User Tools

This is an old revision of the document!

SearXNG

SearXNG is a search engine aggregator that let's you search the web with maximum privacy because it will use the other search engines, but without having them pinpoint to you in any way. And by self-hosting it, you get the maximum possible privacy.

Installation

There are multiple installation approaches possible. You can either go with containers or bare-metal. While i usually recommend bare-metal, this time going the podman way is actually preferable because the bare-metal approach requires running a root install script, which is not a good idea, or read it and decompose enough to run the single commands by hand, which would be annoying and not too much fun since the install script is complex and not well written.

So, as usual create the user, then clone the repository and copy the docker-compose.yaml: 

useradd -d /deposito/daemons/searxng -m searxng
su - searxng
git clone https://github.com/searxng/searxng-docker.git
 cp searxng-docker/docker-compose.yaml .

Now you don't want Caddy because you already have NGINX as reverse proxy, so edit the docker compose file like the following example:

docker-compose.yml
version: "3.7"
services:
  searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    networks:
      - searxng-net
    ports:
      - "127.0.0.1:8083:8080"
    volumes:
      - ./searxng:/etc/searxng:rw
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"

networks:
  searxng_net:
    ipam:
      driver: default

volumes:
  caddy-data:
  caddy-config:
  redis-data:

Remember to set an available port (8083)!

Now pull it: 

podman compose pull

Reverse Proxy

You can run SearXNG both as a subdomain or a subpath. I prefer the first one because it make it easier to integrate as Firefox default search engine.

I assume the SearXNG will be reachable as https;search.mydomain.com. Following this page create a NGINX config file called /etc/nginx/com.mydomain/search/search.conf like this: <file - search.conf> server { server_name search.mydomain.com; listen 443 ssl; listen 8443 ssl; http2 on; access_log /var/log/nginx/search.mydomain.com_access_log main; error_log /var/log/nginx/search.mydomain.com_error_log info; location / { proxy_pass http://127.0.0.1:8083/; proxy_set_header Host $host; proxy_set_header Connection $http_connection; # see flaskfix.py proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /searxng/; # see limiter.py proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_buffering off; # proxy_request_buffering off; # proxy_buffer_size 8k; access_log /dev/null; error_log /dev/null; } } </file> and add it to your NGINX configuration. See The Reverse Proxy concept for more details. I have not been able to properly integrate SSO authentication, so i decided to disable it for the time being. It's only a search engine page after all, no personal data or access to personal services involved. Using PAM Auth it can work, but Firefox will constantly show an annoying popup telling you that your search engine is going to use your login. Using Authelia SSO instead, has two main drawbacks: it cannot be added to Firefox unless you temporarily disable Authelia, and subsequently will bug you with a login page every few times you search something. ===== Add to firefox ===== Navigate your firefox to https://search.mydomain.com, then right-click on address bar and select the last icon: add SearXNG as search engine. If the option is missing, you have a different version of Firefox, check online how to do such a thing. ===== Autostart ===== To start it, and set it up on boot, as usual follow my indications Using Containers on Gentoo, so link the user-containers** init script: <code> ln -s /etc/init.d/user-containers /etc/init.d/user-containers.searxng </code> and create the following config file: <file - /etc/conf.d/user-containers.searxng> USER=searxng DESCRIPTION=“The search engine” </file> Add the service to the default runlevel and start it now: <code bash> rc-update add user-containers.searxng default rc-service user-containers.searxng start </code>

Last modified:

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information