72cb934126 | ||
---|---|---|
searxng | ||
.env | ||
.gitignore | ||
Caddyfile | ||
LICENSE | ||
README.md | ||
docker-compose.yaml | ||
searxng-docker.service.template |
README.md
searxng-docker
Create a new SearXNG instance in five minutes using Docker
What is included ?
Name | Description | Docker image | Dockerfile |
---|---|---|---|
Caddy | Reverse proxy (create a LetsEncrypt certificate automatically) | docker.io/library/caddy:2-alpine | Dockerfile |
SearXNG | SearXNG by itself | docker.io/searxng/searxng:latest | Dockerfile |
Valkey | In-memory database | docker.io/valkey/valkey:7-alpine | Dockerfile |
How to use it
There are two ways to host SearXNG. The first one doesn't require any prior knowledge about self-hosting and thus is recommended for beginners. It includes caddy as a reverse proxy and automatically deals with the TLS certificates for you. The second one is recommended for more advanced users that already have their own reverse proxy (e.g. Nginx, HAProxy, ...) and probably some other services running on their machine. The first few steps are the same for both installation methods however.
- Install docker
- Get searxng-docker
cd /usr/local
git clone https://github.com/searxng/searxng-docker.git
cd searxng-docker
- Edit the .env file to set the hostname and an email
- Generate the secret key
sed -i "s|ultrasecretkey|$(openssl rand -hex 32)|g" searxng/settings.yml
- Edit searxng/settings.yml according to your needs
[!NOTE] On the first run, you must remove
cap_drop: - ALL
from thedocker-compose.yaml
file for thesearxng
service to successfully create/etc/searxng/uwsgi.ini
. This is necessary because thecap_drop: - ALL
directive removes all capabilities, including those required for the creation of theuwsgi.ini
file. After the first run, you should re-addcap_drop: - ALL
to thedocker-compose.yaml
file for security reasons.
[!NOTE] Windows users can use the following powershell script to generate the secret key:
$randomBytes = New-Object byte[] 32 (New-Object Security.Cryptography.RNGCryptoServiceProvider).GetBytes($randomBytes) $secretKey = -join ($randomBytes | ForEach-Object { "{0:x2}" -f $_ }) (Get-Content searxng/settings.yml) -replace 'ultrasecretkey', $secretKey | Set-Content searxng/settings.yml
Method 1: With Caddy included (recommended for beginners)
- Run SearXNG in the background:
docker compose up -d
Method 2: Bring your own reverse proxy (experienced users)
- Remove the caddy related parts in
docker-compose.yaml
such as the caddy service and its volumes. - Point your reverse proxy to the port set for the
searxng
service indocker-compose.yml
(8080 by default). - Generate and configure the required TLS certificates with the reverse proxy of your choice.
- Run SearXNG in the background:
docker compose up -d
[!NOTE] You can change the port
searxng
listens on inside the docker container (e.g. if you want to operate inhost
network mode) with theBIND_ADDRESS
environment variable (defaults to0.0.0.0:8080
). The environment variable can be set directly insidedocker-compose.yaml
.
Troubleshooting - How to access the logs
To access the logs from all the containers use: docker compose logs -f
.
To access the logs of one specific container:
- Caddy:
docker compose logs -f caddy
- SearXNG:
docker compose logs -f searxng
- Valkey:
docker compose logs -f redis
Start SearXNG with systemd
You can skip this step if you don't use systemd.
cp searxng-docker.service.template searxng-docker.service
- edit the content of
WorkingDirectory
in thesearxng-docker.service
file (only if the installation path is different from /usr/local/searxng-docker) - Install the systemd unit:
systemctl enable $(pwd)/searxng-docker.service systemctl start searxng-docker.service
Note on the image proxy feature
The SearXNG image proxy is activated by default.
The default Content-Security-Policy allow the browser to access to ${SEARXNG_HOSTNAME}
and https://*.tile.openstreetmap.org;
.
If some users want to disable the image proxy, you have to modify ./Caddyfile. Replace the img-src 'self' data: https://*.tile.openstreetmap.org;
by img-src * data:;
.
Multi Architecture Docker images
Supported architecture:
- amd64
- arm64
- arm/v7
How to update ?
To update the SearXNG stack:
git pull
docker compose pull
docker compose up -d
Or the old way (with the old docker-compose version):
git pull
docker-compose pull
docker-compose up -d