So I got to talking to another user here about this. This isn't a "how to" per se, as I have very limited experience with this (last few hours). I'm not endorsing this but I thought it was pretty interesting for the privacy minded. There's apparently some youtube videos on setting some of this up. I've not watched any of them, so for better, for worse, everything below was whipped up in my own head.
ZitatAlles anzeigenhttps://searx.github.io/searx/
Searx is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. Additionally, searx can be used over Tor for online anonymity.
Get started with searx by using one of the Searx-instances. If you don’t trust anyone, you can set up your own, see Installation.
(A lot more at that link if you want to do some reading)
Think of it as a self hosted search engine. Following is a basic docker set up of this container, and then a reverse proxy through swag so it can be used outside your network if you desire.
I couldn't really find a simple docker-compose for the container, so I made one. I figure many here are using Portainer and Stacks, so this would be easiest. Only thing you really need to adjust, is 1 volume. Think of this as searx's "/config" directory.
---
version: "2.1"
services:
searx:
image: searx/searx
container_name: searx
##network_mode: swag_default
environment:
- BASE_URL=http://localhost:/
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- INSTANCE_NAME=searx
- SEARX_SETTINGS_PATH=/etc/searx/settings.yml
- UWSGI_SETTINGS_PATH=/etc/searx/uwsgi.ini
volumes:
- /path/to/searx:/etc/searx ##Adjust
- /etc/localtime:/etc/localtime:ro
ports:
- 8090:8080
restart: unless-stoppedOnce you're done, you can use this at your.local.ip:8090 (i changed it from the default 8080, as I have 8080 in use)
If you want to reverse proxy it with swag... here's a simple subdomain.conf for it. Adjust lines 37/38 for your system. I'm assuming most now how to set one of these up, but if you need help, just ask.
# Conf Sample to be used by SWAG Reverse Proxy for access via HTTPS to OpenMediaVault.yourdomain.url
# Example: 'h**ps://omv.yoursubdomain.duckdns.org/'
# If 2 or more instances of OMV are running on the same network, it is necessary to create a .conf
# to each one, with different names and pointing to the proper IPs.
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name searx.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
# enable for Authelia
#include /config/nginx/authelia-server.conf;
#
location / {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
# enable for Authelia
#include /config/nginx/authelia-location.conf;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_app 192.168.1.146;
set $upstream_port 8090;
set $upstream_proto http;
proxy_pass $upstream_proto://$upstream_app:$upstream_port;
access_log off;
}
}I then set up the subdomain for searx through my domain and restarted swag. Depending on how you have swag set up, it might pull a new cert.
Lastly, I went back to the searx stack, and adjusted my network_mode, and removed the # signs from that line. I then redeployed the searx stack.
Then I could access searx at https://searx.my-domain.url . Main benefit of this of course, is you'd be able to use "your" search engine, while off your network.
Speed.. it seems fine to me (I've got it running on a virtual machine right now, but I'm going to deploy it on hardware in a bit). Just some basic searching, it returned results I would expect.
