utils/searx.sh: add apache site searx.conf:uwsgi

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
Markus Heiser 2020-01-21 18:38:57 +01:00
parent af2f58fc58
commit d171fcd56e
3 changed files with 132 additions and 60 deletions

View file

@ -274,41 +274,65 @@ install_template() {
# usage: # usage:
# #
# install_template [--no-eval] {file} [{owner} [{group} [{chmod}]]] # install_template [--no-eval] [--variant=<name>] \
# {file} [{owner} [{group} [{chmod}]]]
# #
# install_template --no-eval /etc/updatedb.conf root root 644 # E.g. the origin of variant 'raw' of /etc/updatedb.conf is::
#
# ${TEMPLATES}/etc/updatedb.conf:raw
#
# To install variant 'raw' of /etc/updatedb.conf without evaluated
# replacements you can use::
#
# install_template --variant=raw --no-eval \
# /etc/updatedb.conf root root 644
local do_eval=1
if [[ "$1" == "--no-eval" ]]; then
do_eval=0; shift
fi
local dst="${1}"
local owner=${2-$(id -un)}
local group=${3-$(id -gn)}
local chmod=${4-644}
local _reply="" local _reply=""
local do_eval=1
local variant=""
local pos_args=("$0")
info_msg "install: ${dst}" for i in "$@"; do
case $i in
--no-eval) do_eval=0; shift ;;
--variant=*) variant=":${i#*=}"; shift ;;
*) pos_args+=("$i") ;;
esac
done
if [[ ! -f "${TEMPLATES}${dst}" ]] ; then local dst="${pos_args[1]}"
err_msg "${TEMPLATES}${dst} does not exists" local template_origin="${TEMPLATES}${dst}${variant}"
err_msg "... can't install $dst / exit installation with error 42" local template_file="${TEMPLATES}${dst}"
local owner="${pos_args[2]-$(id -un)}"
local group="${pos_args[3]-$(id -gn)}"
local chmod="${pos_args[4]-644}"
info_msg "install (eval=$do_eval): ${dst}"
[[ ! -z $variant ]] && info_msg "variant: ${variant}"
if [[ ! -f "${template_origin}" ]] ; then
err_msg "${template_origin} does not exists"
err_msg "... can't install $dst"
wait_key 30 wait_key 30
return 42 return 42
fi fi
local template_file="${TEMPLATES}${dst}"
if [[ "$do_eval" == "1" ]]; then if [[ "$do_eval" == "1" ]]; then
template_file="${CACHE}${dst}${variant}"
info_msg "BUILD template ${template_file}" info_msg "BUILD template ${template_file}"
if [[ -f "${TEMPLATES}${dst}" ]] ; then if [[ ! -z ${SUDO_USER} ]]; then
template_file="${CACHE}${dst}" sudo -u "${SUDO_USER}" mkdir -p "$(dirname "${template_file}")"
mkdir -p "$(dirname "${template_file}")"
# shellcheck disable=SC2086
eval "echo \"$(cat ${TEMPLATES}${dst})\"" > "${template_file}"
else else
err_msg "failed ${template_file}" mkdir -p "$(dirname "${template_file}")"
return 42
fi fi
# shellcheck disable=SC2086
eval "echo \"$(cat ${template_origin})\"" > "${template_file}"
if [[ ! -z ${SUDO_USER} ]]; then
chown "${SUDO_USER}:${SUDO_USER}" "${template_file}"
fi
else
template_file=$template_origin
fi fi
mkdir -p "$(dirname "${dst}")" mkdir -p "$(dirname "${dst}")"
@ -325,7 +349,7 @@ install_template() {
return 0 return 0
fi fi
info_msg "file ${dst} allready exists on this host" info_msg "diffrent file ${dst} allready exists on this host"
while true; do while true; do
choose_one _reply "choose next step with file $dst" \ choose_one _reply "choose next step with file $dst" \
@ -349,7 +373,10 @@ install_template() {
echo "// exit with CTRL-D" echo "// exit with CTRL-D"
sudo -H -u "${owner}" -i sudo -H -u "${owner}" -i
$DIFF_CMD "${dst}" "${template_file}" $DIFF_CMD "${dst}" "${template_file}"
if ask_yn "did you edit ${template_file} to your needs?"; then echo
echo "did you edit file ..."
printf " ${template_file}"
if ask_yn "... to your needs?"; then
break break
fi fi
;; ;;
@ -384,21 +411,27 @@ apache_reload() {
apache_install_site() { apache_install_site() {
# usage: apache_install_site [--no-eval] <mysite.conf> # usage: apache_install_site [<template option> ...] <mysite.conf>
#
# <template option>: see install_template
local no_eval="" local template_opts=()
local CONF="$1" local pos_args=("$0")
if [[ "$1" == "--no-eval" ]]; then for i in "$@"; do
no_eval=$1; shift case $i in
fi -*) template_opts+=("$i");;
*) pos_args+=("$i");;
esac
done
# shellcheck disable=SC2086 install_template "${template_opts[@]}" \
install_template $no_eval "${APACHE_SITES_AVAILABE}/${CONF}" root root 644 "${APACHE_SITES_AVAILABE}/${pos_args[1]}" \
root root 644
apache_enable_site "${CONF}" apache_enable_site "${pos_args[1]}"
apache_reload apache_reload
info_msg "installed apache site: ${CONF}" info_msg "installed apache site: ${pos_args[1]}"
} }
apache_enable_site() { apache_enable_site() {
@ -438,20 +471,24 @@ uWSGI_app_available() {
uWSGI_install_app() { uWSGI_install_app() {
# usage: uWSGI_install_app [--no-eval] <myapp.ini> # usage: uWSGI_install_app [<template option> ...] <myapp.ini>
#
# <template option>: see install_template
local no_eval="" for i in "$@"; do
local CONF="$1" case $i in
-*) template_opts+=("$i");;
*) pos_args+=("$i");;
esac
done
if [[ "$1" == "--no-eval" ]]; then install_template "${template_opts[@]}" \
no_eval=$1; shift "${uWSGI_SETUP}/apps-available/${pos_args[1]}" \
fi root root 644
# shellcheck disable=SC2086 uWSGI_enable_app "${pos_args[1]}"
install_template $no_eval "${uWSGI_SETUP}/apps-available/${CONF}" root root 644
uWSGI_enable_app "${CONF}"
uWSGI_restart uWSGI_restart
info_msg "installed uWSGI app: ${CONF}" info_msg "installed uWSGI app: ${pos_args[1]}"
} }
uWSGI_remove_app() { uWSGI_remove_app() {

View file

@ -32,8 +32,11 @@ SEARX_SRC="${SERVICE_HOME}/searx-src"
SEARX_SETTINGS="${SEARX_SRC}/searx/settings.yml" SEARX_SETTINGS="${SEARX_SRC}/searx/settings.yml"
SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(uname -n)}" SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(uname -n)}"
SEARX_UWSGI_APP="searx.ini" SEARX_UWSGI_APP="searx.ini"
SEARX_UWSGI_SOCKET="/run/uwsgi/app/searx/socket"
APACHE_SITE="searx.conf" # Apache Settings
SEARX_APACHE_URL="/searx"
SEARX_APACHE_SITE="searx.conf"
# shellcheck disable=SC2034 # shellcheck disable=SC2034
CONFIG_FILES=( CONFIG_FILES=(
@ -55,7 +58,7 @@ usage() {
usage: usage:
$(basename "$0") shell $(basename "$0") shell
$(basename "$0") install [all|user|pyenv|searx-src] $(basename "$0") install [all|user|pyenv|searx-src|apache]
$(basename "$0") update [searx] $(basename "$0") update [searx]
$(basename "$0") remove [all|user|pyenv|searx-src] $(basename "$0") remove [all|user|pyenv|searx-src]
$(basename "$0") activate [service] $(basename "$0") activate [service]
@ -69,7 +72,8 @@ install / remove
all: complete (de-) installation of searx service all: complete (de-) installation of searx service
user: add/remove service user '$SERVICE_USER' at $SERVICE_HOME user: add/remove service user '$SERVICE_USER' at $SERVICE_HOME
searx-src: clone $SEARX_GIT_URL searx-src: clone $SEARX_GIT_URL
pyenv: create/remove virtualenv (python) in $SEARX_PYENV pyenv: create/remove virtualenv (python) in $SEARX_PYENV
apache: install apache site for searx-uwsgi app
update searx update searx
Update searx installation of user ${SERVICE_USER} Update searx installation of user ${SERVICE_USER}
activate activate
@ -112,6 +116,7 @@ main() {
user) assert_user ;; user) assert_user ;;
pyenv) create_pyenv ;; pyenv) create_pyenv ;;
searx-src) clone_searx ;; searx-src) clone_searx ;;
apache) install_apache_site ;;
*) usage "$_usage"; exit 42;; *) usage "$_usage"; exit 42;;
esac ;; esac ;;
update) update)
@ -175,16 +180,6 @@ install_all() {
else else
err_msg "URL http://$SEARX_URL not available, check searx & uwsgi setup!" err_msg "URL http://$SEARX_URL not available, check searx & uwsgi setup!"
fi fi
wait_key
if apache_is_installed; then
install_apache_site
wait_key
fi
# ToDo ...
# test_public_searx
# info_msg "searX --> https://${SEARX_APACHE_DOMAIN}${SEARX_APACHE_URL}"
} }
update_searx() { update_searx() {
@ -236,6 +231,11 @@ EOF
remove_all() { remove_all() {
rst_title "De-Install $SERVICE_NAME (service)" rst_title "De-Install $SERVICE_NAME (service)"
rst_para "\
It goes without saying that this script can only be used to remove
installations that were installed with this script."
if ! ask_yn "Do you really want to deinstall $SERVICE_NAME?"; then if ! ask_yn "Do you really want to deinstall $SERVICE_NAME?"; then
return return
fi fi
@ -491,10 +491,20 @@ show_service() {
} }
install_apache_site() { install_apache_site() {
rst_title "Install Apache site $APACHE_SITE" section rst_title "Install Apache site $SEARX_APACHE_SITE"
rst_para "\
This installs the searx uwsgi app as apache site. If your server ist public to
the internet you should instead use a reverse proxy (filtron) to block
excessively bot queries."
! apache_is_installed && err_msg "Apache is not installed."
if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then
return
fi
echo echo
err_msg "not yet implemented (${APACHE_SITE})"; return 42 apache_install_site --variant=uwsgi "${SEARX_APACHE_SITE}"
# apache_install_site "${APACHE_SITE}"
} }
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------

View file

@ -0,0 +1,25 @@
# -*- coding: utf-8; mode: apache -*-
<IfModule mod_uwsgi.c>
# SetEnvIf Request_URI "${SEARX_APACHE_URL}" dontlog
# CustomLog /dev/null combined env=dontlog
<Location ${SEARX_APACHE_URL}>
<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>
Options FollowSymLinks Indexes
SetHandler uwsgi-handler
uWSGISocket ${SEARX_UWSGI_SOCKET}
Order deny,allow
Deny from all
# Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
Allow from all
</Location>
</IfModule>