diff --git a/.env b/.env index d61ff1153a85aa76ca41540940cff4737d4463b2..125455dd48ca589b2f11151f31fa2990ae20bf44 100644 --- a/.env +++ b/.env @@ -1,15 +1,11 @@ SPOT_HOSTNAME=spot.ecloud.global -SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global SPOT_DOCKER_TAG=latest -SPOT_NGINX_DOCKER_TAG=latest SEARX_MORTY_URL=https://localhost:8089 SEARX_SECRET=":@)%NN0+OqNdy:{prWQlZ{p9|oO9p-UyJq@%V!~G:arrSx6fXz.{jd%=XF44ncj" -SEARX_MORTY_KEY="taKB1WGTa63LEI6RdjWWKshS4oYSHQWGu9Eyjr1OlpQ=" SEARX_REDIS_HOST=redis SEARX_UI_DEFAULT_THEME=etheme SEARX_PROXY_HTTP=socks5h://tor-socks-proxy:9150 SEARX_PROXY_HTTPS=socks5h://tor-socks-proxy:9150 FILTRON_PORT=8088 -MORTY_PORT=8089 NODE_NAME=local CI_REGISTRY_IMAGE=registry.gitlab.e.foundation/e/infra/spot \ No newline at end of file diff --git a/.env.prod b/.env.prod index 969758dc8b3d4f5af784e8eab158bcf7d1ad9d4b..e78fc9739abdb934bf6ed2914c6a70ced2816292 100644 --- a/.env.prod +++ b/.env.prod @@ -1,17 +1,12 @@ SPOT_HOSTNAME=spot.ecloud.global -SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global SPOT_DOCKER_TAG=latest -SPOT_NGINX_DOCKER_TAG=latest -SEARX_MORTY_URL=https://localhost:8089 SEARX_SECRET="SECRET2BEREPLACED" -SEARX_MORTY_KEY="KEY2BEREPLACED" SEARX_REDIS_HOST=redis SEARX_UI_DEFAULT_THEME=etheme SEARX_PROXY_HTTP=http://proxy01.ecloud.global:1099 SEARX_PROXY_HTTPS=http://proxy01.ecloud.global:1099 WIREGUARD_IP=127.0.0.1 FILTRON_PORT=8088 -MORTY_PORT=8089 INTERNAL_NETWORK_NAME=default NODE_NAME=spot11 CI_REGISTRY_IMAGE=image diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2852d4abd613c79dd8775bb5d9ef67f0cc6ac307..aa6c0b2e4b1343a0bb45cc14a7aaabddde15045d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -36,8 +36,6 @@ build:web: - docker tag $CI_REGISTRY_IMAGE/env base-env-image - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG . - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG - - docker build -t $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG -f nginx.Dockerfile . - - docker push $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG build:docker: extends: .build:docker @@ -49,8 +47,6 @@ build:docker:tags: - docker tag $CI_REGISTRY_IMAGE/env base-env-image - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG . - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG - - docker build -t $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG -f nginx.Dockerfile . - - docker push $CI_REGISTRY_IMAGE/nginx:$CI_COMMIT_REF_SLUG only: - tags @@ -85,33 +81,24 @@ deploy:spot.eeo.one.backend1: variables: DOCKER_HOST: ssh://${SSH_USER}@${BACKEND1_HOST} SPOT_HOSTNAME: spot.eeo.one - SPOT_MORTY_HOSTNAME: proxy.spot.eeo.one - SEARX_MORTY_URL: https://proxy.spot.eeo.one SEARX_PROXY_HTTP: http://proxy01.ecloud.global:1099 SEARX_PROXY_HTTPS: http://proxy01.ecloud.global:1099 COMPOSE_PROJECT_NAME: staging-spot SPOT_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} - SPOT_NGINX_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} WIREGUARD_IP: ${BACKEND1_WG_IP} NODE_NAME: ${NODE_NAME} INTERNAL_NETWORK_NAME: staging-spot-default FILTRON_PORT: 8088 - MORTY_PORT: 8089 script: - echo "Deploying to $CI_ENVIRONMENT_NAME ($SSH_USER@$BACKEND1_HOST - $BACKEND1_WG_IP - $WIREGUARD_IP)" - ssh $SSH_USER@$BACKEND1_HOST "cd /mnt/repo-base/staging-spot && git reset --hard && git clean -xfdf && git pull && rm .env && mv .env.prod .env && rm docker-compose.yml && mv docker-compose.prod.yml docker-compose.yml" - ssh $SSH_USER@$BACKEND1_HOST "cd /mnt/repo-base/staging-spot && sed -i 's/SPOT_HOSTNAME=spot.ecloud.global/SPOT_HOSTNAME=$SPOT_HOSTNAME/g' .env - && sed -i 's/SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global/SPOT_MORTY_HOSTNAME=$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SPOT_DOCKER_TAG=latest/SPOT_DOCKER_TAG=$SPOT_DOCKER_TAG/g' .env - && sed -i 's/SPOT_NGINX_DOCKER_TAG=latest/SPOT_NGINX_DOCKER_TAG=$SPOT_NGINX_DOCKER_TAG/g' .env - && sed -i 's/localhost:8089/$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SECRET2BEREPLACED/$SEARX_SECRET/g' .env - && sed -i 's/KEY2BEREPLACED/$SEARX_MORTY_KEY/g' .env && sed -i 's/proxy01.ecloud.global/proxy01.ecloud.global/g' .env && sed -i 's/WIREGUARD_IP=127.0.0.1/WIREGUARD_IP=$WIREGUARD_IP/g' .env && sed -i 's/FILTRON_PORT=8088/FILTRON_PORT=$FILTRON_PORT/g' .env - && sed -i 's/MORTY_PORT=8089/MORTY_PORT=$MORTY_PORT/g' .env && sed -i 's/INTERNAL_NETWORK_NAME=default/INTERNAL_NETWORK_NAME=$INTERNAL_NETWORK_NAME/g' .env && sed -i 's/NODE_NAME=spot11/NODE_NAME=$NODE_NAME/g' .env && sed -i 's|CI_REGISTRY_IMAGE=image|CI_REGISTRY_IMAGE=$CI_REGISTRY_IMAGE|g' .env @@ -128,33 +115,24 @@ deploy:spot.eeo.one.backend2: variables: DOCKER_HOST: ssh://${SSH_USER}@${BACKEND2_HOST} SPOT_HOSTNAME: spot.eeo.one - SPOT_MORTY_HOSTNAME: proxy.spot.eeo.one - SEARX_MORTY_URL: https://proxy.spot.eeo.one SEARX_PROXY_HTTP: http://proxy02.ecloud.global:1099 SEARX_PROXY_HTTPS: http://proxy02.ecloud.global:1099 COMPOSE_PROJECT_NAME: staging-spot SPOT_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} - SPOT_NGINX_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} WIREGUARD_IP: ${BACKEND2_WG_IP} INTERNAL_NETWORK_NAME: staging-spot-default NODE_NAME: ${NODE_NAME} FILTRON_PORT: 8088 - MORTY_PORT: 8089 script: - echo "Deploying to $CI_ENVIRONMENT_NAME ($SSH_USER@$BACKEND2_HOST - $BACKEND2_WG_IP - $WIREGUARD_IP)" - ssh $SSH_USER@$BACKEND2_HOST "cd /mnt/repo-base/staging-spot && git reset --hard && git clean -xfdf && git pull && rm .env && mv .env.prod .env && rm docker-compose.yml && mv docker-compose.prod.yml docker-compose.yml" - ssh $SSH_USER@$BACKEND2_HOST "cd /mnt/repo-base/staging-spot && sed -i 's/SPOT_HOSTNAME=spot.ecloud.global/SPOT_HOSTNAME=$SPOT_HOSTNAME/g' .env - && sed -i 's/SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global/SPOT_MORTY_HOSTNAME=$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SPOT_DOCKER_TAG=latest/SPOT_DOCKER_TAG=$SPOT_DOCKER_TAG/g' .env - && sed -i 's/SPOT_NGINX_DOCKER_TAG=latest/SPOT_NGINX_DOCKER_TAG=$SPOT_NGINX_DOCKER_TAG/g' .env - && sed -i 's/localhost:8089/$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SECRET2BEREPLACED/$SEARX_SECRET/g' .env - && sed -i 's/KEY2BEREPLACED/$SEARX_MORTY_KEY/g' .env && sed -i 's/proxy01.ecloud.global/proxy02.ecloud.global/g' .env && sed -i 's/WIREGUARD_IP=127.0.0.1/WIREGUARD_IP=$WIREGUARD_IP/g' .env && sed -i 's/FILTRON_PORT=8088/FILTRON_PORT=$FILTRON_PORT/g' .env - && sed -i 's/MORTY_PORT=8089/MORTY_PORT=$MORTY_PORT/g' .env && sed -i 's/INTERNAL_NETWORK_NAME=default/INTERNAL_NETWORK_NAME=$INTERNAL_NETWORK_NAME/g' .env && sed -i 's/NODE_NAME=spot11/NODE_NAME=$NODE_NAME/g' .env && sed -i 's|CI_REGISTRY_IMAGE=image|CI_REGISTRY_IMAGE=$CI_REGISTRY_IMAGE|g' .env @@ -170,33 +148,24 @@ deploy:spot.ecloud.global.backend1: variables: DOCKER_HOST: ssh://${SSH_USER}@${BACKEND1_HOST} SPOT_HOSTNAME: spot.ecloud.global - SPOT_MORTY_HOSTNAME: proxy.spot.ecloud.global - SEARX_MORTY_URL: https://proxy.spot.ecloud.global SEARX_PROXY_HTTP: http://proxy01.ecloud.global:1099 SEARX_PROXY_HTTPS: http://proxy01.ecloud.global:1099 COMPOSE_PROJECT_NAME: production-spot SPOT_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} - SPOT_NGINX_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} WIREGUARD_IP: ${BACKEND1_WG_IP} INTERNAL_NETWORK_NAME: spot-default NODE_NAME: ${NODE_NAME} FILTRON_PORT: 8098 - MORTY_PORT: 8099 script: - echo "Deploying to $CI_ENVIRONMENT_NAME ($SSH_USER@$BACKEND1_HOST - $BACKEND1_WG_IP - $WIREGUARD_IP)" - ssh $SSH_USER@$BACKEND1_HOST "cd /mnt/repo-base/production-spot && git reset --hard && git clean -xfdf && git pull && rm .env && mv .env.prod .env && rm docker-compose.yml && mv docker-compose.prod.yml docker-compose.yml" - ssh $SSH_USER@$BACKEND1_HOST "cd /mnt/repo-base/production-spot && sed -i 's/SPOT_HOSTNAME=spot.ecloud.global/SPOT_HOSTNAME=$SPOT_HOSTNAME/g' .env - && sed -i 's/SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global/SPOT_MORTY_HOSTNAME=$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SPOT_DOCKER_TAG=latest/SPOT_DOCKER_TAG=$SPOT_DOCKER_TAG/g' .env - && sed -i 's/SPOT_NGINX_DOCKER_TAG=latest/SPOT_NGINX_DOCKER_TAG=$SPOT_NGINX_DOCKER_TAG/g' .env - && sed -i 's/localhost:8089/$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SECRET2BEREPLACED/$SEARX_SECRET/g' .env - && sed -i 's/KEY2BEREPLACED/$SEARX_MORTY_KEY/g' .env && sed -i 's/proxy01.ecloud.global/proxy01.ecloud.global/g' .env && sed -i 's/WIREGUARD_IP=127.0.0.1/WIREGUARD_IP=$WIREGUARD_IP/g' .env && sed -i 's/FILTRON_PORT=8088/FILTRON_PORT=$FILTRON_PORT/g' .env - && sed -i 's/MORTY_PORT=8089/MORTY_PORT=$MORTY_PORT/g' .env && sed -i 's/INTERNAL_NETWORK_NAME=default/INTERNAL_NETWORK_NAME=$INTERNAL_NETWORK_NAME/g' .env && sed -i 's/NODE_NAME=spot11/NODE_NAME=$NODE_NAME/g' .env && sed -i 's|CI_REGISTRY_IMAGE=image|CI_REGISTRY_IMAGE=$CI_REGISTRY_IMAGE|g' .env @@ -212,33 +181,24 @@ deploy:spot.ecloud.global.backend2: variables: DOCKER_HOST: ssh://${SSH_USER}@${BACKEND2_HOST} SPOT_HOSTNAME: spot.ecloud.global - SPOT_MORTY_HOSTNAME: proxy.spot.ecloud.global - SEARX_MORTY_URL: https://proxy.spot.ecloud.global SEARX_PROXY_HTTP: http://proxy02.ecloud.global:1099 SEARX_PROXY_HTTPS: http://proxy02.ecloud.global:1099 COMPOSE_PROJECT_NAME: production-spot SPOT_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} - SPOT_NGINX_DOCKER_TAG: ${CI_COMMIT_REF_SLUG} WIREGUARD_IP: ${BACKEND2_WG_IP} INTERNAL_NETWORK_NAME: spot-default NODE_NAME: ${NODE_NAME} FILTRON_PORT: 8098 - MORTY_PORT: 8099 script: - echo "Deploying to $CI_ENVIRONMENT_NAME ($SSH_USER@$BACKEND2_HOST - $BACKEND2_WG_IP - $WIREGUARD_IP)" - ssh $SSH_USER@$BACKEND2_HOST "cd /mnt/repo-base/production-spot && git reset --hard && git clean -xfdf && git pull && rm .env && mv .env.prod .env && rm docker-compose.yml && mv docker-compose.prod.yml docker-compose.yml" - ssh $SSH_USER@$BACKEND2_HOST "cd /mnt/repo-base/production-spot && sed -i 's/SPOT_HOSTNAME=spot.ecloud.global/SPOT_HOSTNAME=$SPOT_HOSTNAME/g' .env - && sed -i 's/SPOT_MORTY_HOSTNAME=proxy.spot.ecloud.global/SPOT_MORTY_HOSTNAME=$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SPOT_DOCKER_TAG=latest/SPOT_DOCKER_TAG=$SPOT_DOCKER_TAG/g' .env - && sed -i 's/SPOT_NGINX_DOCKER_TAG=latest/SPOT_NGINX_DOCKER_TAG=$SPOT_NGINX_DOCKER_TAG/g' .env - && sed -i 's/localhost:8089/$SPOT_MORTY_HOSTNAME/g' .env && sed -i 's/SECRET2BEREPLACED/$SEARX_SECRET/g' .env - && sed -i 's/KEY2BEREPLACED/$SEARX_MORTY_KEY/g' .env && sed -i 's/proxy01.ecloud.global/proxy02.ecloud.global/g' .env && sed -i 's/WIREGUARD_IP=127.0.0.1/WIREGUARD_IP=$WIREGUARD_IP/g' .env && sed -i 's/FILTRON_PORT=8088/FILTRON_PORT=$FILTRON_PORT/g' .env - && sed -i 's/MORTY_PORT=8089/MORTY_PORT=$MORTY_PORT/g' .env && sed -i 's/INTERNAL_NETWORK_NAME=default/INTERNAL_NETWORK_NAME=$INTERNAL_NETWORK_NAME/g' .env && sed -i 's/NODE_NAME=spot11/NODE_NAME=$NODE_NAME/g' .env && sed -i 's|CI_REGISTRY_IMAGE=image|CI_REGISTRY_IMAGE=$CI_REGISTRY_IMAGE|g' .env diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index e4d82b3a4908c301b6eee347dcc7569e917b1959..768f3721cf2885651209431ad34f10d3e94e0b40 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -28,8 +28,6 @@ services: - ${INTERNAL_NETWORK_NAME} environment: SEARX_SECRET: "${SEARX_SECRET}" - SEARX_MORTY_URL: "${SEARX_MORTY_URL}" - SEARX_MORTY_KEY: "${SEARX_MORTY_KEY}" SEARX_PROXY_HTTP: "${SEARX_PROXY_HTTP}" SEARX_PROXY_HTTPS: "${SEARX_PROXY_HTTPS}" SEARX_REDIS_HOST: "${SEARX_REDIS_HOST}" @@ -39,17 +37,17 @@ services: NODE_NAME: "${NODE_NAME}" spot-nginx: - image: ${CI_REGISTRY_IMAGE}/nginx:${SPOT_NGINX_DOCKER_TAG} - # container_name: spot-nginx - build: - context: . - dockerfile: nginx.Dockerfile + image: nginx:1.21 + # container_name: spot-nginx logging: *default-logging restart: always networks: - ${INTERNAL_NETWORK_NAME} - environment: - SEARX_MORTY_URL: "${SEARX_MORTY_URL}" + volumes: + - ./etc/nginx/conf.d/spot.conf:/etc/nginx/conf.d/default.conf + - ./etc/nginx/nginx.conf:/etc/nginx/nginx.conf + - ./etc/nginx/proxy_spot_params:/etc/nginx/proxy_spot_params + - ./searx/static:/var/www/spot/static filtron: image: dalf/filtron:latest @@ -64,20 +62,6 @@ services: volumes: - ./etc/filtron/rules.json:/etc/filtron/rules.json - morty: - image: dalf/morty:latest - logging: *default-logging - restart: always - networks: - - ${INTERNAL_NETWORK_NAME} - - spot-wireguarded - ports: - - ${WIREGUARD_IP}:${MORTY_PORT}:3000 - environment: - DEBUG: "false" - MORTY_ADDRESS: ":3000" - MORTY_KEY: "${SEARX_MORTY_KEY}" - networks: staging-spot-default: diff --git a/docker-compose.yml b/docker-compose.yml index e11fe17936386ce3fb24db237e72012c32a6b71f..e65492a6e4a3f8482a0a8ed47ab6f079cf3a24c6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,8 +23,6 @@ services: restart: unless-stopped environment: SEARX_SECRET: "${SEARX_SECRET}" - SEARX_MORTY_URL: "${SEARX_MORTY_URL}" - SEARX_MORTY_KEY: "${SEARX_MORTY_KEY}" SEARX_PROXY_HTTP: "${SEARX_PROXY_HTTP}" SEARX_PROXY_HTTPS: "${SEARX_PROXY_HTTPS}" SEARX_REDIS_HOST: "${SEARX_REDIS_HOST}" @@ -33,40 +31,16 @@ services: GUNICORN_LEVEL: INFO NODE_NAME: ${NODE_NAME} - spot-nginx: - image: ${CI_REGISTRY_IMAGE}/nginx:${SPOT_NGINX_DOCKER_TAG} - build: - context: . - dockerfile: nginx.Dockerfile - logging: *default-logging - restart: unless-stopped - environment: - SEARX_MORTY_URL: "${SEARX_MORTY_URL}" - filtron: image: dalf/filtron:latest logging: *default-logging restart: unless-stopped - command: -listen :3000 -rules /etc/filtron/rules.json -target spot-nginx + command: -listen :3000 -rules /etc/filtron/rules.json -target spot ports: - ${FILTRON_PORT}:3000 volumes: - ./etc/filtron/rules.json:/etc/filtron/rules.json - morty: - image: dalf/morty:latest - logging: *default-logging - restart: unless-stopped - ports: - - ${MORTY_PORT}:3000 - environment: - DEBUG: "false" - MORTY_ADDRESS: ":3000" - MORTY_KEY: "${SEARX_MORTY_KEY}" - tor-socks-proxy: - image: peterdavehello/tor-socks-proxy:latest - logging: *default-logging - restart: unless-stopped diff --git a/etc/filtron/rules.json b/etc/filtron/rules.json index a0313b2c87466d6470e6d02be8d3799026813433..73f53b3b421a9b4fd7fd831bc228caa01b870cae 100644 --- a/etc/filtron/rules.json +++ b/etc/filtron/rules.json @@ -6,7 +6,8 @@ "actions": [{ "name": "log"}] }, { - "name": "IP limit, all paths", + "name": "IP limit, all paths except image proxy", + "filters": ["Param:url", "Path=^(!image_proxy)$"], "interval": 3, "limit": 25, "aggregations": ["Header:X-Forwarded-For"], @@ -16,7 +17,8 @@ ] }, { - "name": "useragent limit, all paths", + "name": "useragent limit, all paths except image_proxy", + "filters": ["Param:url", "Path=^(!image_proxy)$"], "interval": 30, "limit": 200, "aggregations": ["Header:X-Forwarded-For", "Header:User-Agent"], diff --git a/etc/nginx/conf.d/spot.conf b/etc/nginx/conf.d/spot.conf index a95b5aa6b48c0468f61e44c6fcc6f855707a5d9c..424966b8983c827f63b3b98d8d6d702701bf4931 100644 --- a/etc/nginx/conf.d/spot.conf +++ b/etc/nginx/conf.d/spot.conf @@ -15,7 +15,7 @@ server { server_name _; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; - add_header Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' __SEARX_MORTY_URL__ data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"; + add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data:; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"; add_header X-Frame-Options "SAMEORIGIN"; root /var/www/spot; diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf new file mode 100644 index 0000000000000000000000000000000000000000..235b9309d7a253b00a30421c44be554c95ddc7b2 --- /dev/null +++ b/etc/nginx/nginx.conf @@ -0,0 +1,32 @@ + +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$remote_addr"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/nginx-docker-entrypoint.sh b/nginx-docker-entrypoint.sh deleted file mode 100755 index 2025241031a63d2bcff036d8e67fd5a424c83b8f..0000000000000000000000000000000000000000 --- a/nginx-docker-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -set -e - -if [ -n "$SEARX_MORTY_URL" ]; then - sed -i 's!__SEARX_MORTY_URL__!'$SEARX_MORTY_URL'!g' /etc/nginx/conf.d/default.conf -fi - -exec "$@" diff --git a/nginx.Dockerfile b/nginx.Dockerfile deleted file mode 100644 index 9492e112cd72bb4f3b97ee74b63a3c33432cc9e7..0000000000000000000000000000000000000000 --- a/nginx.Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM nginx:1.17.6-alpine - -COPY etc/nginx/conf.d/spot.conf /etc/nginx/conf.d/default.conf -COPY etc/nginx/proxy_spot_params /etc/nginx/proxy_spot_params -RUN sed -i 's!http_x_forwarded_for!remote_addr!g' /etc/nginx/nginx.conf -COPY --chown=nginx:nginx searx/static /var/www/spot/static -COPY nginx-docker-entrypoint.sh /docker-entrypoint.sh - -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["nginx", "-g", "daemon off;"] diff --git a/searx/templates/etheme/result_templates/images.html b/searx/templates/etheme/result_templates/images.html index 56c0b277287a819458de8b8590dd0d7486bf104e..07a919f8bda3d7c4c70bfed008bf27fcc8e112ae 100644 --- a/searx/templates/etheme/result_templates/images.html +++ b/searx/templates/etheme/result_templates/images.html @@ -1,4 +1,4 @@ - {{ result.title|striptags }} + {{ result.title|striptags }} diff --git a/searx/templates/etheme/result_templates/videos.html b/searx/templates/etheme/result_templates/videos.html index a7b831d61a1205a8af1cc801f346ec7f7d4df8a1..d89032a5391482b16dfeba94d415fc45784fa625 100644 --- a/searx/templates/etheme/result_templates/videos.html +++ b/searx/templates/etheme/result_templates/videos.html @@ -2,7 +2,7 @@
- {{ result.title|striptags }} {{ result.engine }} + {{ result.title|striptags }} {{ result.engine }}
{{ result_header(result, favicons, False) }} diff --git a/searx/webapp.py b/searx/webapp.py index 4ad9072474de4f126593b23ae4817858f6b8d2ae..6716756de40932dada5021bb1b25b5219ef8bfcb 100755 --- a/searx/webapp.py +++ b/searx/webapp.py @@ -662,6 +662,15 @@ def search(): if 'url' in result: result['pretty_url'] = prettify_url(result['url']) + if 'thumbnail' in result: + result['thumbnail'] = image_proxify(result['thumbnail']) + + if 'thumbnail_src' in result: + result['thumbnail_src'] = image_proxify(result['thumbnail_src']) + + if 'img_src' in result: + result['img_src'] = image_proxify(result['img_src']) + # TODO, check if timezone is calculated right if result.get('publishedDate'): # do not try to get a date from an empty string or a None type try: # test if publishedDate >= 1900 (datetime module bug)