blob: dc25f68528bb9964bb4bc17ce2ec486ccba0c49a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
---
title: "SearXNG"
date: 2022-05-16
icon: 'searxng.svg'
tags: ['service']
short_desc: 'Polls dozens of search engines to give you private and complete search results.'
---
SearXNG is a free internet metasearch engine which aggregates results
from more than 70 search services. This guide sets up a working instance
that can be accessed using a domain over HTTPS. Features include:
- Self-hosted
- No user tracking
- No user profiling
- About 70 supported search engines
- Easy integration with any search engine
- Cookies are not used by default
- Secure, encrypted connections (HTTPS/SSL)
## Installation
Install the required packages.
```sh
apt install git nginx nginx-extras -y
```
Open http and https ports.
```sh
iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
netfilter-persistent save
ufw allow 80
ufw allow 443
```
First we will create a user for SearX.
```
useradd -mr -d "/usr/local/searxng" -c 'Privacy-respecting metasearch engine' -s /bin/bash searxng
```
Although the auto-install script below we create this user itself, we can go ahead and make it to give the cloned repository the correct permissions.
Now we clone the SearXNG Repository into the `searx` user's home.
```sh
git clone https://github.com/searxng/searxng /usr/local/searxng/searxng-src
cd /usr/local/searxng/searxng-src
```
Installing SearXNG.
```sh
./utils/searxng.sh install all
```
## Configure Nginx
Create a new file `/etc/nginx/sites-available/searxng.conf` and add the
following:
```nginx
server {
# Listens on http
listen 80;
listen [::]:80;
# Your server name
server_name searx.{{<hl>}}example.org{{</hl>}} ;
# If you want to log user activity, comment these
access_log /dev/null;
error_log /dev/null;
# X-Frame-Options (XFO) header set to DENY
add_header X-Frame-Options "DENY";
# HTTP Strict Transport Security (HSTS) header
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# Content Security Policy (CSP)
add_header Content-Security-Policy "default-src 'self';";
location / {
uwsgi_pass unix:///usr/local/searxng/run/socket;
include uwsgi_params;
uwsgi_param HTTP_HOST $host;
uwsgi_param HTTP_CONNECTION $http_connection;
# see flaskfix.py
uwsgi_param HTTP_X_SCHEME $scheme;
uwsgi_param HTTP_X_SCRIPT_NAME /searxng;
# see limiter.py
uwsgi_param HTTP_X_REAL_IP $remote_addr;
uwsgi_param HTTP_X_FORWARDED_FOR $proxy_add_x_forwarded_for;
}
}
```
Now create a symbolic link to enable this site.
```sh
ln -s /etc/nginx/sites-available/searxng.conf /etc/nginx/sites-enabled/searxng.conf
```
Restart Nginx and SearXNG.
```sh
systemctl restart nginx
service uwsgi restart searxng
```
## Configure HTTPS with Certbot
Install certbot.
```sh
apt install python3-certbot-nginx
```
Install a Let\'s Encrypt SSL certificate to Nginx and optionally let it
configure HTTPS for you. [Detailed instructions and additional information](/basic/certbot).
```sh
certbot --nginx
```
SearXNG should now be available from your domain.
## Configuration
You can change settings by editing `/etc/searxng/settings.yml`.
## Contribution
Author: goshawk22 -- [website](https://goshawk22.uk)
|
