mirror of
https://github.com/searxng/searxng.git
synced 2025-07-10 14:59:18 +02:00
[mod] container: replace uWSGI with Granian (#4820)
Some checks are pending
Documentation / Release (push) Waiting to run
Integration / Python 3.10 (push) Waiting to run
Integration / Python 3.11 (push) Waiting to run
Integration / Python 3.12 (push) Waiting to run
Integration / Python 3.13 (push) Waiting to run
Integration / Python 3.9 (push) Waiting to run
Integration / Theme (push) Waiting to run
Some checks are pending
Documentation / Release (push) Waiting to run
Integration / Python 3.10 (push) Waiting to run
Integration / Python 3.11 (push) Waiting to run
Integration / Python 3.12 (push) Waiting to run
Integration / Python 3.13 (push) Waiting to run
Integration / Python 3.9 (push) Waiting to run
Integration / Theme (push) Waiting to run
* [mod] container: replace uWSGI with Granian The configuration in Granian is handled with ENVs, much more convenient and practical for updating. The settings have been tested for over two months in a production instance, being usable on small to somewhat large instances without having to modify anything. It also removes the patch functions and ENVs abstraction from the entrypoint, this makes it possible to run the container with immutable configuration. In some setups, It may be desired to have the volumes/files under a specific uid/gid (other than searxng:searxng), if the entrypoint has root permissions it will chown automatically on every start, which may not be desired. Explicitly setting the new ENV `FORCE_OWNERSHIP=false` will prevent ownership from being modified. No manual migration is necessary **unless** the user has changed the default uWSGI configuration or has a very specific setup. Closes https://github.com/searxng/searxng/issues/4894 Closes https://github.com/searxng/searxng/issues/4818 Closes https://github.com/searxng/searxng/issues/4802 Supersedes https://github.com/searxng/searxng/pull/4596 Related https://github.com/searxng/searxng/discussions/4479 * [mod] docs: add container/granian All container documentation has been recreated. A new documentation page has been created for Granian. * [enh] misc: apply suggestions Minor documentation changes. Suggested https://github.com/searxng/searxng/pull/4820#discussion_r2134539259 Suggested https://github.com/searxng/searxng/pull/4820#discussion_r2134538610 Suggested https://github.com/searxng/searxng/pull/4820#discussion_r2134827964 Suggested https://github.com/searxng/searxng/pull/4820#discussion_r2134544300 Suggested https://github.com/searxng/searxng/pull/4820#discussion_r2149387388 --------- Signed-off-by: Markus Heiser <markus.heiser@darmarit.de> Co-authored-by: Ivan Gabaldon <igabaldon@inetol.net> Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
6ca8db5e67
commit
01be2612ab
12 changed files with 257 additions and 300 deletions
|
@ -5,7 +5,7 @@ COPY ./requirements.txt ./requirements.txt
|
|||
RUN --mount=type=cache,id=pip,target=/root/.cache/pip python -m venv ./venv \
|
||||
&& . ./venv/bin/activate \
|
||||
&& pip install -r requirements.txt \
|
||||
&& pip install "uwsgi~=2.0"
|
||||
&& pip install "granian~=2.0"
|
||||
|
||||
COPY ./searx/ ./searx/
|
||||
|
||||
|
@ -27,13 +27,9 @@ ARG LABEL_VCS_URL="unspecified"
|
|||
|
||||
COPY --chown=searxng:searxng --from=builder /usr/local/searxng/venv/ ./venv/
|
||||
COPY --chown=searxng:searxng --from=builder /usr/local/searxng/searx/ ./searx/
|
||||
COPY --chown=searxng:searxng ./container/config/ ./.template/
|
||||
COPY --chown=searxng:searxng ./container/template/ ./.template/
|
||||
COPY --chown=searxng:searxng ./container/entrypoint.sh ./entrypoint.sh
|
||||
|
||||
ARG TIMESTAMP_UWSGI="0"
|
||||
|
||||
RUN touch -c --date=@$TIMESTAMP_UWSGI ./.template/uwsgi.ini
|
||||
|
||||
LABEL org.opencontainers.image.authors="searxng <$GIT_URL>" \
|
||||
org.opencontainers.image.created="$LABEL_DATE" \
|
||||
org.opencontainers.image.description="A privacy-respecting, hackable metasearch engine" \
|
||||
|
@ -46,14 +42,18 @@ LABEL org.opencontainers.image.authors="searxng <$GIT_URL>" \
|
|||
org.opencontainers.image.version="$SEARXNG_GIT_VERSION"
|
||||
|
||||
ENV SEARXNG_VERSION="$SEARXNG_GIT_VERSION" \
|
||||
INSTANCE_NAME="SearXNG" \
|
||||
AUTOCOMPLETE="" \
|
||||
BASE_URL="" \
|
||||
BIND_ADDRESS="[::]:8080" \
|
||||
SEARXNG_SETTINGS_PATH="$CONFIG_PATH/settings.yml" \
|
||||
UWSGI_SETTINGS_PATH="$CONFIG_PATH/uwsgi.ini" \
|
||||
UWSGI_WORKERS="%k" \
|
||||
UWSGI_THREADS="4"
|
||||
GRANIAN_PROCESS_NAME="searxng" \
|
||||
GRANIAN_INTERFACE="wsgi" \
|
||||
GRANIAN_HOST="::" \
|
||||
GRANIAN_PORT="8080" \
|
||||
GRANIAN_WEBSOCKETS="false" \
|
||||
GRANIAN_LOOP="uvloop" \
|
||||
GRANIAN_BLOCKING_THREADS="4" \
|
||||
GRANIAN_WORKERS_KILL_TIMEOUT="30" \
|
||||
GRANIAN_BLOCKING_THREADS_IDLE_TIMEOUT="300" \
|
||||
GRANIAN_STATIC_PATH_MOUNT="/usr/local/searxng/searx/static/" \
|
||||
GRANIAN_STATIC_PATH_EXPIRES="3600"
|
||||
|
||||
VOLUME $CONFIG_PATH
|
||||
VOLUME $DATA_PATH
|
||||
|
|
|
@ -8,8 +8,6 @@ contents:
|
|||
- python3-dev
|
||||
- py3-pip
|
||||
- brotli
|
||||
# uwsgi
|
||||
- libffi-dev
|
||||
|
||||
entrypoint:
|
||||
command: /bin/sh -l
|
||||
|
|
|
@ -8,9 +8,6 @@ contents:
|
|||
- python3
|
||||
# healthcheck
|
||||
- wget
|
||||
# uwsgi
|
||||
- libxml2
|
||||
- mailcap
|
||||
|
||||
entrypoint:
|
||||
command: /bin/sh -l
|
||||
|
|
|
@ -1,55 +0,0 @@
|
|||
[uwsgi]
|
||||
# Listening address
|
||||
# default value: [::]:8080 (see Dockerfile)
|
||||
http-socket = $(BIND_ADDRESS)
|
||||
|
||||
# Who will run the code
|
||||
uid = searxng
|
||||
gid = searxng
|
||||
|
||||
# Number of workers (usually CPU count)
|
||||
# default value: %k (= number of CPU core, see Dockerfile)
|
||||
workers = $(UWSGI_WORKERS)
|
||||
|
||||
# Number of threads per worker
|
||||
# default value: 4 (see Dockerfile)
|
||||
threads = $(UWSGI_THREADS)
|
||||
|
||||
# The right granted on the created socket
|
||||
chmod-socket = 666
|
||||
|
||||
# Plugin to use and interpreter config
|
||||
single-interpreter = true
|
||||
master = true
|
||||
lazy-apps = true
|
||||
enable-threads = true
|
||||
|
||||
# Module to import
|
||||
module = searx.webapp
|
||||
|
||||
# Virtualenv and python path
|
||||
pythonpath = /usr/local/searxng/
|
||||
chdir = /usr/local/searxng/searx/
|
||||
|
||||
# automatically set processes name to something meaningful
|
||||
auto-procname = true
|
||||
|
||||
# Disable request logging for privacy
|
||||
disable-logging = true
|
||||
log-5xx = true
|
||||
|
||||
# Set the max size of a request (request-body excluded)
|
||||
buffer-size = 8192
|
||||
|
||||
# No keep alive
|
||||
# See https://github.com/searx/searx-docker/issues/24
|
||||
add-header = Connection: close
|
||||
|
||||
# Follow SIGTERM convention
|
||||
# See https://github.com/searxng/searxng/issues/3427
|
||||
die-on-term
|
||||
|
||||
# uwsgi serves the static files
|
||||
static-map = /static=/usr/local/searxng/searx/static
|
||||
static-gzip-all = True
|
||||
offload-threads = %k
|
|
@ -2,6 +2,7 @@
|
|||
# shellcheck shell=dash
|
||||
set -u
|
||||
|
||||
# Check if it's a valid file
|
||||
check_file() {
|
||||
local target="$1"
|
||||
|
||||
|
@ -16,6 +17,7 @@ EOF
|
|||
fi
|
||||
}
|
||||
|
||||
# Check if it's a valid directory
|
||||
check_directory() {
|
||||
local target="$1"
|
||||
|
||||
|
@ -47,66 +49,30 @@ EOF
|
|||
;;
|
||||
esac
|
||||
|
||||
if [ "$(stat -c %U:%G "$target")" != "searxng:searxng" ]; then
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
target_ownership=$(stat -c %U:%G "$target")
|
||||
|
||||
if [ "$target_ownership" != "searxng:searxng" ]; then
|
||||
if [ "${FORCE_OWNERSHIP:-true}" = true ] && [ "$(id -u)" -eq 0 ]; then
|
||||
chown -R searxng:searxng "$target"
|
||||
else
|
||||
cat <<EOF
|
||||
!!!
|
||||
!!! WARNING
|
||||
!!! "$target" $type is not owned by "searxng"
|
||||
!!! "$target" $type is not owned by "searxng:searxng"
|
||||
!!! This may cause issues when running SearXNG
|
||||
!!!
|
||||
!!! Run the container as root to fix this issue automatically
|
||||
!!! Alternatively, you can chown the $type manually:
|
||||
!!! $ chown -R searxng:searxng "$target"
|
||||
!!! Expected "searxng:searxng"
|
||||
!!! Got "$target_ownership"
|
||||
!!!
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Apply envs to uwsgi.ini
|
||||
setup_uwsgi() {
|
||||
local timestamp
|
||||
|
||||
timestamp=$(stat -c %Y "$UWSGI_SETTINGS_PATH")
|
||||
|
||||
sed -i \
|
||||
-e "s|workers = .*|workers = ${UWSGI_WORKERS:-%k}|g" \
|
||||
-e "s|threads = .*|threads = ${UWSGI_THREADS:-4}|g" \
|
||||
"$UWSGI_SETTINGS_PATH"
|
||||
|
||||
# Restore timestamp
|
||||
touch -c -d "@$timestamp" "$UWSGI_SETTINGS_PATH"
|
||||
}
|
||||
|
||||
# Apply envs to settings.yml
|
||||
setup_searxng() {
|
||||
local timestamp
|
||||
|
||||
timestamp=$(stat -c %Y "$SEARXNG_SETTINGS_PATH")
|
||||
|
||||
# Ensure trailing slash in BASE_URL
|
||||
# https://www.gnu.org/savannah-checkouts/gnu/bash/manual/bash.html#Shell-Parameter-Expansion
|
||||
export BASE_URL="${BASE_URL%/}/"
|
||||
|
||||
sed -i \
|
||||
-e "s|base_url: false|base_url: ${BASE_URL:-false}|g" \
|
||||
-e "s/instance_name: \"SearXNG\"/instance_name: \"${INSTANCE_NAME:-SearXNG}\"/g" \
|
||||
-e "s/autocomplete: \"\"/autocomplete: \"${AUTOCOMPLETE:-}\"/g" \
|
||||
-e "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" \
|
||||
"$SEARXNG_SETTINGS_PATH"
|
||||
|
||||
# Restore timestamp
|
||||
touch -c -d "@$timestamp" "$SEARXNG_SETTINGS_PATH"
|
||||
}
|
||||
|
||||
# Handle volume mounts
|
||||
volume_handler() {
|
||||
local target="$1"
|
||||
|
||||
# Check if it's a valid directory
|
||||
check_directory "$target"
|
||||
setup_ownership "$target" "directory"
|
||||
}
|
||||
|
@ -143,24 +109,22 @@ EOF
|
|||
...
|
||||
EOF
|
||||
cp -pfT "$template" "$target"
|
||||
|
||||
sed -i "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" "$target"
|
||||
fi
|
||||
|
||||
# Check if it's a valid file
|
||||
check_file "$target"
|
||||
}
|
||||
|
||||
echo "SearXNG $SEARXNG_VERSION"
|
||||
cat <<EOF
|
||||
SearXNG $SEARXNG_VERSION
|
||||
EOF
|
||||
|
||||
# Check for volume mounts
|
||||
volume_handler "$CONFIG_PATH"
|
||||
volume_handler "$DATA_PATH"
|
||||
|
||||
# Check for updates in files
|
||||
config_handler "$UWSGI_SETTINGS_PATH" "/usr/local/searxng/.template/uwsgi.ini"
|
||||
# Check for files
|
||||
config_handler "$SEARXNG_SETTINGS_PATH" "/usr/local/searxng/searx/settings.yml"
|
||||
|
||||
# Update files
|
||||
setup_uwsgi
|
||||
setup_searxng
|
||||
|
||||
exec /usr/local/searxng/venv/bin/uwsgi --http-socket "$BIND_ADDRESS" "$UWSGI_SETTINGS_PATH"
|
||||
exec /usr/local/searxng/venv/bin/granian searx.webapp:app
|
||||
|
|
0
container/template/.empty
Normal file
0
container/template/.empty
Normal file
|
@ -10,6 +10,7 @@ Administrator documentation
|
|||
installation-docker
|
||||
installation-scripts
|
||||
installation-searxng
|
||||
installation-granian
|
||||
installation-uwsgi
|
||||
installation-nginx
|
||||
installation-apache
|
||||
|
|
|
@ -1,188 +1,190 @@
|
|||
.. _installation docker:
|
||||
.. _installation container:
|
||||
|
||||
================
|
||||
Docker Container
|
||||
================
|
||||
======================
|
||||
Installation container
|
||||
======================
|
||||
|
||||
.. _ENTRYPOINT: https://docs.docker.com/engine/reference/builder/#entrypoint
|
||||
.. _searxng/searxng @dockerhub: https://hub.docker.com/r/searxng/searxng
|
||||
.. _searxng-docker: https://github.com/searxng/searxng-docker
|
||||
.. _[caddy]: https://hub.docker.com/_/caddy
|
||||
.. _Redis: https://redis.io/
|
||||
|
||||
----
|
||||
.. _Docker 101: https://docs.docker.com/get-started/docker-overview
|
||||
.. _Docker cheat sheet (PDF doc): https://docs.docker.com/get-started/docker_cheatsheet.pdf
|
||||
.. _Podman rootless containers: https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md
|
||||
.. _DockerHub mirror: https://hub.docker.com/r/searxng/searxng
|
||||
.. _GHCR mirror: https://ghcr.io/searxng/searxng
|
||||
.. _Docker compose: https://github.com/searxng/searxng-docker
|
||||
|
||||
.. sidebar:: info
|
||||
|
||||
- `searxng/searxng @dockerhub`_
|
||||
- :origin:`Dockerfile`
|
||||
- `Docker overview <https://docs.docker.com/get-started/overview>`_
|
||||
- `Docker Cheat Sheet <https://docs.docker.com/get-started/docker_cheatsheet.pdf>`_
|
||||
- `Alpine Linux <https://alpinelinux.org>`_
|
||||
`(wiki) <https://en.wikipedia.org/wiki/Alpine_Linux>`__
|
||||
`apt packages <https://pkgs.alpinelinux.org/packages>`_
|
||||
- Alpine's ``/bin/sh`` is :man:`dash`
|
||||
- `Docker 101`_
|
||||
- `Docker cheat sheet (PDF doc)`_
|
||||
- `Podman rootless containers`_
|
||||
|
||||
**If you intend to create a public instance using Docker, use our well maintained
|
||||
docker container**
|
||||
.. important::
|
||||
|
||||
- `searxng/searxng @dockerhub`_.
|
||||
Understanding container architecture basics is essential for properly
|
||||
maintaining your SearXNG instance. This guide assumes familiarity with
|
||||
container concepts and provides deployment steps at a high level.
|
||||
|
||||
.. sidebar:: hint
|
||||
If you're new to containers, we recommend learning the fundamentals at
|
||||
`Docker 101`_ before proceeding.
|
||||
|
||||
The rest of this article is of interest only to those who want to create and
|
||||
maintain their own Docker images.
|
||||
Container images are the basis for deployments in containerized environments,
|
||||
`Docker compose`_, Kubernetes and more.
|
||||
|
||||
The sources are hosted at searxng-docker_ and the container includes:
|
||||
.. _Container installation:
|
||||
|
||||
- a HTTPS reverse proxy `[caddy]`_ and
|
||||
- a Redis_ DB
|
||||
|
||||
The `default SearXNG setup <https://github.com/searxng/searxng-docker/blob/master/searxng/settings.yml>`_
|
||||
of this container:
|
||||
|
||||
- enables :ref:`limiter <limiter>` to protect against bots
|
||||
- enables :ref:`image proxy <image_proxy>` for better privacy
|
||||
- enables :ref:`cache busting <static_use_hash>` to save bandwidth
|
||||
|
||||
----
|
||||
|
||||
|
||||
Get Docker
|
||||
==========
|
||||
|
||||
If you plan to build and maintain a docker image by yourself, make sure you have
|
||||
`Docker installed <https://docs.docker.com/get-docker/>`_. On Linux don't
|
||||
forget to add your user to the docker group (log out and log back in so that
|
||||
your group membership is re-evaluated):
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ sudo usermod -a -G docker $USER
|
||||
|
||||
|
||||
searxng/searxng
|
||||
===============
|
||||
|
||||
.. sidebar:: ``docker run``
|
||||
|
||||
- `-\-rm <https://docs.docker.com/engine/reference/run/#clean-up---rm>`__
|
||||
automatically clean up when container exits
|
||||
- `-d <https://docs.docker.com/engine/reference/run/#detached--d>`__ start
|
||||
detached container
|
||||
- `-v <https://docs.docker.com/engine/reference/run/#volume-shared-filesystems>`__
|
||||
mount volume ``HOST:CONTAINER``
|
||||
|
||||
The docker image is based on :origin:`Dockerfile` and available from
|
||||
`searxng/searxng @dockerhub`_. Using the docker image is quite easy, for
|
||||
instance you can pull the `searxng/searxng @dockerhub`_ image and deploy a local
|
||||
instance using `docker run <https://docs.docker.com/engine/reference/run/>`_:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ mkdir my-instance
|
||||
$ cd my-instance
|
||||
$ export PORT=8080
|
||||
$ docker pull searxng/searxng
|
||||
$ docker run --rm \
|
||||
-d -p ${PORT}:8080 \
|
||||
-v "${PWD}/searxng:/etc/searxng" \
|
||||
-e "BASE_URL=http://localhost:$PORT/" \
|
||||
-e "INSTANCE_NAME=my-instance" \
|
||||
searxng/searxng
|
||||
2f998.... # container's ID
|
||||
|
||||
The environment variables UWSGI_WORKERS and UWSGI_THREADS overwrite the default
|
||||
number of UWSGI processes and UWSGI threads specified in `/etc/searxng/uwsgi.ini`.
|
||||
|
||||
Open your WEB browser and visit the URL:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ xdg-open "http://localhost:$PORT"
|
||||
|
||||
Inside ``${PWD}/searxng``, you will find ``settings.yml`` and ``uwsgi.ini``. You
|
||||
can modify these files according to your needs and restart the Docker image.
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker container restart 2f998
|
||||
|
||||
Use command ``container ls`` to list running containers, add flag `-a
|
||||
<https://docs.docker.com/engine/reference/commandline/container_ls>`__ to list
|
||||
exited containers also. With ``container stop`` a running container can be
|
||||
stopped. To get rid of a container use ``container rm``:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker container ls
|
||||
CONTAINER ID IMAGE COMMAND CREATED ...
|
||||
2f998d725993 searxng/searxng "/sbin/tini -- /usr/…" 7 minutes ago ...
|
||||
|
||||
$ docker container stop 2f998
|
||||
$ docker container rm 2f998
|
||||
|
||||
.. sidebar:: Warning
|
||||
|
||||
This might remove all docker items, not only those from SearXNG.
|
||||
|
||||
If you won't use docker anymore and want to get rid of all containers & images
|
||||
use the following *prune* command:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker stop $(docker ps -aq) # stop all containers
|
||||
$ docker system prune # make some housekeeping
|
||||
$ docker rmi -f $(docker images -q) # drop all images
|
||||
|
||||
|
||||
shell inside container
|
||||
----------------------
|
||||
|
||||
.. sidebar:: Bashism
|
||||
|
||||
- `A tale of two shells: bash or dash <https://lwn.net/Articles/343924/>`_
|
||||
- `How to make bash scripts work in dash <http://mywiki.wooledge.org/Bashism>`_
|
||||
- `Checking for Bashisms <https://dev.to/bowmanjd/writing-bash-scripts-that-are-not-only-bash-checking-for-bashisms-and-testing-with-dash-1bli>`_
|
||||
|
||||
To open a shell inside the container:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker exec -it 2f998 sh
|
||||
|
||||
|
||||
Build the image
|
||||
===============
|
||||
|
||||
It's also possible to build SearXNG from the embedded :origin:`Dockerfile`::
|
||||
|
||||
$ git clone https://github.com/searxng/searxng.git
|
||||
$ cd searxng
|
||||
$ make docker.build
|
||||
...
|
||||
Successfully built 49586c016434
|
||||
Successfully tagged searxng/searxng:latest
|
||||
Successfully tagged searxng/searxng:1.0.0-209-9c823800-dirty
|
||||
|
||||
$ docker images
|
||||
REPOSITORY TAG IMAGE ID CREATED SIZE
|
||||
searxng/searxng 1.0.0-209-9c823800-dirty 49586c016434 13 minutes ago 308MB
|
||||
searxng/searxng latest 49586c016434 13 minutes ago 308MB
|
||||
alpine 3.13 6dbb9cc54074 3 weeks ago 5.61MB
|
||||
|
||||
|
||||
Command line
|
||||
Installation
|
||||
============
|
||||
|
||||
.. sidebar:: docker run
|
||||
.. _Container prerequisites:
|
||||
|
||||
Use flags ``-it`` for `interactive processes
|
||||
<https://docs.docker.com/engine/reference/run/#foreground>`__.
|
||||
Prerequisites
|
||||
-------------
|
||||
|
||||
In the :origin:`Dockerfile` the ENTRYPOINT_ is defined as
|
||||
:origin:`container/entrypoint.sh`
|
||||
You need a working Docker or Podman installation on your system. Choose the
|
||||
option that works best for your environment:
|
||||
|
||||
- `Docker <https://docs.docker.com/get-docker/>`_ (recommended for most users)
|
||||
- `Podman <https://podman.io/docs/installation>`_
|
||||
|
||||
In the case of Docker, you need to add the user running the container to the
|
||||
``docker`` group and restart the session:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
docker run --rm -it searxng/searxng -h
|
||||
$ sudo usermod -aG docker $USER
|
||||
|
||||
In the case of Podman, no additional steps are generally required, but there
|
||||
are some considerations when running `Podman rootless containers`_.
|
||||
|
||||
.. _Container pulling images:
|
||||
|
||||
Pulling images
|
||||
--------------
|
||||
|
||||
.. note::
|
||||
|
||||
DockerHub now applies rate limits to unauthenticated image pulls. If you
|
||||
are affected by this, you can use the `GHCR mirror`_ instead.
|
||||
|
||||
The official images are mirrored at:
|
||||
|
||||
- `DockerHub mirror`_
|
||||
- `GHCR mirror`_ (GitHub Container Registry)
|
||||
|
||||
Pull the latest image:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker pull docker.io/searxng/searxng:latest
|
||||
|
||||
\.\. or if you want to lock in to a specific version:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker pull docker.io/searxng/searxng:2025.6.3-b73ac81
|
||||
|
||||
.. _Container instancing:
|
||||
|
||||
Instancing
|
||||
==========
|
||||
|
||||
This section is intended for advanced users who need custom deployments. We
|
||||
recommend using `Docker compose`_, which provides a preconfigured environment
|
||||
with sensible defaults.
|
||||
|
||||
Basic container instancing example:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
# Create directories for configuration and persistent data
|
||||
$ mkdir -p ./searxng/config/ ./searxng/data/
|
||||
$ cd ./searxng/
|
||||
|
||||
# Run the container
|
||||
$ docker run --name searxng --replace -d \
|
||||
-p 8888:8080 \
|
||||
-v "./config/:/etc/searxng/" \
|
||||
-v "./data/:/var/cache/searxng/" \
|
||||
docker.io/searxng/searxng:latest
|
||||
|
||||
This will start SearXNG in the background, accessible at http://localhost:8888
|
||||
|
||||
.. _Container management:
|
||||
|
||||
Management
|
||||
----------
|
||||
|
||||
List running containers:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker container list
|
||||
CONTAINER ID IMAGE ... CREATED PORTS NAMES
|
||||
37f6487c8703 ... ... 3 minutes ago 0.0.0.0:8888->8080/tcp searxng
|
||||
|
||||
Access the container shell (troubleshooting):
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker container exec -it --user root searxng /bin/sh -l
|
||||
37f6487c8703:/usr/local/searxng#
|
||||
|
||||
Stop and remove the container:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ docker container stop searxng
|
||||
$ docker container rm searxng
|
||||
|
||||
.. _Container volumes:
|
||||
|
||||
Volumes
|
||||
=======
|
||||
|
||||
Two volumes are exposed that should be mounted to preserve its contents:
|
||||
|
||||
- ``/etc/searxng``: Configuration files (settings.yml, etc.)
|
||||
- ``/var/cache/searxng``: Persistent data (faviconcache.db, etc.)
|
||||
|
||||
.. _Container environment variables:
|
||||
|
||||
Environment variables
|
||||
=====================
|
||||
|
||||
The following environment variables can be configured:
|
||||
|
||||
- ``$SEARXNG_*``: Controls the SearXNG configuration options, look out for
|
||||
environment ``$SEARXNG_*`` in :ref:`settings server` and :ref:`settings
|
||||
general`.
|
||||
- ``$GRANIAN_*``: Controls the :ref:`Granian server options <Granian configuration>`.
|
||||
- ``$FORCE_OWNERSHIP``: Ensures mounted volumes/files are owned by the
|
||||
``searxng:searxng`` user (default: ``true``)
|
||||
|
||||
Container internal paths (don't modify unless you know what you're doing):
|
||||
|
||||
- ``$CONFIG_PATH``: Path to the SearXNG configuration directory (default: ``/etc/searxng``)
|
||||
- ``$SEARXNG_SETTINGS_PATH``: Path to the SearXNG settings file (default: ``$CONFIG_PATH/settings.yml``)
|
||||
- ``$DATA_PATH``: Path to the SearXNG data directory (default: ``/var/cache/searxng``)
|
||||
|
||||
.. _Container custom images:
|
||||
|
||||
Custom images
|
||||
=============
|
||||
|
||||
To build your own SearXNG container image from source (please note, custom
|
||||
container images are not officially supported):
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ git clone https://github.com/searxng/searxng.git
|
||||
$ cd ./searxng/
|
||||
|
||||
# Run the container build script
|
||||
$ make container
|
||||
|
||||
$ docker images
|
||||
REPOSITORY TAG IMAGE ID CREATED SIZE
|
||||
localhost/searxng/searxng latest b14e256bfc36 14 seconds ago 201 MB
|
||||
localhost/searxng/searxng 2025.5.1-b653119ab-dirty b14e256bfc36 14 seconds ago 201 MB
|
||||
localhost/searxng/searxng builder 7f334c752b41 20 seconds ago 765 MB
|
||||
ghcr.io/searxng/base searxng-builder 7d6b8a1bed4a 20 hours ago 625 MB
|
||||
ghcr.io/searxng/base searxng 29baf9ef13ef 20 hours ago 62.5 MB
|
||||
|
|
52
docs/admin/installation-granian.rst
Normal file
52
docs/admin/installation-granian.rst
Normal file
|
@ -0,0 +1,52 @@
|
|||
.. _searxng granian:
|
||||
|
||||
=======
|
||||
Granian
|
||||
=======
|
||||
|
||||
.. _Options: https://github.com/emmett-framework/granian/blob/master/README.md#options
|
||||
.. _Workers and threads: https://github.com/emmett-framework/granian/blob/master/README.md#workers-and-threads
|
||||
.. _Backpressure: https://github.com/emmett-framework/granian/blob/master/README.md#backpressure
|
||||
.. _Runtime mode: https://github.com/emmett-framework/granian/blob/master/README.md#runtime-mode
|
||||
|
||||
.. sidebar:: further reading
|
||||
|
||||
- `Options`_
|
||||
- `Workers and threads`_
|
||||
- `Backpressure`_
|
||||
- `Runtime mode`_
|
||||
|
||||
.. note::
|
||||
|
||||
Granian will be the future replacement for :ref:`searxng uwsgi` in SearXNG.
|
||||
At the moment, it's only officially supported in the :ref:`installation
|
||||
container`.
|
||||
|
||||
.. _Granian installation:
|
||||
|
||||
Installation
|
||||
============
|
||||
|
||||
We only recommend installing Granian with pip, as officially documented. Run
|
||||
the following command in the Python environment of the SearXNG installation:
|
||||
|
||||
.. code:: sh
|
||||
|
||||
$ pip install granian
|
||||
|
||||
.. _Granian configuration:
|
||||
|
||||
Configuration
|
||||
=============
|
||||
|
||||
.. note::
|
||||
|
||||
It's not advised to modify the amount of workers, expect increased resource
|
||||
usage and potential issues with :ref:`botdetection`.
|
||||
|
||||
Granian can be configured via option parameters and environment variables
|
||||
(``$GRANIAN_*``).
|
||||
|
||||
We provide sane defaults that should fit most use cases, however if you feel
|
||||
you should change something, Granian documents all available parameters in the
|
||||
`Options`_ section.
|
|
@ -55,8 +55,7 @@ When all services are installed and running fine, you can add SearXNG to your
|
|||
HTTP server. We do not have any preferences regarding the HTTP server, you can use
|
||||
whatever you prefer.
|
||||
|
||||
We use caddy in our :ref:`docker image <installation docker>` and we have
|
||||
implemented installation procedures for:
|
||||
We implemented installation procedures for:
|
||||
|
||||
- :ref:`installation nginx`
|
||||
- :ref:`installation apache`
|
||||
|
|
|
@ -6,13 +6,13 @@ Installation
|
|||
|
||||
*You're spoilt for choice*, choose your preferred method of installation.
|
||||
|
||||
- :ref:`installation docker`
|
||||
- :ref:`installation container`
|
||||
- :ref:`installation scripts`
|
||||
- :ref:`installation basic`
|
||||
|
||||
The :ref:`installation basic` is an excellent illustration of *how a SearXNG
|
||||
instance is build up* (see :ref:`architecture uWSGI`). If you do not have any
|
||||
special preferences, it's recommended to use the :ref:`installation docker` or the
|
||||
special preferences, it's recommended to use the :ref:`installation container` or the
|
||||
:ref:`installation scripts`.
|
||||
|
||||
.. attention::
|
||||
|
|
|
@ -122,7 +122,6 @@ container.build() {
|
|||
# shellcheck disable=SC2086
|
||||
"$container_engine" $params_build \
|
||||
--build-arg="TIMESTAMP_SETTINGS=$(git log -1 --format="%cd" --date=unix -- ./searx/settings.yml)" \
|
||||
--build-arg="TIMESTAMP_UWSGI=$(git log -1 --format="%cd" --date=unix -- ./container/config/uwsgi.ini)" \
|
||||
--build-arg="GIT_URL=$GIT_URL" \
|
||||
--build-arg="SEARXNG_GIT_VERSION=$VERSION_STRING" \
|
||||
--build-arg="LABEL_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ)" \
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue