forked from Ponysearch/Ponysearch
[mod] document server:public_instance & remove it out of the botdetection
- the option server:public_instance lacks some documentation - the processing of this option belongs in the limiter and not in botdetection module Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
fd814aac86
commit
d13a8f6453
4 changed files with 29 additions and 9 deletions
|
@ -12,6 +12,7 @@
|
||||||
bind_address: "127.0.0.1"
|
bind_address: "127.0.0.1"
|
||||||
secret_key: "ultrasecretkey" # change this!
|
secret_key: "ultrasecretkey" # change this!
|
||||||
limiter: false
|
limiter: false
|
||||||
|
public_instance: false
|
||||||
image_proxy: false
|
image_proxy: false
|
||||||
default_http_headers:
|
default_http_headers:
|
||||||
X-Content-Type-Options : nosniff
|
X-Content-Type-Options : nosniff
|
||||||
|
@ -20,7 +21,6 @@
|
||||||
X-Robots-Tag : noindex, nofollow
|
X-Robots-Tag : noindex, nofollow
|
||||||
Referrer-Policy : no-referrer
|
Referrer-Policy : no-referrer
|
||||||
|
|
||||||
|
|
||||||
``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>`
|
``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>`
|
||||||
The base URL where SearXNG is deployed. Used to create correct inbound links.
|
The base URL where SearXNG is deployed. Used to create correct inbound links.
|
||||||
If you change the value, don't forget to rebuild instance's environment
|
If you change the value, don't forget to rebuild instance's environment
|
||||||
|
@ -40,6 +40,16 @@
|
||||||
Rate limit the number of request on the instance, block some bots. The
|
Rate limit the number of request on the instance, block some bots. The
|
||||||
:ref:`limiter` requires a :ref:`settings redis` database.
|
:ref:`limiter` requires a :ref:`settings redis` database.
|
||||||
|
|
||||||
|
.. _public_instance:
|
||||||
|
|
||||||
|
``public_instance`` :
|
||||||
|
|
||||||
|
Setting that allows to enable features specifically for public instances (not
|
||||||
|
needed for local usage). By set to ``true`` the following features are
|
||||||
|
activated:
|
||||||
|
|
||||||
|
- :py:obj:`searx.botdetection.link_token` in the :ref:`limiter`
|
||||||
|
|
||||||
.. _image_proxy:
|
.. _image_proxy:
|
||||||
|
|
||||||
``image_proxy`` :
|
``image_proxy`` :
|
||||||
|
|
|
@ -108,5 +108,6 @@ else:
|
||||||
if settings['server']['public_instance']:
|
if settings['server']['public_instance']:
|
||||||
logger.warning(
|
logger.warning(
|
||||||
"Be aware you have activated features intended only for public instances. "
|
"Be aware you have activated features intended only for public instances. "
|
||||||
+ "This force the usage of the bot limiter and link_token plugins."
|
"This force the usage of the limiter and link_token / "
|
||||||
|
"see https://docs.searxng.org/admin/searx.limiter.html"
|
||||||
)
|
)
|
||||||
|
|
|
@ -45,7 +45,6 @@ from ipaddress import (
|
||||||
|
|
||||||
import flask
|
import flask
|
||||||
import werkzeug
|
import werkzeug
|
||||||
from searx import settings
|
|
||||||
|
|
||||||
from searx import redisdb
|
from searx import redisdb
|
||||||
from searx.redislib import incr_sliding_window, drop_counter
|
from searx.redislib import incr_sliding_window, drop_counter
|
||||||
|
@ -109,7 +108,7 @@ def filter_request(
|
||||||
if c > API_MAX:
|
if c > API_MAX:
|
||||||
return too_many_requests(network, "too many request in API_WINDOW")
|
return too_many_requests(network, "too many request in API_WINDOW")
|
||||||
|
|
||||||
if settings['server']['public_instance'] or cfg['botdetection.ip_limit.link_token']:
|
if cfg['botdetection.ip_limit.link_token']:
|
||||||
|
|
||||||
suspicious = link_token.is_suspicious(network, request, True)
|
suspicious = link_token.is_suspicious(network, request, True)
|
||||||
|
|
||||||
|
|
|
@ -211,23 +211,33 @@ def pre_request():
|
||||||
|
|
||||||
|
|
||||||
def is_installed():
|
def is_installed():
|
||||||
|
"""Returns ``True`` if limiter is active and a redis DB is available."""
|
||||||
return _INSTALLED
|
return _INSTALLED
|
||||||
|
|
||||||
|
|
||||||
def initialize(app: flask.Flask, settings):
|
def initialize(app: flask.Flask, settings):
|
||||||
"""Instal the botlimiter aka limiter"""
|
"""Install the limiter"""
|
||||||
global _INSTALLED # pylint: disable=global-statement
|
global _INSTALLED # pylint: disable=global-statement
|
||||||
if not settings['server']['limiter'] and not settings['server']['public_instance']:
|
|
||||||
|
if not (settings['server']['limiter'] or settings['server']['public_instance']):
|
||||||
return
|
return
|
||||||
|
|
||||||
redis_client = redisdb.client()
|
redis_client = redisdb.client()
|
||||||
if not redis_client:
|
if not redis_client:
|
||||||
logger.error(
|
logger.error(
|
||||||
"The limiter requires Redis, please consult the documentation: "
|
"The limiter requires Redis, please consult the documentation: "
|
||||||
+ "https://docs.searxng.org/admin/searx.botdetection.html#limiter"
|
"https://docs.searxng.org/admin/searx.limiter.html"
|
||||||
)
|
)
|
||||||
if settings['server']['public_instance']:
|
if settings['server']['public_instance']:
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
return
|
return
|
||||||
botdetection.init(get_cfg(), redis_client)
|
|
||||||
app.before_request(pre_request)
|
|
||||||
_INSTALLED = True
|
_INSTALLED = True
|
||||||
|
|
||||||
|
cfg = get_cfg()
|
||||||
|
if settings['server']['public_instance']:
|
||||||
|
# overwrite limiter.toml setting
|
||||||
|
cfg.set('botdetection.ip_limit.link_token', True)
|
||||||
|
|
||||||
|
botdetection.init(cfg, redis_client)
|
||||||
|
app.before_request(pre_request)
|
||||||
|
|
Loading…
Reference in a new issue