[mod] document server:public_instance & remove it out of the botdetection

- the option server:public_instance lacks some documentation
- the processing of this option belongs in the limiter and not
  in botdetection module

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
Markus Heiser 2023-10-02 18:29:58 +02:00 committed by Markus Heiser
parent fd814aac86
commit d13a8f6453
4 changed files with 29 additions and 9 deletions

View file

@ -12,6 +12,7 @@
bind_address: "127.0.0.1" bind_address: "127.0.0.1"
secret_key: "ultrasecretkey" # change this! secret_key: "ultrasecretkey" # change this!
limiter: false limiter: false
public_instance: false
image_proxy: false image_proxy: false
default_http_headers: default_http_headers:
X-Content-Type-Options : nosniff X-Content-Type-Options : nosniff
@ -20,7 +21,6 @@
X-Robots-Tag : noindex, nofollow X-Robots-Tag : noindex, nofollow
Referrer-Policy : no-referrer Referrer-Policy : no-referrer
``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>` ``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>`
The base URL where SearXNG is deployed. Used to create correct inbound links. The base URL where SearXNG is deployed. Used to create correct inbound links.
If you change the value, don't forget to rebuild instance's environment If you change the value, don't forget to rebuild instance's environment
@ -40,6 +40,16 @@
Rate limit the number of request on the instance, block some bots. The Rate limit the number of request on the instance, block some bots. The
:ref:`limiter` requires a :ref:`settings redis` database. :ref:`limiter` requires a :ref:`settings redis` database.
.. _public_instance:
``public_instance`` :
Setting that allows to enable features specifically for public instances (not
needed for local usage). By set to ``true`` the following features are
activated:
- :py:obj:`searx.botdetection.link_token` in the :ref:`limiter`
.. _image_proxy: .. _image_proxy:
``image_proxy`` : ``image_proxy`` :

View file

@ -108,5 +108,6 @@ else:
if settings['server']['public_instance']: if settings['server']['public_instance']:
logger.warning( logger.warning(
"Be aware you have activated features intended only for public instances. " "Be aware you have activated features intended only for public instances. "
+ "This force the usage of the bot limiter and link_token plugins." "This force the usage of the limiter and link_token / "
"see https://docs.searxng.org/admin/searx.limiter.html"
) )

View file

@ -45,7 +45,6 @@ from ipaddress import (
import flask import flask
import werkzeug import werkzeug
from searx import settings
from searx import redisdb from searx import redisdb
from searx.redislib import incr_sliding_window, drop_counter from searx.redislib import incr_sliding_window, drop_counter
@ -109,7 +108,7 @@ def filter_request(
if c > API_MAX: if c > API_MAX:
return too_many_requests(network, "too many request in API_WINDOW") return too_many_requests(network, "too many request in API_WINDOW")
if settings['server']['public_instance'] or cfg['botdetection.ip_limit.link_token']: if cfg['botdetection.ip_limit.link_token']:
suspicious = link_token.is_suspicious(network, request, True) suspicious = link_token.is_suspicious(network, request, True)

View file

@ -211,23 +211,33 @@ def pre_request():
def is_installed(): def is_installed():
"""Returns ``True`` if limiter is active and a redis DB is available."""
return _INSTALLED return _INSTALLED
def initialize(app: flask.Flask, settings): def initialize(app: flask.Flask, settings):
"""Instal the botlimiter aka limiter""" """Install the limiter"""
global _INSTALLED # pylint: disable=global-statement global _INSTALLED # pylint: disable=global-statement
if not settings['server']['limiter'] and not settings['server']['public_instance']:
if not (settings['server']['limiter'] or settings['server']['public_instance']):
return return
redis_client = redisdb.client() redis_client = redisdb.client()
if not redis_client: if not redis_client:
logger.error( logger.error(
"The limiter requires Redis, please consult the documentation: " "The limiter requires Redis, please consult the documentation: "
+ "https://docs.searxng.org/admin/searx.botdetection.html#limiter" "https://docs.searxng.org/admin/searx.limiter.html"
) )
if settings['server']['public_instance']: if settings['server']['public_instance']:
sys.exit(1) sys.exit(1)
return return
botdetection.init(get_cfg(), redis_client)
app.before_request(pre_request)
_INSTALLED = True _INSTALLED = True
cfg = get_cfg()
if settings['server']['public_instance']:
# overwrite limiter.toml setting
cfg.set('botdetection.ip_limit.link_token', True)
botdetection.init(cfg, redis_client)
app.before_request(pre_request)