Commit dea00dcc authored by Nicolas Gelot's avatar Nicolas Gelot
Browse files

Package spot for production

Ref: #33
parent 443c45a9
......@@ -4,10 +4,6 @@
*/*/*/*~
*/*/*/*/*~
# Git
.git
.gitignore
# CI
.codeclimate.yml
.travis.yml
......
SPOT_HOSTNAME=localhost
SPOT_DOCKER_IMG=registry.gitlab.e.foundation:5000/e/cloud/my-spot
SPOT_DOCKER_TAG=latest
SPOT_NGINX_DOCKER_IMG=registry.gitlab.e.foundation:5000/e/cloud/my-spot/nginx
SPOT_NGINX_DOCKER_TAG=latest
FROM alpine:3.10
ENTRYPOINT ["/sbin/tini","--","/usr/local/searx/dockerfiles/docker-entrypoint.sh"]
EXPOSE 8080
VOLUME /etc/searx
VOLUME /var/log/uwsgi
FROM registry.gitlab.e.foundation:5000/e/cloud/my-spot/env as builder
ARG VERSION_GITCOMMIT=unknown
ARG SEARX_GIT_VERSION=unknown
COPY . /src/
RUN pip install --force-reinstall --prefix /install /src
ARG SEARX_GID=977
ARG SEARX_UID=977
RUN addgroup -g ${SEARX_GID} searx && \
adduser -u ${SEARX_UID} -D -h /usr/local/searx -s /bin/sh -G searx searx
FROM python:3.8-alpine
LABEL maintainer="spot <https://gitlab.e.foundation/e/cloud/my-spot/>"
LABEL description="A privacy-respecting, hackable metasearch engine."
ARG TIMESTAMP_SETTINGS=0
ARG TIMESTAMP_UWSGI=0
ARG LABEL_VCS_REF=
ARG LABEL_VCS_URL=
RUN apk add ca-certificates libxslt py3-gunicorn
ENV INSTANCE_NAME=searx \
AUTOCOMPLETE= \
BASE_URL= \
MORTY_KEY= \
MORTY_URL=
COPY --from=builder /install/ /usr/local/
WORKDIR /usr/local/searx
EXPOSE 80
STOPSIGNAL SIGINT
COPY requirements.txt ./requirements.txt
RUN apk upgrade --no-cache \
&& apk add --no-cache -t build-dependencies \
build-base \
py3-setuptools \
python3-dev \
libffi-dev \
libxslt-dev \
libxml2-dev \
openssl-dev \
tar \
git \
&& apk add --no-cache \
ca-certificates \
su-exec \
python3 \
libxml2 \
libxslt \
openssl \
tini \
uwsgi \
uwsgi-python3 \
&& pip3 install --upgrade pip \
&& pip3 install --no-cache -r requirements.txt \
&& apk del build-dependencies
COPY --chown=searx:searx . .
RUN su searx -c "/usr/bin/python3 -m compileall -q searx"; \
touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml; \
touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini; \
if [ ! -z $VERSION_GITCOMMIT ]; then\
echo "VERSION_STRING = VERSION_STRING + \"-$VERSION_GITCOMMIT\"" >> /usr/local/searx/searx/version.py; \
fi
# Keep this argument at the end since it change each time
ARG LABEL_DATE=
LABEL maintainer="searx <https://github.com/asciimoo/searx>" \
description="A privacy-respecting, hackable metasearch engine." \
version="${SEARX_GIT_VERSION}" \
org.label-schema.schema-version="1.0" \
org.label-schema.name="searx" \
org.label-schema.version="${SEARX_GIT_VERSION}" \
org.label-schema.url="${LABEL_VCS_URL}" \
org.label-schema.vcs-ref=${LABEL_VCS_REF} \
org.label-schema.vcs-url=${LABEL_VCS_URL} \
org.label-schema.build-date="${LABEL_DATE}" \
org.label-schema.usage="https://github.com/searx/searx-docker"
ENV PYTHONPATH="/usr/local/lib/python3.8/site-packages"
CMD ["gunicorn", "-w", "1", "-b", "0.0.0.0:80", "searx.webapp:app"]
version: '3.6'
services:
spot:
image: ${SPOT_DOCKER_IMG}:${SPOT_DOCKER_TAG}
nginx:
image: ${SPOT_NGINX_DOCKER_IMG}:${SPOT_NGINX_DOCKER_TAG}
version: '3.6'
x-logging:
&default-logging
options:
max-size: '1g'
max-file: '5'
driver: json-file
services:
spot:
build: .
logging: *default-logging
restart: unless-stopped
environment:
SEARX_SECRET: ":@)%NN0+OqNdy:{prWQlZ{p9|oO9p-UyJq@%V!~G:arrSx6fXz.{jd%=XF44ncj"
GUNICORN_LOGGER: 1
GUNICORN_LEVEL: INFO
nginx:
build:
context: .
dockerfile: nginx.Dockerfile
logging: *default-logging
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.spot.rule=Host(`${SPOT_HOSTNAME}`)"
- "traefik.http.routers.spot.entrypoints=websecure"
- "traefik.http.routers.spot.tls.certresolver=spotchallenge"
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.spot-ratelimit.ratelimit.average=50"
- "traefik.http.middlewares.spot-ratelimit.ratelimit.burst=20"
traefik:
image: "traefik:v2.1.2"
logging: *default-logging
restart: unless-stopped
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.spotchallenge.acme.tlschallenge=true"
- "--certificatesresolvers.spotchallenge.acme.email=contact@e.email"
- "--certificatesresolvers.spotchallenge.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
volumes:
letsencrypt:
FROM python:3.8-alpine
COPY requirements.txt requirements-dev.txt /
RUN apk add build-base git libxml2-dev libxslt-dev libffi-dev openssl-dev npm \
&& pip install -r /requirements.txt \
&& pip install -r /requirements-dev.txt \
&& rm -f /requirements.txt /requirements-dev.txt
server {
listen 80;
server_name _;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
root /var/www/spot;
location / {
try_files $uri @searx;
}
location @searx {
proxy_pass http://spot:80;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
}
FROM nginx:1.17.6-alpine
COPY etc/nginx/conf.d/spot.conf /etc/nginx/conf.d/default.conf
COPY --chown=nginx:nginx searx/static /var/www/spot/static
......@@ -78,7 +78,14 @@ if searx_debug:
else:
logging.basicConfig(level=logging.WARNING)
logger = logging.getLogger('searx')
logger = logging.getLogger("searx")
if "GUNICORN_LOGGER" in environ:
logger = logging.getLogger()
gunicorn_logger = logging.getLogger("gunicorn.error")
logger.handlers = gunicorn_logger.handlers
logger.setLevel(environ.get("GUNICORN_LEVEL", "INFO"))
logger.debug('read configuration from %s', settings_path)
# Workaround for openssl versions <1.0.2
# https://github.com/certifi/python-certifi/issues/26
......
general:
debug : False # Debug mode, only for development
instance_name : "searx" # displayed name
instance_name : "/e/ spot" # displayed name
search:
safe_search : 0 # Filter results. 0: None, 1: Moderate, 2: Strict
autocomplete : "" # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "startpage", "wikipedia" - leave blank to turn it off by default
autocomplete : "duckduckgo" # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", "startpage", "wikipedia" - leave blank to turn it off by default
ban_time_on_fail : 5 # ban time in seconds after engine errors
max_ban_time_on_fail : 120 # max ban time in seconds after engine errors
server:
port : 8888
bind_address : "127.0.0.1" # address to listen on
port : 80
bind_address : "0.0.0.0" # address to listen on
secret_key : "ultrasecretkey" # change this!
base_url : False # Set custom base_url. Possible values: False or "https://your.custom.host/location/"
image_proxy : False # Proxying image results through searx
......@@ -19,7 +19,7 @@ server:
ui:
static_path : "" # Custom static path - leave it blank if you didn't change
templates_path : "" # Custom templates path - leave it blank if you didn't change
default_theme : oscar # ui theme
default_theme : eelo # ui theme
default_locale : "" # Default interface locale - leave blank to detect from browser information or use codes from the 'locales' config section
theme_args :
oscar_style : logicodev # default style of oscar
......@@ -95,6 +95,7 @@ engines:
- name : bing images
engine : bing_images
shortcut : bii
disabled: True
- name : bing news
engine : bing_news
......@@ -103,6 +104,7 @@ engines:
- name : bing videos
engine : bing_videos
shortcut : biv
disabled: True
- name : bitbucket
engine : xpath
......@@ -119,6 +121,7 @@ engines:
- name : btdigg
engine : btdigg
shortcut : bt
disabled : True
- name : ccc-tv
engine : xpath
......@@ -301,6 +304,7 @@ engines:
- name : google videos
engine : google_videos
shortcut : gov
disabled : True
- name : google scholar
engine : xpath
......@@ -399,6 +403,7 @@ engines:
base_url : 'https://invidio.us/'
shortcut: iv
timeout : 5.0
disabled : True
- name: kickass
engine : kickass
......@@ -488,6 +493,7 @@ engines:
- name : openstreetmap
engine : openstreetmap
shortcut : osm
disabled : True
- name : openrepos
engine : xpath
......@@ -511,12 +517,14 @@ engines:
- name : photon
engine : photon
shortcut : ph
disabled : True
- name : piratebay
engine : piratebay
shortcut : tpb
url: https://pirateproxy.red/
timeout : 3.0
disabled: True
- name : pubmed
engine : pubmed
......@@ -623,6 +631,7 @@ engines:
shortcut : tor
url: https://torrentz2.eu/
timeout : 3.0
disabled: True
- name : twitter
engine : twitter
......@@ -756,6 +765,7 @@ engines:
shortcut : speu
engine : seedpeer
categories: files, music, videos
disabled: True
# - name : yacy
# engine : yacy
......
......@@ -16,11 +16,15 @@ along with searx. If not, see < http://www.gnu.org/licenses/ >.
(C) 2013- by Adam Tauber, <asciimoo@gmail.com>
'''
# version of searx
VERSION_MAJOR = 0
VERSION_MINOR = 15
VERSION_BUILD = 0
from pkg_resources import get_distribution, DistributionNotFound
VERSION_STRING = "{0}.{1}.{2}".format(VERSION_MAJOR,
VERSION_MINOR,
VERSION_BUILD)
try:
VERSION_STRING = get_distribution("searx").version
except DistributionNotFound:
VERSION_STRING = "0.0.0"
try:
SEARX_VERSION, METADATA_VERSION = VERSION_STRING.split("+")
except ValueError:
SEARX_VERSION = VERSION_STRING
METADATA_VERSION = ""
......@@ -4,27 +4,15 @@
from setuptools import setup
from setuptools import find_packages
import os
import sys
# required to load VERSION_STRING constant
sys.path.insert(0, './searx')
from version import VERSION_STRING
with open('README.rst') as f:
long_description = f.read()
with open('requirements.txt') as f:
requirements = [ l.strip() for l in f.readlines()]
with open('requirements-dev.txt') as f:
dev_requirements = [ l.strip() for l in f.readlines()]
requirements = open('requirements.txt').read().splitlines()
dev_requirements = open('requirements-dev.txt').read().splitlines()
setup(
name='searx',
version=VERSION_STRING,
use_scm_version={"tag_regex": r"^(?:[\w-]+-)?(?P<version>[vV]?\d+(?:\.\d+){0,2}.*)$"},
description="A privacy-respecting, hackable metasearch engine",
long_description=long_description,
long_description=open('README.rst').read(),
classifiers=[
"Development Status :: 4 - Beta",
"Programming Language :: Python",
......@@ -41,6 +29,7 @@ setup(
packages=find_packages(exclude=["tests*"]),
zip_safe=False,
install_requires=requirements,
setup_requires=["setuptools_scm"],
extras_require={
'test': dev_requirements
},
......@@ -52,9 +41,6 @@ setup(
package_data={
'searx': [
'settings.yml',
'../README.rst',
'../requirements.txt',
'../requirements-dev.txt',
'data/*',
'plugins/*/*',
'static/*.*',
......@@ -64,11 +50,7 @@ setup(
'static/*/*/*/*/*.*',
'templates/*/*.*',
'templates/*/*/*.*',
'tests/*',
'tests/*/*',
'tests/*/*/*',
'translations/*/*/*'
],
},
)
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment