Install with nginx

further reading

• nginx

• nginx beginners guide

• nginx server configuration

• Getting Started wiki

• uWSGI support from nginx

---

Install A nginx searx site using filtron.sh

$ sudo -H ./utils/filtron.sh nginx install

Install A nginx searx site using morty.sh

$ sudo -H ./utils/morty.sh nginx install

---

The nginx HTTP server

If nginx is not installed (uwsgi will not work with the package nginx-light), install it now.

Ubuntu / debian

Arch Linux

Fedora / RHEL

sudo -H apt-get install nginx

sudo -H pacman -S nginx-mainline
sudo -H systemctl enable nginx
sudo -H systemctl start nginx

sudo -H dnf install nginx
sudo -H systemctl enable nginx
sudo -H systemctl start nginx

Now at http://localhost you should see a Welcome to nginx! page, on Fedora you see a Fedora Webserver - Test Page. The test page comes from the default nginx server configuration. How this default intro site is configured, depends on the linux distribution:

Ubuntu / debian

Arch Linux

Fedora / RHEL

less /etc/nginx/nginx.conf

there is a line including site configurations from:

include /etc/nginx/sites-enabled/*;

less /etc/nginx/nginx.conf

in there is a configuration section named server:

server {
    listen       80;
    server_name  localhost;
    # ...
}

less /etc/nginx/nginx.conf

there is a line including site configurations from:

include /etc/nginx/conf.d/*.conf;

A nginx searx site

public to the internet?

If your searx instance is public, stop here and first install filtron reverse proxy and result proxy morty, see Installation scripts. If already done, follow setup: searx via filtron plus morty.

Now you have to create a configuration for the searx site. If nginx is new to you, the nginx beginners guide is a good starting point and the Getting Started wiki is always a good resource to keep in the pocket.

Ubuntu / debian

Arch Linux

Fedora / RHEL

Create configuration at /etc/nginx/sites-available/searx and place a symlink to sites-enabled:

sudo -H ln -s /etc/nginx/sites-available/searx /etc/nginx/sites-enabled/searx

In the /etc/nginx/nginx.conf file, replace the configuration section named server.

Create configuration at /etc/nginx/conf.d/searx and place a symlink to sites-enabled:

searx via filtron plus morty

proxy or uWSGI

.. at subdir URL

Use this setup, if your instance is public to the internet, compare figure: architecture and Installation scripts.

1. Configure a reverse proxy for filtron, listening on localhost 4004 (Route request through filtron):

# https://example.org/searx

location /searx {
    proxy_pass         http://127.0.0.1:4004/;

    proxy_set_header   Host             $http_host;
    proxy_set_header   Connection       $http_connection;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header   X-Scheme         $scheme;
    proxy_set_header   X-Script-Name    /searx;
}

location /searx/static {
    /usr/local/searx/searx-src/searx/static;
}

2. Configure reverse proxy for morty, listening on localhost 3000:

# https://example.org/morty

location /morty {
    proxy_pass         http://127.0.0.1:3000/;

    proxy_set_header   Host             $http_host;
    proxy_set_header   Connection       $http_connection;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header   X-Scheme         $scheme;
}

Note that reverse proxy advised to be used in case of single-user or low-traffic instances. For a fully result proxification add morty’s public URL to your git://searx/settings.yml:

result_proxy:
    # replace example.org with your server's public name
    url : https://example.org/morty

server:
    image_proxy : True

Be warned, with this setup, your instance isn’t protected. Nevertheless it is good enough for intranet usage and it is a excellent example of; how different services can be set up. The next example shows a reverse proxy configuration wrapping the searx-uWSGI application, listening on http = 127.0.0.1:8888.

# https://hostname.local/

location / {
    proxy_pass http://127.0.0.1:8888;

    proxy_set_header Host $host;
    proxy_set_header Connection       $http_connection;
    proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header X-Scheme         $scheme;
    proxy_buffering                   off;
}

Alternatively you can use the uWSGI support from nginx via unix sockets. For socket communication, you have to activate socket = /run/uwsgi/app/searx/socket and comment out the http = 127.0.0.1:8888 configuration in your uwsgi ini file.

The example shows a nginx virtual server configuration, listening on port 80 (IPv4 and IPv6 http://[::]:80). The uWSGI app is configured at location / by importing the uwsgi_params and passing requests to the uWSGI socket (uwsgi_pass). The server's root points to the searx-src clone and wraps directly the git://searx/static/ content at location /static.

server {
    # replace hostname.local with your server's name
    server_name hostname.local;

    listen 80;
    listen [::]:80;

    location / {
        include uwsgi_params;
        uwsgi_pass unix:/run/uwsgi/app/searx/socket;
    }

    root /usr/local/searx/searx-src/searx;
    location /static { }
}

If not already exists, create a folder for the unix sockets, which can be used by the searx account:

mkdir -p /run/uwsgi/app/searx/
sudo -H chown -R searx:searx /run/uwsgi/app/searx/

Be warned, with these setups, your instance isn’t protected. The examples are just here to demonstrate how to export the searx application from a subdirectory URL https://example.org/searx/.

# https://hostname.local/searx

location /searx {
    proxy_pass http://127.0.0.1:8888;

    proxy_set_header Host $host;
    proxy_set_header Connection       $http_connection;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Scheme $scheme;
    proxy_set_header X-Script-Name /searx;
    proxy_buffering off;
}

location /searx/static {
    alias /usr/local/searx/searx-src/searx/static;
}

The X-Script-Name /searx is needed by the searx implementation to calculate relative URLs correct. The next example shows a uWSGI configuration. Since there are no HTTP headers in a (u)WSGI protocol, the value is shipped via the SCRIPT_NAME in the WSGI environment.

# https://hostname.local/searx

location /searx {
    uwsgi_param SCRIPT_NAME /searx;
    include uwsgi_params;
    uwsgi_pass unix:/run/uwsgi/app/searx/socket;
}

location /searx/static {
    alias /usr/local/searx/searx-src/searx;
}

For searx to work correctly the base_url must be set in the git://searx/settings.yml.

server:
    # replace example.org with your server's public name
    base_url : https://example.org/searx/

Restart service:

Ubuntu / debian

Arch Linux

Fedora

sudo -H systemctl restart nginx
sudo -H service uwsgi restart searx

sudo -H systemctl restart nginx
sudo -H systemctl restart uwsgi@searx

sudo -H systemctl restart nginx
sudo -H touch /etc/uwsgi.d/searx.ini

Disable logs

For better privacy you can disable nginx logs in /etc/nginx/nginx.conf.

http {
    # ...
    access_log /dev/null;
    error_log  /dev/null;
    # ...
}