First Commit

5 files changed, 167 insertions, 0 deletions

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b975137
--- /dev/null
+++ b/README.md
@@ -0,0 +1,2 @@
+# Self Hosting Services
+Some setup scripts for my self-hosted services on a debian server.
diff --git a/searx/README.md b/searx/README.md
new file mode 100644
index 0000000..31baa1d
--- /dev/null
+++ b/searx/README.md
@@ -0,0 +1,9 @@
+# SearX
+Self hosted SearX instance with default configurations
+
+To install just run the script using:
+
+`bash deploy`
+
+## About
+All the configurations are implemented on local area network, to host searx as just as local host, remove your ip from `nginx/sites-available/searx` under server\_name
diff --git a/searx/deploy b/searx/deploy
new file mode 100755
index 0000000..d6d630f
--- /dev/null
+++ b/searx/deploy
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Installing dependencies
+sudo apt install -y python3-dev python3-babel python3-venv uwsgi uwsgi-plugin-python3 git build-essential libxslt-dev zlib1g-dev libffi-dev libssl-dev shellcheck nginx
+
+# SearX
+## Creating and setting up user
+sudo -H useradd --shell /bin/bash --system \
+    --home-dir "/usr/local/searx" \
+    --comment 'Privacy-respecting metasearch engine' searx
+
+sudo -H mkdir "/usr/local/searx"
+sudo -H chown -R "searx:searx" "/usr/local/searx"
+
+## Installing searx
+sudo -H -u searx git clone "https://github.com/searx/searx.git" "/usr/local/searx/searx-src"
+sudo -H -u searx python3 -m venv "/usr/local/searx/searx-pyenv"
+echo "export SEARX_SETTINGS_PATH=\"/etc/searx/settings.yml\"" | sudo -H -u searx tee -a "/usr/local/searx/.profile" > /dev/null
+echo ". /usr/local/searx/searx-pyenv/bin/activate" | sudo -H -u searx tee -a "/usr/local/searx/.profile" > /dev/null
+sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -U pip setuptools wheel pyyaml
+sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -e "/usr/local/searx/searx-src"
+
+## Configurating SearX
+sudo -H mkdir -p "/etc/searx"
+sudo -H cp "/usr/local/searx/searx-src/utils/templates/etc/searx/use_default_settings.yml" "/etc/searx/settings.yml"
+
+sudo -H sed -i -e "s/ultrasecretkey/$(openssl rand -hex 16)/g" "/etc/searx/settings.yml"
+
+# uwsgi
+sudo -H cp -rf uwsgi/ /etc/
+sudo -H ln -s /etc/uwsgi/apps-available/searx.ini /etc/uwsgi/apps-enabled/
+sudo -H mkdir -p /run/uwsgi/app/searx/
+sudo -H chown -R searx:searx /run/uwsgi/app/searx/
+
+# Nginx
+sudo -H cp -rf nginx/ /etc/
+sudo -H sed -i -e "s:YOURIP:$(hostname -I | cut -d" " -f1):g" /etc/nginx/sites-available/searx
+sudo -H ln -s /etc/nginx/sites-available/searx /etc/nginx/sites-enabled/searx
+sudo -H rm -rf /etc/nginx/sites-enabled/default
+
+# SSL
+sudo -H mkdir -p /usr/local/searx/searx-src/certs
+openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config <( printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
+sudo mv localhost.* /usr/local/searx/searx-src/certs
+
+# Restarting services
+sudo -H systemctl restart nginx
+sudo -H systemctl enable nginx
+sudo -H service uwsgi restart searx
diff --git a/searx/nginx/sites-available/searx b/searx/nginx/sites-available/searx
new file mode 100644
index 0000000..4f96937
--- /dev/null
+++ b/searx/nginx/sites-available/searx
@@ -0,0 +1,20 @@
+# Default server configuration
+#
+server {
+    server_name YOURIP hostname.local;
+
+    listen 443;
+    listen [::]:443;
+
+    ssl on;
+    ssl_certificate /usr/local/searx/searx-src/certs/localhost.crt;
+    ssl_certificate_key /usr/local/searx/searx-src/certs/localhost.key;
+
+    location / {
+        include uwsgi_params;
+        uwsgi_pass unix:/run/uwsgi/app/searx/socket;
+    }
+
+    root /usr/local/searx/searx-src/searx;
+    location /static { }
+}
diff --git a/searx/uwsgi/apps-available/searx.ini b/searx/uwsgi/apps-available/searx.ini
new file mode 100644
index 0000000..430a455
--- /dev/null
+++ b/searx/uwsgi/apps-available/searx.ini
@@ -0,0 +1,87 @@
+[uwsgi]
+
+# uWSGI core
+# ----------
+#
+# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#uwsgi-core
+
+# Who will run the code
+uid = searx
+gid = searx
+
+# set (python) default encoding UTF-8
+env = LANG=C.UTF-8
+env = LANGUAGE=C.UTF-8
+env = LC_ALL=C.UTF-8
+
+# chdir to specified directory before apps loading
+chdir = /usr/local/searx/searx-src/searx
+
+# searx configuration (settings.yml)
+env = SEARX_SETTINGS_PATH=/etc/searx/settings.yml
+
+# disable logging for privacy
+disable-logging = true
+
+# The right granted on the created socket
+chmod-socket = 666
+
+# Plugin to use and interpretor config
+single-interpreter = true
+
+# enable master process
+master = true
+
+# load apps in each worker instead of the master
+lazy-apps = true
+
+# load uWSGI plugins
+plugin = python3,http
+
+# By default the Python plugin does not initialize the GIL.  This means your
+# app-generated threads will not run.  If you need threads, remember to enable
+# them with enable-threads.  Running uWSGI in multithreading mode (with the
+# threads options) will automatically enable threading support. This *strange*
+# default behaviour is for performance reasons.
+enable-threads = true
+
+
+# plugin: python
+# --------------
+#
+# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#plugin-python
+
+# load a WSGI module
+module = searx.webapp
+
+# set PYTHONHOME/virtualenv
+virtualenv = /usr/local/searx/searx-pyenv
+
+# add directory (or glob) to pythonpath
+pythonpath = /usr/local/searx/searx-src
+
+
+# speak to upstream
+# -----------------
+#
+# Activate the 'http' configuration for filtron or activate the 'socket'
+# configuration if you setup your HTTP server to use uWSGI protocol via sockets.
+
+# using IP:
+#
+# https://uwsgi-docs.readthedocs.io/en/latest/Options.html#plugin-http
+# Native HTTP support: https://uwsgi-docs.readthedocs.io/en/latest/HTTP.html
+
+# http = 127.0.0.1:8888
+
+# using unix-sockets:
+#
+# On some distributions you need to create the app folder for the sockets::
+#
+#   mkdir -p /run/uwsgi/app/searx
+#   chown -R searx:searx  /run/uwsgi/app/searx
+#
+socket = /run/uwsgi/app/searx/socket
+
+# Cache
+cache2 = name=searxcache,items=2000,blocks=2000,blocksize=4096,bitmap=1