azyrite/searxng-custom
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
searxng-custom/Dockerfile
azyrite 2256292aea
chore: init
2025-02-15 23:21:24 +11:00

67 lines
No EOL
2.7 KiB
Docker
Raw Blame History

# use alpine as base for searx and set workdir as well as env vars
FROM alpine:3.20 AS base
ENV GID=991 UID=991 UWSGI_WORKERS=1 UWSGI_THREADS=16 UPSTREAM_COMMIT=d37dc307831ef0f16a6cb2fbb0c5afe9bb5e4258
COPY ./requirements.txt .
# install build deps and git clone searxng as well as setting the version
RUN apk -U upgrade \
&& apk add --no-cache -t build-dependencies \
build-base \
py3-setuptools \
python3-dev \
libffi-dev \
libxslt-dev \
libxml2-dev \
openssl-dev \
tar \
&& apk add --no-cache \
ca-certificates \
python3 \
py3-pip \
libxml2 \
libxslt \
openssl \
tini \
uwsgi \
uwsgi-python3 \
git \
brotli \
&& pip install --no-cache --break-system-packages -r requirements.txt \
&& apk del build-dependencies \
&& rm -rf /var/cache/apk/* /root/.cache
FROM base AS searxng
WORKDIR /usr/local/searxng
# install build deps and git clone searxng as well as setting the version
RUN addgroup -g ${GID} searxng \
&& adduser -u ${UID} -D -h /usr/local/searxng -s /bin/sh -G searxng searxng \
&& git config --global --add safe.directory /usr/local/searxng \
&& git clone https://github.com/searxng/searxng . \
&& git reset --hard ${UPSTREAM_COMMIT} \
&& chown -R searxng:searxng . \
&& su searxng -c "/usr/bin/python3 -m searx.version freeze"
# copy run.sh
COPY ./src/run.sh /usr/local/bin/run.sh
# include patches for authorized api access
COPY ./src/auth/auth.py searx/auth.py
RUN sed -i -e "/if output_format not in settings\\['search'\\]\\['formats'\\]:/a\\ from searx.auth import valid_api_key\\n if (not valid_api_key(request)):" -e 's|flask.abort(403)| flask.abort(403)|' /usr/local/searxng/searx/webapp.py \
&& sed -i "/return Response('', mimetype='text\/css')/a \\\\n@app.route('/<key>/search', methods=['GET', 'POST'])\\ndef search_key(key=None):\\n from searx.auth import auth_search_key\\n return auth_search_key(request, key)" /usr/local/searxng/searx/webapp.py \
&& sed -i "/3\. If the IP is not in either list, the request is not blocked\./a\\ from searx.auth import valid_api_key\\n if (valid_api_key(request)):\\n return None" searx/limiter.py
# make run.sh executable, copy uwsgi server ini, set default settings, precompile static theme files
RUN cp -r -v dockerfiles/uwsgi.ini /etc/uwsgi/; \
chmod +x /usr/local/bin/run.sh; \
su searxng -c "/usr/bin/python3 -m compileall -q searx"; \
find /usr/local/searxng/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' -o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \
-type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+
# expose port and set tini as CMD; default user is searxng
USER searxng
EXPOSE 8080
CMD ["/sbin/tini","--","run.sh"]
Reference in a new issue View git blame Copy permalink