forked from Ponysearch/Ponysearch
[docs] move blog article "private engines" to admin/engines/
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
d965c63429
commit
f844282089
4 changed files with 50 additions and 66 deletions
|
@ -13,6 +13,7 @@ Engines & Settings
|
||||||
:maxdepth: 1
|
:maxdepth: 1
|
||||||
|
|
||||||
engine_settings
|
engine_settings
|
||||||
|
private-engines
|
||||||
recoll
|
recoll
|
||||||
sql-engines
|
sql-engines
|
||||||
command-line-engines
|
command-line-engines
|
||||||
|
|
49
docs/admin/engines/private-engines.rst
Normal file
49
docs/admin/engines/private-engines.rst
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
.. _private engines:
|
||||||
|
|
||||||
|
============================
|
||||||
|
Private Engines (``tokens``)
|
||||||
|
============================
|
||||||
|
|
||||||
|
Administrators might find themselves wanting to limit access to some of the
|
||||||
|
enabled engines on their instances. It might be because they do not want to
|
||||||
|
expose some private information through :ref:`offline engines`. Or they would
|
||||||
|
rather share engines only with their trusted friends or colleagues.
|
||||||
|
|
||||||
|
To solve this issue the concept of *private engines* exists.
|
||||||
|
|
||||||
|
|
||||||
|
A new option was added to engines named `tokens`. It expects a list of
|
||||||
|
strings. If the user making a request presents one of the tokens of an engine,
|
||||||
|
they can access information about the engine and make search requests.
|
||||||
|
|
||||||
|
Example configuration to restrict access to the Arch Linux Wiki engine:
|
||||||
|
|
||||||
|
.. code:: yaml
|
||||||
|
|
||||||
|
- name: arch linux wiki
|
||||||
|
engine: archlinux
|
||||||
|
shortcut: al
|
||||||
|
tokens: [ 'my-secret-token' ]
|
||||||
|
|
||||||
|
|
||||||
|
Unless a user has configured the right token, the engine is going
|
||||||
|
to be hidden from him/her. It is not going to be included in the
|
||||||
|
list of engines on the Preferences page and in the output of
|
||||||
|
`/config` REST API call.
|
||||||
|
|
||||||
|
Tokens can be added to one's configuration on the Preferences page
|
||||||
|
under "Engine tokens". The input expects a comma separated list of
|
||||||
|
strings.
|
||||||
|
|
||||||
|
The distribution of the tokens from the administrator to the users
|
||||||
|
is not carved in stone. As providing access to such engines
|
||||||
|
implies that the admin knows and trusts the user, we do not see
|
||||||
|
necessary to come up with a strict process. Instead,
|
||||||
|
we would like to add guidelines to the documentation of the feature.
|
||||||
|
|
||||||
|
|
||||||
|
Acknowledgment
|
||||||
|
==============
|
||||||
|
|
||||||
|
This development was sponsored by `Search and Discovery Fund
|
||||||
|
<https://nlnet.nl/discovery>`_ of `NLnet Foundation <https://nlnet.nl/>`_.
|
|
@ -7,5 +7,4 @@ Blog
|
||||||
:caption: Contents
|
:caption: Contents
|
||||||
|
|
||||||
lxcdev-202006
|
lxcdev-202006
|
||||||
private-engines
|
|
||||||
search-indexer-engines
|
search-indexer-engines
|
||||||
|
|
|
@ -1,65 +0,0 @@
|
||||||
==================================
|
|
||||||
Limit access to your searx engines
|
|
||||||
==================================
|
|
||||||
|
|
||||||
Administrators might find themselves wanting to limit access to some of the
|
|
||||||
enabled engines on their instances. It might be because they do not want to
|
|
||||||
expose some private information through an offline engine. Or they
|
|
||||||
would rather share engines only with their trusted friends or colleagues.
|
|
||||||
|
|
||||||
.. _private engines:
|
|
||||||
|
|
||||||
Private engines
|
|
||||||
===============
|
|
||||||
|
|
||||||
To solve this issue private engines were introduced in :pull-searx:`1823`.
|
|
||||||
A new option was added to engines named `tokens`. It expects a list
|
|
||||||
of strings. If the user making a request presents one of the tokens
|
|
||||||
of an engine, they can access information about the engine
|
|
||||||
and make search requests.
|
|
||||||
|
|
||||||
Example configuration to restrict access to the Arch Linux Wiki engine:
|
|
||||||
|
|
||||||
.. code:: yaml
|
|
||||||
|
|
||||||
- name : arch linux wiki
|
|
||||||
engine : archlinux
|
|
||||||
shortcut : al
|
|
||||||
tokens : [ 'my-secret-token' ]
|
|
||||||
|
|
||||||
|
|
||||||
Unless a user has configured the right token, the engine is going
|
|
||||||
to be hidden from him/her. It is not going to be included in the
|
|
||||||
list of engines on the Preferences page and in the output of
|
|
||||||
`/config` REST API call.
|
|
||||||
|
|
||||||
Tokens can be added to one's configuration on the Preferences page
|
|
||||||
under "Engine tokens". The input expects a comma separated list of
|
|
||||||
strings.
|
|
||||||
|
|
||||||
The distribution of the tokens from the administrator to the users
|
|
||||||
is not carved in stone. As providing access to such engines
|
|
||||||
implies that the admin knows and trusts the user, we do not see
|
|
||||||
necessary to come up with a strict process. Instead,
|
|
||||||
we would like to add guidelines to the documentation of the feature.
|
|
||||||
|
|
||||||
Next steps
|
|
||||||
==========
|
|
||||||
|
|
||||||
Now that searx has support for both offline engines and private engines,
|
|
||||||
it is possible to add concrete engines which benefit from these features.
|
|
||||||
For example engines which search on the local host running the instance.
|
|
||||||
Be it searching your file system or querying a private database. Be creative
|
|
||||||
and come up with new solutions which fit your use case.
|
|
||||||
|
|
||||||
Acknowledgement
|
|
||||||
===============
|
|
||||||
|
|
||||||
This development was sponsored by `Search and Discovery Fund`_ of `NLnet Foundation`_ .
|
|
||||||
|
|
||||||
.. _Search and Discovery Fund: https://nlnet.nl/discovery
|
|
||||||
.. _NLnet Foundation: https://nlnet.nl/
|
|
||||||
|
|
||||||
|
|
||||||
| Happy hacking.
|
|
||||||
| kvch // 2020.02.28 22:26
|
|
Loading…
Reference in a new issue