searx / searx-docker Goto Github PK

Installed following README. All seems to work besides Google CAPTCHA after a couple of minutes. I tried testing filtron and it does not seem to filter.

siege -c 255 -r 10 https://myurl.ext would complete all requests. I have to block it manually after a while otherwise my computer gets really hot. This is a partial output:

Lifting the server siege...
Transactions:		        2954 hits
Availability:		      100.00 %
Elapsed time:		      186.54 secs
Data transferred:	       21.98 MB
Response time:		       15.80 secs
Transaction rate:	       15.84 trans/sec
Throughput:		        0.12 MB/sec
Concurrency:		      250.26
Successful transactions:        2954
Failed transactions:	           0
Longest transaction:	       54.11
Shortest transaction:	        0.70

curl -A curl -A "curl" https://myurl.ext/search displays searx HTML output instead of being blocked by the default rule.

How can I further help to troubleshoot this?

Fixed in https://github.com/searxng/searxng-docker if anyone is interested.

I know you can write your own service files for any service daemon. But considering that not having systemd makes the "within 5 minutes" pretty much impossible. Why not build an official image based on alpine with each commit from the searx repository? That would be literally a 1 minute setup.

I changed SEARX_HOSTNAME in .env to localhost:8888 but this isn't reflected in some parts of the searx interface. For example the search link is still presented as this (note it is not localhost:8888): https://localhost/?q=asdf&categories=general&language=en-US
Morty links are also broken in this way.

Description

Since Google Chrome 76 (release date: 30 July 2019), 4 new headers are sent on every request: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site and Sec-Fetch-User. Even forks of Google Chrome like Edge, Opera, Brave and Vivaldi (to be tested) send it.
Most if not all bots fake their user agent by pretending to be Google Chrome, I think this could be a good new rule to investigate and could potentially increase by a lot the amount of bots blocked on the Searx instances that use searx-docker filtron rules.

Test case of users agent of real browsers that have "Chrome" in it

Working results

Edge 81 (Windows 10):

Opera:

Chrome Android:

Naked Browser (Android webkit):

Google Chrome/Chromium:

Failed results

The only exception is Samsung Browser :

How to implement the rule?

Due to Samsung Browser, the regex can't just be: "Header:User-Agent=(Chrome)" because it would block Samsung Browser which is still a popular Browser.
@dalf Do you have an idea of a regex that would filter Chrome but not Samsung Browser?
Also, when after filtering Google Chrome, how do I implement a rule that block requests that doesn't have Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site and Sec-Fetch-User? Using a "subrules"? But how?

Hello,

searx-docker works awesome, but watchtower updates it, and each time it updates my settings.yml get over written.
when i restore my settings.yml and restarting/build the container still doesn't work.

also on command update.sh, i get this error
fatal: --[no-]autostash option is only valid with --rebase.

am sure am doing something dumb, but cant figure it yet.

thanks

Hello.

start.sh throws an error here:

root@searx:/usr/local/searx-docker# ./start.sh 
use docker-compose.yaml
ERROR: Invalid interpolation format for "command" option in service "searx": "${SEARX_COMMAND:-}"
root@searx:/usr/local/searx-docker#

I did not change a thing in .env. It's an ubuntu 18.04.

Any idea what could be causing this?

cheers, t.

hi i have been trying to deploy this behind an apache2 reverse proxy a couple times, and still cant get it to work with caddy, and if i use filtron directly all files are using localhost instead of the real domain.

can you please add a new docker-compose file for reverse proxies?

with no https and a simple setting to change the output port and the base domain.

and without the need to create a systemd service

Hi,

if I open the proxied link of a search result I just see "page not found" within my searx page.
The generated link looks like this:
https://<my.url.here>/morty/?mortyurl=https%3A%2F%2Fde.wikipedia.org%2Fwiki%2FProxy&mortyhash=c5e85c644c08e1be9bf580d8deb5c48ad35f0e8cb5a2a19f26e6079cb215b795

Hello,

I would install searx but get this message

morty | WARNING: no logs are available with the 'none' log driver caddy | 2019/12/18 10:01:51 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate caddy | Activating privacy features... done. caddy | 2019/12/18 10:01:51 Listen: listen tcp :443: bind: address already in use caddy | exit status 1

But in Docker-compose.yaml

`version: '3.7'

services:

caddy:
container_name: caddy
image: abiosoft/caddy:1.0.3-no-stats
ports:
������- 8888:80
������- 4449:443
network_mode: host
command: -email ${LETSENCRYPT_EMAIL} -agree=${LETSENCRYPT_AGREE} -log stdout -host ${SEARX_HOSTNAME} -conf /etc/Caddyfile
volumes:
������- ./Caddyfile:/etc/Caddyfile:rw
������- ./caddy:/root/.caddy:rw
������- ./srv:/srv:rw
������- searx-checker:/srv/searx-checker:rw
environment:
������- SEARX_HOSTNAME=${SEARX_HOSTNAME}
������- SEARX_PROTOCOL=${SEARX_PROTOCOL:-}
������- SEARX_TLS=${SEARX_TLS:-}
������- FILTRON_USER=${FILTRON_USER}
������- FILTRON_PASSWORD=${FILTRON_PASSWORD}
cap_drop:
������- ALL
cap_add:
������- NET_BIND_SERVICE
������- DAC_OVERRIDE
`

Hi there, i have a question and i'm hoping you could point me in the right direction;

I'd like to install searx-docker in an internal network, where port 80 and 443 are not accessible from the internet (which is required for letsencrypt to generate (and renew?) the certificate.)

I could open the ports only while installing, to generate the certificate, but then:

• i would need the certificate to be valid for a long time like a few years so it doesn't need to renew
• i assume the certificate won't work anyway on an internal net since the domain name will then point to a (no longer public) different internal ip address?

Long story short, what config/settings are best for use in an internal network only? Can i use http only?

Thank you.

This project references at least the searx and morty docker images.

There are two ways to do it :

• either the docker images are published somewhere and docker-compose will download / pull them (from hub.docker.com or https://github.com/features/package-registry but still in beta).
• either this repository contains git submodules to reference morty and searx source code.

First solution : a docker image signature requires Docker Content Trust which is only included in the Enterprise version of Docker. There are open source registry like harbor, but it requires a dedicated administrator to maintain the server (I don't think that's a good idea).

First solution bis: harbor uses Clair. May be it can be use to warn searx administrator with a daily check on a server.

Second solution : a dedicated branch can hold the "releases". On a Searx instance server, an update would be :

• update the git repository with the submodules
• build the images
• restart

When I access https://searx.mydomain.org/opensearch.xml in Firefox I get
searx a privacy-respecting, hackable metasearch engine UTF-8 /static/themes/oscar/img/favicon.png searx metasearch
When I open the same url in Edge I get
<?xml version="1.0" encoding="ISO-8859-1"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName>searx</ShortName>
<Description>a privacy-respecting, hackable metasearch engine</Description>
<InputEncoding>UTF-8</InputEncoding>
<Image>/static/themes/oscar/img/favicon.png</Image>
<LongName>searx metasearch</LongName>
<Url template="/search?q={searchTerms}" method="get" type="text/html"/>
</OpenSearchDescription>
It makes no difference if use Nginx in front of uwsgi or not.
In nginx.conf I've tried it with gzip on and the setting disabled.
Anybody got a clue??

Hi,
How do I allow my local address to access searx ? It is currently public, but I would like to use it myself too, at the moment I cant connect to it from my lan devices (mobile phone works using 4g connection). Thanks!

• https://www.haproxy.com/fr/blog/bot-protection-with-haproxy/
• https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
• https://github.com/mitchellkrogza/fail2ban-useful-scripts
• https://github.com/mitchellkrogza/Fail2Ban-Blacklist-JAIL-for-Repeat-Offenders-with-Perma-Extended-Banning
• https://github.com/unixfox/antibot-proxy/issues

On Firefox preview/nightly for Android it's impossible to add a Searx instance behind searx-docker due to filtron which is blocking the request when adding the instance as a search engine.

It sends these headers when trying to add Searx as a search engine:

User-Agent: MozacFetch/50.0.20200712190143
Accept: */*
Accept-Language: */*
Accept-Encoding: gzip
Connection: keep-alive

Its request is blocked by these two rules:

• block no deflate support
• block accept everything

How to resolve the issue?

Should we whitelist only the specific user agent MozacFetch in order to solve the issue?
Or should we just whitelist the keyword 1 (?q=1) which is hardcoded into the fenix source code: https://github.com/mozilla-mobile/fenix/blob/master/app/src/main/java/org/mozilla/fenix/settings/search/SearchStringValidator.kt#L18?

Related issue: mozilla-mobile/fenix#11332

Title is self-explanatory, not the first time I've reinstalled searx-docker from scratch.
Never had any issues until now, here are the logs that I got with ./start.sh (note that I replaced my instance link because it is semi-private):

Tested on both Ubuntu 18.04 and 20.04 with identical configuration settings, both give me the same errors.
My hostname isn't localhost, and I've commented and filled out all the necessary parts in the env file.

root@searx:/usr/local/searx-docker# ./start.sh
use docker-compose.yaml
Removing searx-checker ... done
Removing filtron ... done
Removing caddy ... done
Removing searx ... done
Removing morty ... done
Removing network searx-docker_searx
Removing volume searx-docker_searx-checker
No stopped containers
Creating network "searx-docker_searx" with the default driver
Creating volume "searx-docker_searx-checker" with default driver
Creating filtron ... done
Creating morty ... done
Creating searx ... done
Creating searx-checker ... done
Creating caddy ... done
Attaching to caddy, searx-checker, morty, searx, filtron
filtron | 2020/07/13 05:21:00 14 rules loaded from /etc/filtron/rules.json
filtron | 2020/07/13 05:21:00 Proxy listens on 0.0.0.0:4040
filtron | 2020/07/13 05:21:00 API listens on 0.0.0.0:4041
morty | WARNING: no logs are available with the 'none' log driver
caddy | 2020/07/13 05:20:56 [INFO][cache:0xc000178370] Started certificate maintenance routine
caddy | Activating privacy features... done.
caddy |
caddy | Serving HTTPS on port 443
caddy | https://domain.com
caddy |
caddy | 2020/07/13 05:20:56 [INFO] Serving https://domain.com
caddy |
caddy | Serving HTTP on port 80
caddy | http://domain.com
caddy |
caddy | 2020/07/13 05:20:56 [INFO] Serving http://domain.com
searx | searx version 0.17.0-5-7b19e6c5
searx |
searx | Use existing /etc/searx/uwsgi.ini
searx | Use existing /etc/searx/settings.yml
searx | Listen on 0.0.0.0:8080
searx | [uWSGI] getting INI configuration from /etc/searx/uwsgi.ini
searx-checker | Sleep 75 seconds
caddy | 13/Jul/2020:05:21:51 +0000 [ERROR 502 /] dial tcp 64.90.49.129:4040: i/o timeout
searx-checker | 2020/07/13 05:22:12 Check with the parameters : -o html/data/status.json http://searx:8080
caddy | 2020/07/13 05:22:18 http: TLS handshake error from [redacted]:56072: EOF

Observed behaviour

Whenever I deploy a new searx container, settings.yml will be overwritten, at least partly. In ui, I set oscar_style in theme_args to 'logicodev-dark', but it will always be reverted to 'logicodev' whenevere I pull a new version of searx/searx.

Expected behaviour

Running a later version of the searx/searx container shouldn't revert settings to default, especially not theme/visual settings.

I suppose this behaviour is in all 0.17 version images.

after using ./start.sh
Same result of course with docker-compose up.

No idea what that error means. Have to admit never used "command" in compose file.

Any suggestions welcomed.

bash +x ./start.sh

when i done that commond . it print

Status: Downloaded newer image for docker.io/searx/searx-checker:latest
Creating morty         ... done
Creating searx-checker ... done
Creating searx         ... done
Creating caddy         ... done
Creating filtron       ... done
Attaching to caddy, filtron, searx-checker, searx, morty
caddy            | 2019/07/31 07:18:19 [INFO][cache:0xc000086960] Started certificate maintenance routine
caddy            | 2019/07/31 07:18:19 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate
caddy            | Activating privacy features... done.
caddy            | 
caddy            | Serving HTTPS on port 443 
caddy            | https://localhost
caddy            | 
caddy            | 2019/07/31 07:18:19 [INFO] Serving https://localhost 
filtron          | 2019/07/31 07:18:20 13 rules loaded from /etc/filtron/rules.json
filtron          | 2019/07/31 07:18:20 API listens on 10.10.10.3:4041
filtron          | 2019/07/31 07:18:20 Proxy listens on 10.10.10.3:4040
searx-checker    | Sleep 79 seconds
morty            | WARNING: no logs are available with the 'none' log driver

and then i can not connect my vps with ssh(22) . how can i do ?

Hello

I am getting an error in the monty container that is as follows.

morty exited with code 1
morty | WARNING: no logs are available with the 'none' log driver

I am running a linode under Debian 10. I have a bitwarden docker container running fine also. I d see in the docker-compose.yaml file the following is set.

Logging:
Driver: NONE

Any ideas?

Thank you!

Hi I'm new here and trying to deploy a searx service on my own vps. Do you have any sample configuration? Thank you!

for searx and morty.

Searx
It require to update the https://github.com/asciimoo/searx/blob/master/dockerfiles/docker-entrypoint.sh

Morty
It seems there is no DNS configuration for fasthttp. See :

• https://github.com/valyala/fasthttp/blob/ccaae97f5bb5886a037f5e8ca871d0e977a91df9/tcpdialer.go#L415
• golang/go#19268

Or it can be done using docker configuration: https://docs.docker.com/v17.09/engine/userguide/networking/default_network/configure-dns/

where can i get change log to searx-docker,
the image on hub.docker.com says "Updated an hour ago" by searxrobot
i dont see any commit here, i checked upstream searx/searx last commit 7 days or asciimoo/searx last commit 6 days ago.

does the "searxrobot" just adding tag or any kind of maintenance pull from git on docker hub?

Hello,

the certificate is revoked. But i have an valid Cert on the Host-System. How can i import this?
Caddy log tells me too many request to letsencrypt.

not every admin wants to proxify url.

While my searx install was working quite well for a few weeks, it suddenly keeps telling me

Sorry! we didn't find any results. Please use another query or search in more categories.

After hitting a few times refresh it will eventually show the results. How can I identify the source of the problem and fix it?

Folks - running this on Docker and it was running fine till about 1hr ago. Lo and behold just checked and an update was put in around then. Watchtower has updated the latest image.

The problem is, no search results being shown, and if I go into preferences, no search engines show up.

Gonna downgrade and turn off Watchtower for now.

Hello! As you can know, Caddy v2 is out. Do you plan to migrate to it? Thanks in beforehand

Hi,

I've changed the caddy ports to other ports than the default in the docker-compose.yaml,

ports:
  - 8086:80
  - 44386:443

but after starting the searx-instance, i've get the error

caddy | 2019/10/31 09:15:00 Listen: listen tcp :443: bind: address already in use

On searx.ninja, a URL value is still set to localhost, but I can't find where that value is coming from.
For example, you can see it here in the head of the html:
<link rel="alternate" type="application/rss+xml" title="Searx search: searx docker" href="https://localhost/?q=searx%20docker&amp;categories=general&amp;language=en-US&amp;format=rss">

The image proxy is also broken as the URLs are pointing to localhost instead of searx.ninja.

However, the .env and settings files are updated:
From .env:

From settings:

I cannot figure out where the localhost value is coming from, and the site is not fully functional until I can fix it.

I apologize if this is not the right forum to ask this question.

I am trying to install searx-docker on my MacBook Pro with macOS Mojave 10.14.6.

1. Installed Docker Desktop for Mac. It comes with docker-compose.
2. Edited .env to reflect:
   a. my real email address for let's encrypt
   b. Lets Encrypt TOS to true
   c. proper key for MORTY_KEY using the suggested command.
   d. password for filtron
3. Tried running start.sh with following output:

~/searx-docker   master ●  ./start.sh                                                                                                     1 ↵  163  13:15:33
readlink: illegal option -- f
usage: readlink [-n] [file ...]
use docker-compose.yaml
Removing network searx-docker_searx
Removing volume searx-docker_searx-checker
No stopped containers
Creating network "searx-docker_searx" with the default driver
Creating volume "searx-docker_searx-checker" with default driver
Pulling filtron (dalf/filtron:)...
latest: Pulling from dalf/filtron
921b31ab772b: Pull complete
c7ab82ae8f5a: Pull complete
098f07700af6: Pull complete
58e6837c81f2: Pull complete
Digest: sha256:9feef1cf833f11327f082c704de70f2a706672e1c23b2f90b9bb705d467f65dd
Status: Downloaded newer image for dalf/filtron:latest
Pulling searx (searx/searx:latest)...
latest: Pulling from searx/searx
89d9c30c1d48: Pull complete
1e2bb55f9cd3: Pull complete
826050ce83f2: Pull complete
2fff5bc55ea8: Pull complete
af5f5f249db4: Pull complete
ab4ae1b0f738: Pull complete
9ec27c60dc38: Pull complete
Digest: sha256:b08e8d371db8bd766fca453ba9f3b7c8967933ad993c08e974cbf58407a400c3
Status: Downloaded newer image for searx/searx:latest
Pulling morty (dalf/morty:)...
latest: Pulling from dalf/morty
9d48c3bd43c5: Pull complete
231de45363ec: Pull complete
52775b790275: Pull complete
Digest: sha256:7890614b280dbe0dcbd7a209ebe87989e80599f3627f37e1e0ca31f82e3a452e
Status: Downloaded newer image for dalf/morty:latest
Pulling searx-checker (searx/searx-checker:)...
latest: Pulling from searx/searx-checker
050382585609: Already exists
dac2222ca532: Pull complete
29a7fe408caa: Pull complete
6ad337b9b53f: Pull complete
31d663a76478: Pull complete
16d4fbd4b09b: Pull complete
ca41695224f1: Pull complete
eae20061edf5: Pull complete
30f46cf9aa58: Pull complete
3b28fb26a4c2: Pull complete
Digest: sha256:8548e831d672335a7301da966c1953bec12fff9084ad5b5a2426190dbca17300
Status: Downloaded newer image for searx/searx-checker:latest
Creating searx         ... done
Creating searx-checker ... done
Creating filtron       ... done
Creating caddy         ... done
Creating morty         ... done
Attaching to caddy, searx-checker, morty, searx, filtron
morty            | WARNING: no logs are available with the 'none' log driver
caddy            | 2019/11/19 21:17:37 [INFO][cache:0xc0001da370] Started certificate maintenance routine
searx-checker    | Sleep 84 seconds
caddy            | 2019/11/19 21:17:37 [WARNING] Stapling OCSP: no OCSP stapling for [localhost]: no OCSP server specified in certificate
caddy            | Activating privacy features... done.
filtron          | 2019/11/19 21:17:38 13 rules loaded from /etc/filtron/rules.json
filtron          | 2019/11/19 21:17:38 API listens on 10.10.10.3:4041
caddy            |
caddy            | Serving HTTPS on port 443
caddy            | https://localhost
caddy            |
caddy            | 2019/11/19 21:17:37 [INFO] Serving https://localhost
filtron          | 2019/11/19 21:17:38 Proxy listens on 10.10.10.3:4040
searx            | searx version 0.15.0-186-42d5e2c0
searx            |
searx            | Use existing /etc/searx/uwsgi.ini
searx            | Use existing /etc/searx/settings.yml
searx            | Listen on 10.10.10.4:8080
searx            | [uWSGI] getting INI configuration from /etc/searx/uwsgi.ini
searx-checker    | 2019/11/19 21:19:01 Check with the parameters : -o html/data/status.json http://10.10.10.4:8080
searx-checker    | Error get  /config , status code= 500
searx-checker    | Sleep 86315 seconds

I tried https://localhost/, https://localhost:8080 in my browser but it doesn't connect.

I'm setting up searx-docker on an Odroid C2 running DietPi. When I run start.sh I get the following errors:

use docker-compose.yaml
Stopping filtron       ... done
Stopping searx-checker ... done
Stopping morty         ... done
Stopping searx         ... done
Removing caddy         ... done
Removing filtron       ... done
Removing searx-checker ... done
Removing morty         ... done
Removing searx         ... done
Removing network searx-docker_searx
Removing volume searx-docker_searx-checker
No stopped containers
Creating network "searx-docker_searx" with the default driver
Creating volume "searx-docker_searx-checker" with default driver
Creating morty         ... done
Creating searx         ... done
Creating searx-checker ... done
Creating caddy         ... done
Creating filtron       ... done
Attaching to caddy, morty, searx-checker, filtron, searx
caddy            | standard_init_linux.go:211: exec user process caused "exec format error"
filtron          | standard_init_linux.go:211: exec user process caused "exec format error"
caddy exited with code 1
morty            | WARNING: no logs are available with the 'none' log driver
searx            | standard_init_linux.go:211: exec user process caused "exec format error"
searx-checker    | standard_init_linux.go:211: exec user process caused "exec format error"
searx-checker exited with code 1
searx exited with code 1
morty exited with code 1

Any ideas what would be causing the standard_init_linux.go:211: exec user process caused "exec format error" error? Could this be a distro issue?

Hi,

I apologize in advance if this is a silly question, but what I am trying to do is installing searx container to be reachable from outside world by https from a non-conventional port. To accomplish this, I copied the docker-compose.yaml file to docker-compose-extend.yaml file and edited the caddy ports section to read as follows:

• 25000:80
• 25001:443
  Host machine firewall was set to allow access to the ports 25000 and 25001 via tcp. The edge router was also set to forward ports 80 and 443 to 25000 and 25001 respectively on the host machine.
  Then I tested these settings by running start.sh which reported that Letsencrypt could not access the ports for certification.

What am I missing?

Thanks for the pointers in advance!

When hosing on localhost, this part of rules.json is causing a 429 response when infinite_scroll.js sends a POST request:

            {
                "name": "block accept everything",
                "filters": ["!Header:Accept=text/html"],
                "limit": 0,
                "stop": true,
                "actions": [
                    {"name": "block",
                     "params": {"message": "Rate limit exceeded"}}
                ]
            },

Removing this rule allows the request to go through.

Unreproducible on:
https://searx.me/
https://searx.be/
https://searx.tuxcloud.net/
, probably because they do not have filtron?

Why are the ports of some services published to the host despite not needing them? Caddy needs them for sure but why do filtron or morty need them?

Hello is it possible to update the dalf/morty to the latest morty master
In the latest morty it is possible to switch to socks5

thx

I came across this project: https://notabug.org/CYBERDEViL/searx-qt. Basically it's a graphical interface for using Searx.

Unfortunately it doesn't work on the public instances using the built-in filtron rules of searx-docker.

Is it a good idea to whitelist its user agent so that it works with most of the public instances on https://searx.space?

i'm no Docker Expert, but i think that your docker-compose.yml and scripts setup is a bit too.. messy. here is my docker-compose.yml:

version: '3.7'

services:

  filtron:
    image: dalf/filtron
    restart: always
    networks:
      - default
      - traefik_default
    command: -listen 0.0.0.0:4040 -api 0.0.0.0:4041 -target searx:8080
    volumes:
      - ./rules.json:/etc/filtron/rules.json:rw
    read_only: true
    cap_drop:
      - ALL
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.filtron.rule=Host(`searx.travnewmatic.com`)"
      - "traefik.http.routers.filtron.entrypoints=websecure"
      - "traefik.http.routers.filtron.tls.certresolver=mytlschallenge"
      - "traefik.docker.network=traefik_default"
      - "traefik.http.services.filtron.loadbalancer.server.port=4040"

  searx:
    image: searx/searx:latest
    restart: always
    depends_on:
      - filtron
      - morty
    networks:
      - tor-hidden-service_default
      - default
    command: -f
    volumes:
      - ./searx:/etc/searx:rw
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - DAC_OVERRIDE

  morty:
    image: dalf/morty
    restart: always
    networks:
      - default
      - traefik_default
    command: -listen 0.0.0.0:3000 -timeout 6 -ipv6
    environment:
      - MORTY_KEY=e63wDcpbTfRQj51Utf2BK5Isd6wDh/dD4Z46bmMUno6N
    read_only: true
    cap_drop:
      - ALL
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.morty.rule=Host(`searx.travnewmatic.com`) && PathPrefix(`/morty`)"
      - "traefik.http.routers.morty.entrypoints=websecure"
      - "traefik.http.routers.morty.tls.certresolver=mytlschallenge"
      - "traefik.docker.network=traefik_default"
      - "traefik.http.services.morty.loadbalancer.server.port=3000"

networks:
  traefik_default:
    external: true
  tor-hidden-service_default:
    external: true

its mostly based on your setup, but i've made a few changes.

• using traefik instead of caddy
• searx is sending queries through a separate TOR container
• watchtower upgrades things when a new image is available (sometimes blowing away my config, but thats why i use a repo)

are there any glaring issues with what i've done?

thanks for all the hard work on this awesome project, i use it every day!

When my searx instance is hidden behind CloudFlare, search does not work. I always receive "Rate limit exceeded" no matter what. The moment I disable CloudFlare, it works immediately.

I suspect that Filtron somehow does not correctly receive the IP from the request. Is there any settings I need to perform like one would need to do with nginx (example: https://pauledenburg.com/set-nginx-proxy-docker-containers/)?

Currently, the docker-compose.yml use fixed IPv4 addresses which is actually a bad thing in the containerization standard.

caddy-docker-proxy generate the Caddyfile dynamically which avoid having to rely on hardcoded IPv4 addresses.

EDIT: Fixed in https://github.com/searxng/searxng-docker if anyone is interested.

If #26 get merged then it's one step towards supporting other architectures because the Docker image lucaslorentz/caddy-docker-proxy supports ARM devices.
filtron and morty can be compiled in ARM too because Golang support it. And searx and searx-checker are using python so they can be switched to use the alpine ARM base image.

Hi,

This is what I did:
sudo systemctl stop searx-docker.service
docker-compose pull
sudo systemctl start searx-docker.service

This is now what I have:

As you can see the web page does not render correctly and the 'Start search' button does not work.

I did not change anything else other than what was mentioned above. Your guidance will be greatly appreciated.

Additionally, after posting this message, I recloned this git repository, modified the files .env and Caddyfile to my settings and retried with the same outcome. I tried accessing the site both with Firefox and Chromium with the same results.

Searx

Update the https://github.com/asciimoo/searx/blob/master/dockerfiles/docker-entrypoint.sh

Morty

• https://github.com/valyala/fasthttp/blob/master/fasthttpproxy/socks5.go
• valyala/fasthttp#363

When i try to add a searx search engine and put the search string "https://searx.be/?q=%s", it says "Error connecting to searx".
This was resolved some time ago, and now it resurfaced,,,
Similar issue as https://github.com/searx/searx-docker/issues/48

Hi,

Thanks for this great tool! I have a working set up after following the instructions. My working directory is /home/user/Docker/searx-docker and when I enable the searx-docker.service (sudo systemctl enable searx-docker.service) it creates a symlink in /etc/systemd/system/multi-user-target directory pointing to the /home/user/Docker/searx-docker/searx-docker.service file. I can start this service by issuing the sudo systemctl start searx-docker.service; however it will not start after reboot. This behavior is consistent, but I don't think it is supposed to be this way. What am I missing?

Thanks!

Some requests get a 429 error. I don't know why but it doesn't happen on the image woahbase/alpine-searx even with the same filtron rules as this repository.

I tried to remove the rules IP limit, all paths and useragent limit, all paths but that didn't fix the issue.

I can reproduce the same bug with Firefox and Chromium on https://a.searx.space which is known to use searx-docker.

1- I download the source code to my desktop
2- I comment both lines SEARX_PROTOCOL and SEARX_TLS on ".env" file
3- I run ./start.sh

Docker starts with these logs:

Creating filtron       ... done
Creating searx-checker ... done
Creating searx         ... done
Creating caddy         ... done
Creating morty         ... done
Attaching to caddy, searx, filtron, morty, searx-checker
caddy            | Activating privacy features... done.
caddy            | 
caddy            | Serving HTTPS on port 443 
caddy            | https://localhost
caddy            | 
caddy            | 2019/08/30 14:38:24 [INFO] Serving https://localhost 
caddy            | WARNING: File descriptor limit 1024 is too low for production servers. At least 8192 is recommended. Fix with `ulimit -n 8192`.
caddy            | 2019/08/30 14:38:24 [INFO][cache:0xc00009c960] Started certificate maintenance routine
searx            | searx version 0.15.0-155-8e62f760
searx            | 
searx            | Create /etc/searx/uwsgi.ini
searx            | Create /etc/searx/settings.yml
filtron          | 2019/08/30 14:38:26 13 rules loaded from /etc/filtron/rules.json
filtron          | 2019/08/30 14:38:26 API listens on 10.10.10.3:4041
searx            | Listen on 10.10.10.4:8080
morty            | WARNING: no logs are available with the 'none' log driver
searx            | [uWSGI] getting INI configuration from /etc/searx/uwsgi.ini
filtron          | 2019/08/30 14:38:26 Proxy listens on 10.10.10.3:4040
searx-checker    | Sleep 117 seconds
morty exited with code 1
morty            | WARNING: no logs are available with the 'none' log driver
morty exited with code 1
morty            | WARNING: no logs are available with the 'none' log driver
morty exited with code 1
morty            | WARNING: no logs are available with the 'none' log driver
morty exited with code 1

docker ps -a:

e41615f25b4a        dalf/morty                      "/usr/local/morty/mo…"   About a minute ago   Restarting (1) 3 seconds ago                                                  morty
10644ebe64ff        abiosoft/caddy:1.0.1-no-stats   "/bin/parent caddy -…"   About a minute ago   Up About a minute                                                             caddy
14e3a12fb5f4        searx/searx-checker             "/sbin/tini -- /usr/…"   About a minute ago   Up About a minute                                                             searx-checker
273c0bc99af8        dalf/filtron                    "/usr/local/filtron/…"   About a minute ago   Up About a minute              3000/tcp, 127.0.0.1:4040-4041->4040-4041/tcp   filtron
709a183758f4        searx/searx:latest              "/sbin/tini -- /usr/…"   About a minute ago   Up About a minute              8080/tcp                                       searx

I can not access from my browser to localhost:8080 or which port should I use for main search web-ui?

Thank you

If I go inside searx docker and change the logo and favicon, then updating via

update.sh

I am sure the answer to this silly question would be very straight forward. Would you please help me in renewing my Letsencrypt certificate, which I believe was obtained by Caddy?

Thanks!

Hi,
Firstly, thanks for creating this fantastic project.
I'd really like to enjoy using it, but I need some help with the setup.

I already have a reverse-proxy setup on my home server, that handles all my other services and certs and SSO.
I tried modifying the ports of the services in docker-compose.yaml, and:

• I can open the Filtron site (this is the entry point of the whole system isn't it?)
• I can search and get results
• but when I go to settings and hit "Save" - I get redirected to https://localhost

I tried modifying the .env and put the actual host (search.domain.tld) but that didn't do anything.