version: '3.7' services: caddy: container_name: caddy image: caddy:2-alpine restart: on-failure network_mode: host volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro - caddy-data:/data:rw - caddy-config:/config:rw environment: - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-localhost} - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal} cap_drop: - ALL cap_add: - NET_BIND_SERVICE - DAC_OVERRIDE filtron: container_name: filtron image: dalf/filtron restart: always ports: - "127.0.0.1:4040:4040" - "127.0.0.1:4041:4041" networks: - searxng command: -listen 0.0.0.0:4040 -api 0.0.0.0:4041 -target searxng:8080 volumes: - ./rules.json:/etc/filtron/rules.json:rw read_only: true cap_drop: - ALL searxng: container_name: searxng image: searxng/searxng:latest restart: always networks: - searxng command: ${SEARXNG_COMMAND:-} volumes: - ./searxng:/etc/searxng:rw environment: - BIND_ADDRESS=0.0.0.0:8080 - BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/ - MORTY_URL=https://${SEARXNG_HOSTNAME:-localhost}/morty/ - MORTY_KEY=${MORTY_KEY} cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - DAC_OVERRIDE morty: container_name: morty image: dalf/morty restart: always ports: - "127.0.0.1:3000:3000" networks: - searxng command: -timeout 6 -ipv6 environment: - MORTY_KEY=${MORTY_KEY} - MORTY_ADDRESS=0.0.0.0:3000 logging: driver: none read_only: true cap_drop: - ALL networks: searxng: ipam: driver: default volumes: caddy-data: caddy-config: