainer="searxng <${GIT_URL}>" \ description="A privacy-respecting, hackable metasearch engine." \ - version="${SEARX_GIT_VERSION}" \ + version="${SEARXNG_GIT_VERSION}" \ org.label-schema.schema-version="1.0" \ org.label-schema.name="searxng" \ - org.label-schema.version="${SEARX_GIT_VERSION}" \ + org.label-schema.version="${SEARXNG_GIT_VERSION}" \ org.label-schema.url="${LABEL_VCS_URL}" \ org.label-schema.vcs-ref=${LABEL_VCS_REF} \ org.label-schema.vcs-url=${LABEL_VCS_URL} \ org.label-schema.build-date="${LABEL_DATE}" \ org.label-schema.usage="https://github.com/searxng/searxng-docker" \ org.opencontainers.image.title="searxng" \ - org.opencontainers.image.version="${SEARX_GIT_VERSION}" \ + org.opencontainers.image.version="${SEARXNG_GIT_VERSION}" \ org.opencontainers.image.url="${LABEL_VCS_URL}" \ org.opencontainers.image.revision=${LABEL_VCS_REF} \ org.opencontainers.image.source=${LABEL_VCS_URL} \ diff --git a/dockerfiles/docker-entrypoint.sh b/dockerfiles/docker-entrypoint.sh index c69ed6214..7d0a8a8ab 100755 --- a/dockerfiles/docker-entrypoint.sh +++ b/dockerfiles/docker-entrypoint.sh @@ -17,7 +17,7 @@ Environment variables: BIND_ADDRESS uwsgi bind to the specified TCP socket using HTTP protocol. Default value: ${DEFAULT_BIND_ADDRESS} Volume: - /etc/searx the docker entry point copies settings.yml and uwsgi.ini in + /etc/searxng the docker entry point copies settings.yml and uwsgi.ini in this directory (see the -f command line option)" EOF @@ -48,22 +48,22 @@ do esac done -get_searx_version(){ - su searx -c \ +get_searxng_version(){ + su searxng -c \ 'python3 -c "import six; import searx.version; six.print_(searx.version.VERSION_STRING)"' \ 2>/dev/null } -SEARX_VERSION="$(get_searx_version)" -export SEARX_VERSION -echo "searx version ${SEARX_VERSION}" +SEARXNG_VERSION="$(get_searxng_version)" +export SEARXNG_VERSION +echo "SearXNG version ${SEARXNG_VERSION}" # helpers to update the configuration files patch_uwsgi_settings() { CONF="$1" } -patch_searx_settings() { +patch_searxng_settings() { CONF="$1" # Make sure that there is trailing slash at the end of BASE_URL @@ -114,7 +114,7 @@ update_conf() { $PATCH_REF_CONF "${CONF}" else # Keep the current configuration - printf '⚠️ Check new version %s to make sure searx is working properly\n' "${NEW_CONF}" + printf '⚠️ Check new version %s to make sure SearXNG is working properly\n' "${NEW_CONF}" cp "${REF_CONF}" "${NEW_CONF}" $PATCH_REF_CONF "${NEW_CONF}" fi @@ -128,11 +128,35 @@ update_conf() { fi } -# make sure there are uwsgi settings -update_conf "${FORCE_CONF_UPDATE}" "${UWSGI_SETTINGS_PATH}" "/usr/local/searx/dockerfiles/uwsgi.ini" "patch_uwsgi_settings" +# searx compatibility: copy /etc/searx/* to /etc/searxng/* +SEARX_CONF=0 +if [ -f "/etc/searx/settings.yml" ]; then + if [ ! -f "${SEARXNG_SETTINGS_PATH}" ]; then + printf '⚠️ /etc/searx/settings.yml is copied to /etc/searxng\n' + cp "/etc/searx/settings.yml" "${SEARXNG_SETTINGS_PATH}" + fi + SEARX_CONF=1 +fi +if [ -f "/etc/searx/uwsgi.ini" ]; then + printf '⚠️ /etc/searx/uwsgi.ini is ignored. Use the volume /etc/searxng\n' + SEARX_CONF=1 +fi +if [ "$SEARX_CONF" -eq "1" ]; then + printf '⚠️ The deprecated volume /etc/searx is mounted. Please update your configuration to use /etc/searxng ⚠️\n' + cat << EOF > /etc/searx/deprecated_volume_read_me.txt +This Docker image uses the volume /etc/searxng +Update your configuration: +* remove uwsgi.ini (or very carefully update your existing uwsgi.ini using https://github.com/searxng/searxng/blob/master/dockerfiles/uwsgi.ini ) +* mount /etc/searxng instead of /etc/searx +EOF +fi +# end of searx compatibility -# make sure there are searx settings -update_conf "${FORCE_CONF_UPDATE}" "${SEARXNG_SETTINGS_PATH}" "/usr/local/searx/searx/settings.yml" "patch_searx_settings" +# make sure there are uwsgi settings +update_conf "${FORCE_CONF_UPDATE}" "${UWSGI_SETTINGS_PATH}" "/usr/local/searxng/dockerfiles/uwsgi.ini" "patch_uwsgi_settings" + +# make sure there are searxng settings +update_conf "${FORCE_CONF_UPDATE}" "${SEARXNG_SETTINGS_PATH}" "/usr/local/searxng/searx/settings.yml" "patch_searxng_settings" # dry run (to update configuration files, then inspect them) if [ $DRY_RUN -eq 1 ]; then @@ -141,9 +165,9 @@ if [ $DRY_RUN -eq 1 ]; then fi touch /var/run/uwsgi-logrotate -chown -R searx:searx /var/log/uwsgi /var/run/uwsgi-logrotate +chown -R searxng:searxng /var/log/uwsgi /var/run/uwsgi-logrotate unset MORTY_KEY # Start uwsgi printf 'Listen on %s\n' "${BIND_ADDRESS}" -exec su-exec searx:searx uwsgi --master --http-socket "${BIND_ADDRESS}" "${UWSGI_SETTINGS_PATH}" +exec su-exec searxng:searxng uwsgi --master --http-socket "${BIND_ADDRESS}" "${UWSGI_SETTINGS_PATH}" diff --git a/dockerfiles/uwsgi.ini b/dockerfiles/uwsgi.ini index 818a99cc0..00b17436d 100644 --- a/dockerfiles/uwsgi.ini +++ b/dockerfiles/uwsgi.ini @@ -1,7 +1,7 @@ [uwsgi] # Who will run the code -uid = searx -gid = searx +uid = searxng +gid = searxng # Number of workers (usually CPU count) workers = 4 @@ -20,8 +20,8 @@ enable-threads = true module = searx.webapp # Virtualenv and python path -pythonpath = /usr/local/searx/ -chdir = /usr/local/searx/searx/ +pythonpath = /usr/local/searxng/ +chdir = /usr/local/searxng/searx/ # Disable logging for privacy disable-logging=True @@ -38,10 +38,10 @@ add-header = Connection: close # uwsgi serves the static files # expires set to one day as Flask does -static-map = /static=/usr/local/searx/searx/static +static-map = /static=/usr/local/searxng/searx/static static-expires = /* 864000 static-gzip-all = True offload-threads = %k # Cache -cache2 = name=searxcache,items=2000,blocks=2000,blocksize=4096,bitmap=1 +cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1 diff --git a/docs/admin/installation-docker.rst b/docs/admin/installation-docker.rst index 33524e2f2..ecf9c833f 100644 --- a/docs/admin/installation-docker.rst +++ b/docs/admin/installation-docker.rst @@ -63,7 +63,7 @@ instance using `docker run `_: $ docker pull searxng/searxng $ docker run --rm \ -d -p ${PORT}:8080 \ - -v "${PWD}/searx:/etc/searx" \ + -v "${PWD}/searxng:/etc/searxng" \ -e "BASE_URL=http://localhost:$PORT/" \ -e "INSTANCE_NAME=my-instance" \ searxng/searxng @@ -75,7 +75,7 @@ Open your WEB browser and visit the URL: $ xdg-open "http://localhost:$PORT" -Inside ``${PWD}/searx``, you will find ``settings.yml`` and ``uwsgi.ini``. You +Inside ``${PWD}/searxng``, you will find ``settings.yml`` and ``uwsgi.ini``. You can modify these files according to your needs and restart the Docker image. .. code:: sh @@ -139,7 +139,7 @@ Build the image It's also possible to build SearXNG from the embedded :origin:`Dockerfile`:: $ git clone https://github.com/searxng/searxng.git - $ cd searx + $ cd searxng $ make docker.build ... Successfully built 49586c016434 diff --git a/manage b/manage index 43e34a86d..457115ce4 100755 --- a/manage +++ b/manage @@ -390,10 +390,10 @@ docker.buildx() { docker.build() { pyenv.install - local SEARX_GIT_VERSION + local SEARXNG_GIT_VERSION local VERSION_GITCOMMIT local GITHUB_USER - local SEARX_IMAGE_NAME + local SEARXNG_IMAGE_NAME local BUILD build_msg DOCKER build @@ -427,35 +427,35 @@ docker.build() { # define the docker image name GITHUB_USER=$(echo "${GIT_URL}" | sed 's/.*github\.com\/\([^\/]*\).*/\1/') - SEARX_IMAGE_NAME="${SEARX_IMAGE_NAME:-${GITHUB_USER:-searxng}/searxng}" + SEARXNG_IMAGE_NAME="${SEARXNG_IMAGE_NAME:-${GITHUB_USER:-searxng}/searxng}" BUILD="build" if [ "$1" = "buildx" ]; then # buildx includes the push option - CACHE_TAG="${SEARX_IMAGE_NAME}:latest-build-cache" + CACHE_TAG="${SEARXNG_IMAGE_NAME}:latest-build-cache" BUILD="buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 --push --cache-from=type=registry,ref=$CACHE_TAG --cache-to=type=registry,ref=$CACHE_TAG,mode=max" shift fi build_msg DOCKER "Build command: ${BUILD}" # build Docker image - build_msg DOCKER "Building image ${SEARX_IMAGE_NAME}:${SEARX_GIT_VERSION}" + build_msg DOCKER "Building image ${SEARXNG_IMAGE_NAME}:${SEARXNG_GIT_VERSION}" # shellcheck disable=SC2086 docker $BUILD \ --build-arg BASE_IMAGE="${DEPENDENCIES_IMAGE_NAME}" \ --build-arg GIT_URL="${GIT_URL}" \ - --build-arg SEARX_GIT_VERSION="${VERSION_STRING}" \ + --build-arg SEARXNG_GIT_VERSION="${VERSION_STRING}" \ --build-arg VERSION_GITCOMMIT="${VERSION_GITCOMMIT}" \ --build-arg LABEL_DATE="$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \ --build-arg LABEL_VCS_REF="$(git rev-parse HEAD)" \ --build-arg LABEL_VCS_URL="${GIT_URL}" \ --build-arg TIMESTAMP_SETTINGS="$(git log -1 --format="%cd" --date=unix -- searx/settings.yml)" \ --build-arg TIMESTAMP_UWSGI="$(git log -1 --format="%cd" --date=unix -- dockerfiles/uwsgi.ini)" \ - -t "${SEARX_IMAGE_NAME}:latest" -t "${SEARX_IMAGE_NAME}:${VERSION_STRING}" . + -t "${SEARXNG_IMAGE_NAME}:latest" -t "${SEARXNG_IMAGE_NAME}:${VERSION_STRING}" . if [ "$1" = "push" ]; then - docker push "${SEARX_IMAGE_NAME}:latest" - docker push "${SEARX_IMAGE_NAME}:${SEARX_GIT_VERSION}" + docker push "${SEARXNG_IMAGE_NAME}:latest" + docker push "${SEARXNG_IMAGE_NAME}:${SEARXNG_GIT_VERSION}" fi ) dump_return $?