11 KiB
Apache
This section explains how to set up a SearXNG instance using the HTTP server Apache. If you did use the installation scripts and do not have any special preferences you can install the SearXNG site <apache searxng site> using searxng.sh <searxng.sh overview>:
$ sudo -H ./utils/searxng.sh install apacheIf you have special interests or problems with setting up Apache, the following section might give you some guidance.
The Apache HTTP server
If Apache is not installed, install it now. If apache is new to you, the Getting Started, Configuration Files and Terms Used to Describe Directives documentation gives first orientation. There is also a list of Apache directives to keep in the pocket.
Ubuntu / debian
sudo -H apt-get install apache2Arch Linux
sudo -H pacman -S apache
sudo -H systemctl enable httpd
sudo -H systemctl start httpFedora / RHEL
sudo -H dnf install httpd
sudo -H systemctl enable httpd
sudo -H systemctl start httpdNow at http://localhost you should see some kind of Welcome or Test page. How this default site is configured, depends on the linux distribution (compare Apache directives).
Ubuntu / debian
less /etc/apache2/sites-enabled/000-default.confIn this file, there is a line setting the DocumentRoot directive:
DocumentRoot /var/www/htmlAnd the welcome page is the HTML file at /var/www/html/index.html.
Arch Linux
less /etc/httpd/conf/httpd.confIn this file, there is a line setting the DocumentRoot directive:
DocumentRoot "/srv/http"
<Directory "/srv/http">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>The welcome page of Arch Linux is a page showing the directory located at DocumentRoot. This directory page is generated by the Module mod_autoindex:
LoadModule autoindex_module modules/mod_autoindex.so
...
Include conf/extra/httpd-autoindex.confFedora / RHEL
less /etc/httpd/conf/httpd.confIn this file, there is a line setting the DocumentRoot directive:
DocumentRoot "/var/www/html"
...
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>On fresh installations, the /var/www is empty and the default welcome page is shown, the configuration is located at:
less /etc/httpd/conf.d/welcome.confDebian's Apache layout
Be aware, Debian's Apache layout is quite different from the standard Apache configuration. For details look at the apache2.README.Debian (/usr/share/doc/apache2/README.Debian.gz). Some commands you should know on Debian:
apache2ctl: Apache HTTP server control interfacea2enmod,a2dismod: switch on/off modulesa2enconf,a2disconf: switch on/off configurationsa2ensite,a2dissite: switch on/off sites
Apache modules
To load additional modules, in most distributions you have to uncomment the lines with the corresponding LoadModule directive, except in Debian's
Apache layout.
Ubuntu / debian
Debian's Apache layout uses a2enmod and a2dismod to activate or disable modules:
sudo -H a2enmod ssl
sudo -H a2enmod headers
sudo -H a2enmod proxy
sudo -H a2enmod proxy_http
sudo -H a2enmod proxy_uwsgiArch Linux
In the /etc/httpd/conf/httpd.conf file, activate LoadModule directives:
LoadModule ssl_module modules/mod_ssl.so
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.soFedora / RHEL
In the /etc/httpd/conf/httpd.conf file, activate LoadModule directives:
LoadModule ssl_module modules/mod_ssl.so
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.soApache sites
Ubuntu / debian
In Debian's Apache layout you create a searxng.conf with the <Location /searxng > directive and save this file in the sites available folder at /etc/apache2/sites-available. To enable the searxng.conf use a2ensite:
sudo -H a2ensite searxng.confArch Linux
In the /etc/httpd/conf/httpd.conf file add a IncludeOptional directive:
IncludeOptional sites-enabled/*.confCreate two folders, one for the available sites and one for the enabled sites:
mkdir -p /etc/httpd/sites-available
mkdir -p /etc/httpd/sites-enabledCreate configuration at /etc/httpd/sites-available and place a symlink to sites-enabled:
sudo -H ln -s /etc/httpd/sites-available/searxng.conf \
/etc/httpd/sites-enabled/searxng.confFedora / RHEL
In the /etc/httpd/conf/httpd.conf file add a IncludeOptional directive:
IncludeOptional sites-enabled/*.confCreate two folders, one for the available sites and one for the enabled sites:
mkdir -p /etc/httpd/sites-available
mkdir -p /etc/httpd/sites-enabledCreate configuration at /etc/httpd/sites-available and place a symlink to sites-enabled:
sudo -H ln -s /etc/httpd/sites-available/searxng.conf \
/etc/httpd/sites-enabled/searxng.confApache's SearXNG site
uWSGI
Use mod_proxy_uwsgi / don't use the old mod_uwsgi anymore.
To proxy the incoming requests to the SearXNG instance Apache needs the mod_proxy module (apache modules).
HTTP headers
With ProxyPreserveHost the incoming Host header is passed to the proxied host.
Depending on what your SearXNG installation is listening on, you need a http mod_proxy_http) or socket (mod_proxy_uwsgi) communication to upstream.
The installation scripts installs the reference setup
<use_default_settings.yml> and a uwsgi setup that listens on a socket by default. You can install and activate your own searxng.conf like shown in apache sites.
socket
$DOCS_BUILD/includes/searxng.rst
http
$DOCS_BUILD/includes/searxng.rst
Restart service:
Ubuntu / debian
sudo -H systemctl restart apache2
sudo -H service uwsgi restart searxngArch Linux
sudo -H systemctl restart httpd
sudo -H systemctl restart uwsgi@searxngFedora / RHEL
sudo -H systemctl restart httpd
sudo -H touch /etc/uwsgi.d/searxng.inidisable logs
For better privacy you can disable Apache logs. In the examples above activate one of the lines and restart apache:
SetEnvIf Request_URI "/searxng" dontlog
# CustomLog /dev/null combined env=dontlogThe CustomLog directive disables logs for the entire (virtual) server, use it when the URL of the service does not have a path component (/searxng), so when SearXNG is located at root (/).