====== SearXNG ======
[[https://github.com/searxng/searxng|SearXNG]] is a search engine aggregator that let's you search the web with maximum privacy because it will use the other search engines, but without having them pinpoint to you in any way. And by self-hosting it, you get the maximum possible privacy.
===== Installation =====
There are multiple installation approaches possible. You can either go with containers or bare-metal. While i usually recommend bare-metal, this time going the podman way is actually preferable because the bare-metal approach requires running a root install script, which is **not** a good idea, or read it and decompose enough to run the single commands by hand, which would be annoying and not too much fun since the install script is complex and not well written.
So, as usual create the user, then clone the repository and copy the **docker-compose.yaml**:
useradd -d /data/daemons/searxng -m searxng
su - searxng
git clone https://github.com/searxng/searxng-docker.git
cp searxng-docker/docker-compose.yaml .
Now you don't want Caddy because you already have NGINX as reverse proxy, so edit the docker compose file like the following example:
version: "3.7"
services:
searxng:
container_name: searxng
image: docker.io/searxng/searxng:latest
networks:
- searxng-net
ports:
- "127.0.0.1:8083:8080"
volumes:
- ./searxng:/etc/searxng:rw
environment:
- SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
cap_drop:
- ALL
cap_add:
- CHOWN
- SETGID
- SETUID
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
networks:
searxng-net:
ipam:
driver: default
volumes:
caddy-data:
caddy-config:
redis-data:
Remember to set an available port (8083)!
Now pull it:
podman compose pull
===== Reverse Proxy =====
You can run SearXNG both as a subdomain or a subpath. I prefer the first one because it make it easier to integrate as Firefox default search engine.
I assume the SearXNG will be reachable as **https://search.mydomain.com**.
Following [[https://docs.searxng.org/admin/installation-nginx.html#installation-nginx|this page]] create a NGINX config file called **/etc/nginx/com.mydomain/search/search.conf** like this:
server {
server_name search.mydomain.com;
listen 443 ssl;
listen 8443 ssl;
http2 on;
access_log /var/log/nginx/search.mydomain.com_access_log main;
error_log /var/log/nginx/search.mydomain.com_error_log info;
location / {
proxy_pass http://127.0.0.1:8083/;
proxy_set_header Host $host;
proxy_set_header Connection $http_connection;
# see flaskfix.py
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Script-Name /searxng/;
# see limiter.py
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log /dev/null;
error_log /dev/null;
}
}
and add it to your NGINX configuration. See [[selfhost:nginx|The Reverse Proxy concept]] for more details.
SSO can be added using the **basic** endpoint in Authelia or NGINX PAM Auth.
===== Add to firefox =====
Navigate your firefox to **https://search.mydomain.com**, then right-click on address bar and select the last icon: add SearXNG as search engine. If the option is missing, you have a different version of Firefox, check online how to do such a thing.
===== Autostart =====
To start it, and set it up on boot, as usual follow my indications [[gentoo:containers|Using Containers on Gentoo]], so link the **user-containers** init script:
ln -s /etc/init.d/user-containers /etc/init.d/user-containers.searxng
and create the following config file:
USER=searxng
DESCRIPTION="The search engine"
Add the service to the default runlevel and start it now:
rc-update add user-containers.searxng default
rc-service user-containers.searxng start