Loading utils/lib.sh +81 −44 Original line number Diff line number Diff line Loading @@ -274,41 +274,65 @@ install_template() { # usage: # # install_template [--no-eval] {file} [{owner} [{group} [{chmod}]]] # install_template [--no-eval] [--variant=<name>] \ # {file} [{owner} [{group} [{chmod}]]] # # install_template --no-eval /etc/updatedb.conf root root 644 # E.g. the origin of variant 'raw' of /etc/updatedb.conf is:: # # ${TEMPLATES}/etc/updatedb.conf:raw # # To install variant 'raw' of /etc/updatedb.conf without evaluated # replacements you can use:: # # install_template --variant=raw --no-eval \ # /etc/updatedb.conf root root 644 local do_eval=1 if [[ "$1" == "--no-eval" ]]; then do_eval=0; shift fi local dst="${1}" local owner=${2-$(id -un)} local group=${3-$(id -gn)} local chmod=${4-644} local _reply="" local do_eval=1 local variant="" local pos_args=("$0") for i in "$@"; do case $i in --no-eval) do_eval=0; shift ;; --variant=*) variant=":${i#*=}"; shift ;; *) pos_args+=("$i") ;; esac done info_msg "install: ${dst}" local dst="${pos_args[1]}" local template_origin="${TEMPLATES}${dst}${variant}" local template_file="${TEMPLATES}${dst}" local owner="${pos_args[2]-$(id -un)}" local group="${pos_args[3]-$(id -gn)}" local chmod="${pos_args[4]-644}" if [[ ! -f "${TEMPLATES}${dst}" ]] ; then err_msg "${TEMPLATES}${dst} does not exists" err_msg "... can't install $dst / exit installation with error 42" info_msg "install (eval=$do_eval): ${dst}" [[ ! -z $variant ]] && info_msg "variant: ${variant}" if [[ ! -f "${template_origin}" ]] ; then err_msg "${template_origin} does not exists" err_msg "... can't install $dst" wait_key 30 return 42 fi local template_file="${TEMPLATES}${dst}" if [[ "$do_eval" == "1" ]]; then template_file="${CACHE}${dst}${variant}" info_msg "BUILD template ${template_file}" if [[ -f "${TEMPLATES}${dst}" ]] ; then template_file="${CACHE}${dst}" if [[ ! -z ${SUDO_USER} ]]; then sudo -u "${SUDO_USER}" mkdir -p "$(dirname "${template_file}")" else mkdir -p "$(dirname "${template_file}")" fi # shellcheck disable=SC2086 eval "echo \"$(cat ${TEMPLATES}${dst})\"" > "${template_file}" else err_msg "failed ${template_file}" return 42 eval "echo \"$(cat ${template_origin})\"" > "${template_file}" if [[ ! -z ${SUDO_USER} ]]; then chown "${SUDO_USER}:${SUDO_USER}" "${template_file}" fi else template_file=$template_origin fi mkdir -p "$(dirname "${dst}")" Loading @@ -325,7 +349,7 @@ install_template() { return 0 fi info_msg "file ${dst} allready exists on this host" info_msg "diffrent file ${dst} allready exists on this host" while true; do choose_one _reply "choose next step with file $dst" \ Loading @@ -349,7 +373,10 @@ install_template() { echo "// exit with CTRL-D" sudo -H -u "${owner}" -i $DIFF_CMD "${dst}" "${template_file}" if ask_yn "did you edit ${template_file} to your needs?"; then echo echo "did you edit file ..." printf " ${template_file}" if ask_yn "... to your needs?"; then break fi ;; Loading Loading @@ -384,21 +411,27 @@ apache_reload() { apache_install_site() { # usage: apache_install_site [--no-eval] <mysite.conf> # usage: apache_install_site [<template option> ...] <mysite.conf> # # <template option>: see install_template local no_eval="" local CONF="$1" local template_opts=() local pos_args=("$0") if [[ "$1" == "--no-eval" ]]; then no_eval=$1; shift fi for i in "$@"; do case $i in -*) template_opts+=("$i");; *) pos_args+=("$i");; esac done # shellcheck disable=SC2086 install_template $no_eval "${APACHE_SITES_AVAILABE}/${CONF}" root root 644 install_template "${template_opts[@]}" \ "${APACHE_SITES_AVAILABE}/${pos_args[1]}" \ root root 644 apache_enable_site "${CONF}" apache_enable_site "${pos_args[1]}" apache_reload info_msg "installed apache site: ${CONF}" info_msg "installed apache site: ${pos_args[1]}" } apache_enable_site() { Loading Loading @@ -438,20 +471,24 @@ uWSGI_app_available() { uWSGI_install_app() { # usage: uWSGI_install_app [--no-eval] <myapp.ini> # usage: uWSGI_install_app [<template option> ...] <myapp.ini> # # <template option>: see install_template local no_eval="" local CONF="$1" for i in "$@"; do case $i in -*) template_opts+=("$i");; *) pos_args+=("$i");; esac done if [[ "$1" == "--no-eval" ]]; then no_eval=$1; shift fi install_template "${template_opts[@]}" \ "${uWSGI_SETUP}/apps-available/${pos_args[1]}" \ root root 644 # shellcheck disable=SC2086 install_template $no_eval "${uWSGI_SETUP}/apps-available/${CONF}" root root 644 uWSGI_enable_app "${CONF}" uWSGI_enable_app "${pos_args[1]}" uWSGI_restart info_msg "installed uWSGI app: ${CONF}" info_msg "installed uWSGI app: ${pos_args[1]}" } uWSGI_remove_app() { Loading utils/searx.sh +26 −16 Original line number Diff line number Diff line Loading @@ -32,8 +32,11 @@ SEARX_SRC="${SERVICE_HOME}/searx-src" SEARX_SETTINGS="${SEARX_SRC}/searx/settings.yml" SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(uname -n)}" SEARX_UWSGI_APP="searx.ini" SEARX_UWSGI_SOCKET="/run/uwsgi/app/searx/socket" APACHE_SITE="searx.conf" # Apache Settings SEARX_APACHE_URL="/searx" SEARX_APACHE_SITE="searx.conf" # shellcheck disable=SC2034 CONFIG_FILES=( Loading @@ -55,7 +58,7 @@ usage() { usage: $(basename "$0") shell $(basename "$0") install [all|user|pyenv|searx-src] $(basename "$0") install [all|user|pyenv|searx-src|apache] $(basename "$0") update [searx] $(basename "$0") remove [all|user|pyenv|searx-src] $(basename "$0") activate [service] Loading @@ -70,6 +73,7 @@ install / remove user: add/remove service user '$SERVICE_USER' at $SERVICE_HOME searx-src: clone $SEARX_GIT_URL pyenv: create/remove virtualenv (python) in $SEARX_PYENV apache: install apache site for searx-uwsgi app update searx Update searx installation of user ${SERVICE_USER} activate Loading Loading @@ -112,6 +116,7 @@ main() { user) assert_user ;; pyenv) create_pyenv ;; searx-src) clone_searx ;; apache) install_apache_site ;; *) usage "$_usage"; exit 42;; esac ;; update) Loading Loading @@ -175,16 +180,6 @@ install_all() { else err_msg "URL http://$SEARX_URL not available, check searx & uwsgi setup!" fi wait_key if apache_is_installed; then install_apache_site wait_key fi # ToDo ... # test_public_searx # info_msg "searX --> https://${SEARX_APACHE_DOMAIN}${SEARX_APACHE_URL}" } update_searx() { Loading Loading @@ -236,6 +231,11 @@ EOF remove_all() { rst_title "De-Install $SERVICE_NAME (service)" rst_para "\ It goes without saying that this script can only be used to remove installations that were installed with this script." if ! ask_yn "Do you really want to deinstall $SERVICE_NAME?"; then return fi Loading Loading @@ -491,10 +491,20 @@ show_service() { } install_apache_site() { rst_title "Install Apache site $APACHE_SITE" section rst_title "Install Apache site $SEARX_APACHE_SITE" rst_para "\ This installs the searx uwsgi app as apache site. If your server ist public to the internet you should instead use a reverse proxy (filtron) to block excessively bot queries." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then return fi echo err_msg "not yet implemented (${APACHE_SITE})"; return 42 # apache_install_site "${APACHE_SITE}" apache_install_site --variant=uwsgi "${SEARX_APACHE_SITE}" } # ---------------------------------------------------------------------------- Loading utils/templates/etc/apache2/sites-available/searx.conf:uwsgi 0 → 100644 +25 −0 Original line number Diff line number Diff line # -*- coding: utf-8; mode: apache -*- <IfModule mod_uwsgi.c> # SetEnvIf Request_URI "${SEARX_APACHE_URL}" dontlog # CustomLog /dev/null combined env=dontlog <Location ${SEARX_APACHE_URL}> <IfModule mod_security2.c> SecRuleEngine Off </IfModule> Options FollowSymLinks Indexes SetHandler uwsgi-handler uWSGISocket ${SEARX_UWSGI_SOCKET} Order deny,allow Deny from all # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 Allow from all </Location> </IfModule> Loading
utils/lib.sh +81 −44 Original line number Diff line number Diff line Loading @@ -274,41 +274,65 @@ install_template() { # usage: # # install_template [--no-eval] {file} [{owner} [{group} [{chmod}]]] # install_template [--no-eval] [--variant=<name>] \ # {file} [{owner} [{group} [{chmod}]]] # # install_template --no-eval /etc/updatedb.conf root root 644 # E.g. the origin of variant 'raw' of /etc/updatedb.conf is:: # # ${TEMPLATES}/etc/updatedb.conf:raw # # To install variant 'raw' of /etc/updatedb.conf without evaluated # replacements you can use:: # # install_template --variant=raw --no-eval \ # /etc/updatedb.conf root root 644 local do_eval=1 if [[ "$1" == "--no-eval" ]]; then do_eval=0; shift fi local dst="${1}" local owner=${2-$(id -un)} local group=${3-$(id -gn)} local chmod=${4-644} local _reply="" local do_eval=1 local variant="" local pos_args=("$0") for i in "$@"; do case $i in --no-eval) do_eval=0; shift ;; --variant=*) variant=":${i#*=}"; shift ;; *) pos_args+=("$i") ;; esac done info_msg "install: ${dst}" local dst="${pos_args[1]}" local template_origin="${TEMPLATES}${dst}${variant}" local template_file="${TEMPLATES}${dst}" local owner="${pos_args[2]-$(id -un)}" local group="${pos_args[3]-$(id -gn)}" local chmod="${pos_args[4]-644}" if [[ ! -f "${TEMPLATES}${dst}" ]] ; then err_msg "${TEMPLATES}${dst} does not exists" err_msg "... can't install $dst / exit installation with error 42" info_msg "install (eval=$do_eval): ${dst}" [[ ! -z $variant ]] && info_msg "variant: ${variant}" if [[ ! -f "${template_origin}" ]] ; then err_msg "${template_origin} does not exists" err_msg "... can't install $dst" wait_key 30 return 42 fi local template_file="${TEMPLATES}${dst}" if [[ "$do_eval" == "1" ]]; then template_file="${CACHE}${dst}${variant}" info_msg "BUILD template ${template_file}" if [[ -f "${TEMPLATES}${dst}" ]] ; then template_file="${CACHE}${dst}" if [[ ! -z ${SUDO_USER} ]]; then sudo -u "${SUDO_USER}" mkdir -p "$(dirname "${template_file}")" else mkdir -p "$(dirname "${template_file}")" fi # shellcheck disable=SC2086 eval "echo \"$(cat ${TEMPLATES}${dst})\"" > "${template_file}" else err_msg "failed ${template_file}" return 42 eval "echo \"$(cat ${template_origin})\"" > "${template_file}" if [[ ! -z ${SUDO_USER} ]]; then chown "${SUDO_USER}:${SUDO_USER}" "${template_file}" fi else template_file=$template_origin fi mkdir -p "$(dirname "${dst}")" Loading @@ -325,7 +349,7 @@ install_template() { return 0 fi info_msg "file ${dst} allready exists on this host" info_msg "diffrent file ${dst} allready exists on this host" while true; do choose_one _reply "choose next step with file $dst" \ Loading @@ -349,7 +373,10 @@ install_template() { echo "// exit with CTRL-D" sudo -H -u "${owner}" -i $DIFF_CMD "${dst}" "${template_file}" if ask_yn "did you edit ${template_file} to your needs?"; then echo echo "did you edit file ..." printf " ${template_file}" if ask_yn "... to your needs?"; then break fi ;; Loading Loading @@ -384,21 +411,27 @@ apache_reload() { apache_install_site() { # usage: apache_install_site [--no-eval] <mysite.conf> # usage: apache_install_site [<template option> ...] <mysite.conf> # # <template option>: see install_template local no_eval="" local CONF="$1" local template_opts=() local pos_args=("$0") if [[ "$1" == "--no-eval" ]]; then no_eval=$1; shift fi for i in "$@"; do case $i in -*) template_opts+=("$i");; *) pos_args+=("$i");; esac done # shellcheck disable=SC2086 install_template $no_eval "${APACHE_SITES_AVAILABE}/${CONF}" root root 644 install_template "${template_opts[@]}" \ "${APACHE_SITES_AVAILABE}/${pos_args[1]}" \ root root 644 apache_enable_site "${CONF}" apache_enable_site "${pos_args[1]}" apache_reload info_msg "installed apache site: ${CONF}" info_msg "installed apache site: ${pos_args[1]}" } apache_enable_site() { Loading Loading @@ -438,20 +471,24 @@ uWSGI_app_available() { uWSGI_install_app() { # usage: uWSGI_install_app [--no-eval] <myapp.ini> # usage: uWSGI_install_app [<template option> ...] <myapp.ini> # # <template option>: see install_template local no_eval="" local CONF="$1" for i in "$@"; do case $i in -*) template_opts+=("$i");; *) pos_args+=("$i");; esac done if [[ "$1" == "--no-eval" ]]; then no_eval=$1; shift fi install_template "${template_opts[@]}" \ "${uWSGI_SETUP}/apps-available/${pos_args[1]}" \ root root 644 # shellcheck disable=SC2086 install_template $no_eval "${uWSGI_SETUP}/apps-available/${CONF}" root root 644 uWSGI_enable_app "${CONF}" uWSGI_enable_app "${pos_args[1]}" uWSGI_restart info_msg "installed uWSGI app: ${CONF}" info_msg "installed uWSGI app: ${pos_args[1]}" } uWSGI_remove_app() { Loading
utils/searx.sh +26 −16 Original line number Diff line number Diff line Loading @@ -32,8 +32,11 @@ SEARX_SRC="${SERVICE_HOME}/searx-src" SEARX_SETTINGS="${SEARX_SRC}/searx/settings.yml" SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(uname -n)}" SEARX_UWSGI_APP="searx.ini" SEARX_UWSGI_SOCKET="/run/uwsgi/app/searx/socket" APACHE_SITE="searx.conf" # Apache Settings SEARX_APACHE_URL="/searx" SEARX_APACHE_SITE="searx.conf" # shellcheck disable=SC2034 CONFIG_FILES=( Loading @@ -55,7 +58,7 @@ usage() { usage: $(basename "$0") shell $(basename "$0") install [all|user|pyenv|searx-src] $(basename "$0") install [all|user|pyenv|searx-src|apache] $(basename "$0") update [searx] $(basename "$0") remove [all|user|pyenv|searx-src] $(basename "$0") activate [service] Loading @@ -70,6 +73,7 @@ install / remove user: add/remove service user '$SERVICE_USER' at $SERVICE_HOME searx-src: clone $SEARX_GIT_URL pyenv: create/remove virtualenv (python) in $SEARX_PYENV apache: install apache site for searx-uwsgi app update searx Update searx installation of user ${SERVICE_USER} activate Loading Loading @@ -112,6 +116,7 @@ main() { user) assert_user ;; pyenv) create_pyenv ;; searx-src) clone_searx ;; apache) install_apache_site ;; *) usage "$_usage"; exit 42;; esac ;; update) Loading Loading @@ -175,16 +180,6 @@ install_all() { else err_msg "URL http://$SEARX_URL not available, check searx & uwsgi setup!" fi wait_key if apache_is_installed; then install_apache_site wait_key fi # ToDo ... # test_public_searx # info_msg "searX --> https://${SEARX_APACHE_DOMAIN}${SEARX_APACHE_URL}" } update_searx() { Loading Loading @@ -236,6 +231,11 @@ EOF remove_all() { rst_title "De-Install $SERVICE_NAME (service)" rst_para "\ It goes without saying that this script can only be used to remove installations that were installed with this script." if ! ask_yn "Do you really want to deinstall $SERVICE_NAME?"; then return fi Loading Loading @@ -491,10 +491,20 @@ show_service() { } install_apache_site() { rst_title "Install Apache site $APACHE_SITE" section rst_title "Install Apache site $SEARX_APACHE_SITE" rst_para "\ This installs the searx uwsgi app as apache site. If your server ist public to the internet you should instead use a reverse proxy (filtron) to block excessively bot queries." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then return fi echo err_msg "not yet implemented (${APACHE_SITE})"; return 42 # apache_install_site "${APACHE_SITE}" apache_install_site --variant=uwsgi "${SEARX_APACHE_SITE}" } # ---------------------------------------------------------------------------- Loading
utils/templates/etc/apache2/sites-available/searx.conf:uwsgi 0 → 100644 +25 −0 Original line number Diff line number Diff line # -*- coding: utf-8; mode: apache -*- <IfModule mod_uwsgi.c> # SetEnvIf Request_URI "${SEARX_APACHE_URL}" dontlog # CustomLog /dev/null combined env=dontlog <Location ${SEARX_APACHE_URL}> <IfModule mod_security2.c> SecRuleEngine Off </IfModule> Options FollowSymLinks Indexes SetHandler uwsgi-handler uWSGISocket ${SEARX_UWSGI_SOCKET} Order deny,allow Deny from all # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 Allow from all </Location> </IfModule>
Markus Heiser <markus.heiser@darmarit.de>Markus Heiser <markus.heiser@darmarit.de>