diff options
Diffstat (limited to 'searxng/deploy')
| -rw-r--r-- | searxng/deploy | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/searxng/deploy b/searxng/deploy new file mode 100644 index 0000000..da076df --- /dev/null +++ b/searxng/deploy @@ -0,0 +1,48 @@ +#!/bin/bash + +# Installing dependencies +sudo apt install -y python3-dev python3-babel python3-venv uwsgi uwsgi-plugin-python3 git build-essential libxslt1-dev zlib1g-dev libffi-dev libssl-dev shellcheck nginx + +# SearX +## Creating and setting up user +sudo -H useradd --shell /bin/bash --system \ + --home-dir "/usr/local/searx" \ + --comment 'Privacy-respecting metasearch engine' searx + +sudo -H mkdir "/usr/local/searx" +sudo -H chown -R "searx:searx" "/usr/local/searx" + +## Installing searx +sudo -H -u searx git clone "https://github.com/searxng/searxng" "/usr/local/searx/searx-src" +sudo -H -u searx python3 -m venv "/usr/local/searx/searx-pyenv" +echo "export SEARX_SETTINGS_PATH=\"/etc/searxng/settings.yml\"" | sudo -H -u searx tee -a "/usr/local/searx/.profile" > /dev/null +echo ". /usr/local/searx/searx-pyenv/bin/activate" | sudo -H -u searx tee -a "/usr/local/searx/.profile" > /dev/null +sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -U pip setuptools wheel pyyaml +sudo -H -u searx /usr/local/searx/searx-pyenv/bin/pip install -e "/usr/local/searx/searx-src" + +## Configuring SearXNG +sudo -H cp -rf "searxng/" "/etc/" +sudo -H sed -i s:YOURHOSTNAME:"$(hostname)":g /etc/searx/settings.yml +sudo -H sed -i s:SERVERKEY:"$(openssl rand -hex 16)":g /etc/searx/settings.yml + +# uwsgi +sudo -H cp -rf uwsgi/ /etc/ +sudo -H ln -s /etc/uwsgi/apps-available/searx.ini /etc/uwsgi/apps-enabled/ +sudo -H mkdir -p /run/uwsgi/app/searx/ +sudo -H chown -R searx:searx /run/uwsgi/app/searx/ + +# Nginx +sudo -H mkdir -p /etc/nginx/certs +sudo -H cp -rf nginx/ /etc/ +sudo -H ln -s /etc/nginx/sites-available/server /etc/nginx/sites-enabled/server +sudo -H sed -i s:"$(grep access_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf +sudo -H sed -i s:"$(grep error_log /etc/nginx/nginx.conf | awk '{print $2}' )":\/dev\/null\;:g /etc/nginx/nginx.conf + +# SSL +openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -extensions EXT -config <( printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") +sudo mv localhost.* /etc/nginx/certs + +# Restarting services +sudo -H systemctl restart nginx +sudo -H systemctl enable nginx +sudo -H service uwsgi restart searx |