Hey guys what’s up, first post on Lemmy here. I tried to get a SearXNG instance to run on my home server but cannot seem to get it to work.

.env

# By default listen on https://localhost
# To change this:
# * uncomment SEARXNG_HOSTNAME, and replace  by the SearXNG hostname
# * uncomment LETSENCRYPT_EMAIL, and replace  by your email (require to create a Let's Encrypt certificate)

SEARXNG_HOSTNAME=search.xxxxx.com
# LETSENCRYPT_EMAIL=

docker-compose.yml

version: '3.7'

services:

#  caddy:
#    container_name: caddy
#    image: caddy:2-alpine
#    network_mode: host
#    volumes:
#      - ./Caddyfile:/etc/caddy/Caddyfile:ro
#      - caddy-data:/data:rw
#      - caddy-config:/config:rw
#    environment:
#      - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost:80}
#      - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
#    cap_drop:
#      - ALL
#    cap_add:
#      - NET_BIND_SERVICE

  redis:
    container_name: redis
    image: "redis:alpine"
    command: redis-server --save "" --appendonly "no"
    networks:
      - searxng
    tmpfs:
      - /var/lib/redis
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
      - DAC_OVERRIDE
    restart: always

  searxng:
    container_name: searxng
    image: searxng/searxng:latest
    networks:
      - searxng
    ports:
     - "127.0.0.1:8181:8080"
    volumes:
      - ./searxng:/etc/searxng:rw
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"
    restart: always
networks:
  searxng:
    ipam:
      driver: default

#volumes:
#  caddy-data:
#  caddy-config:

settings.yml

# see https://docs.searxng.org/admin/engines/settings.html#use-default-settings
use_default_settings: true
server:
  # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
  secret_key: "THE_SECRET_KEY"  # change this!
  limiter: true  # can be disabled for a private instance
  image_proxy: true
ui:
  static_use_hash: true
redis:
  url: redis://redis:6379/0

I commented out the caddy stuff in the docker-compose.yml as I have an extra instance of caddy that handles all the reverse proxy and cert stuff. Even if I run this with caddy not commented out I get the same errors.

Logs

SearXNG version 2023.8.8+b8352eca0
Create /etc/searxng/uwsgi.ini
cp: can't create '/etc/searxng/uwsgi.ini': Permission denied
sed: /etc/searxng/uwsgi.ini: No such file or directory
Use existing /etc/searxng/settings.yml
Listen on 0.0.0.0:8080
realpath() of /etc/searxng/uwsgi.ini failed: No such file or directory [core/utils.c line 3662]
SearXNG version 2023.8.8+b8352eca0
Create /etc/searxng/uwsgi.ini
cp: can't create '/etc/searxng/uwsgi.ini': Permission denied
sed: /etc/searxng/uwsgi.ini: No such file or directory
Use existing /etc/searxng/settings.yml
Listen on 0.0.0.0:8080
realpath() of /etc/searxng/uwsgi.ini failed: No such file or directory [core/utils.c line 3662]
SearXNG version 2023.8.8+b8352eca0

Any help is appreciated. This doesn’t seem to be a common error out there as there is not much info on the web.

Thanks and have a good day!

  • Morethanevil@lmy.mymte.de
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    There are 2 lines “cap drop”

    You need to comment them out for the first start

    The files are created, then remove outcommenting and restart again

    You can use my docker-compose.yml

    Start it and the stop it. Remove then the # on line 30 and 31. Start up again ☺️

  • pnutzh4x0r@lemmy.ndlug.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Do you have a searxng folder in the same folder as your docker-compose.yml? If so, perhaps it is not mounting inside the container properly.

    • DeltaTangoLima@reddrefuge.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      OP - this is the correct (first) thing to check. Looks like the bind mount for ./searxng isn’t working as expected, inside the running container. It may have created an empty file of the same name there instead.

  • Terrasque@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Looks like searxng is running under a user, which don’t have access to /etc/searxng

    Try start a root shell in searxng container and chmod 777 /etc/searxng