#!/usr/bin/env bash # -*- coding: utf-8; mode: sh indent-tabs-mode: nil -*- # SPDX-License-Identifier: AGPL-3.0-or-later # shellcheck disable=SC2001 # shellcheck source=utils/lib.sh source "$(dirname "${BASH_SOURCE[0]}")/lib.sh" source_dot_config # ---------------------------------------------------------------------------- # config # ---------------------------------------------------------------------------- SEARX_INTERNAL_URL="${SEARX_INTERNAL_URL:-127.0.0.1:8888}" SEARX_URL_PATH="${SEARX_URL_PATH:-$(echo "${PUBLIC_URL}" \ | sed -e 's,^.*://[^/]*\(/.*\),\1,g')}" [[ "${SEARX_URL_PATH}" == "${PUBLIC_URL}" ]] && SEARX_URL_PATH=/ SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(echo "$PUBLIC_URL" \ | sed -e 's,^.*://\([^\:/]*\).*,\1,g') }" SERVICE_NAME="searx" SERVICE_USER="${SERVICE_USER:-${SERVICE_NAME}}" SERVICE_HOME_BASE="${SERVICE_HOME_BASE:-/usr/local}" SERVICE_HOME="${SERVICE_HOME_BASE}/${SERVICE_USER}" # shellcheck disable=SC2034 SERVICE_GROUP="${SERVICE_USER}" SEARX_GIT_URL="${SEARX_GIT_URL:-https://github.com/asciimoo/searx.git}" SEARX_GIT_BRANCH="${SEARX_GIT_BRANCH:-master}" SEARX_PYENV="${SERVICE_HOME}/searx-pyenv" SEARX_SRC="${SERVICE_HOME}/searx-src" SEARX_SETTINGS_PATH="/etc/searx/settings.yml" SEARX_UWSGI_APP="searx.ini" # shellcheck disable=SC2034 SEARX_UWSGI_SOCKET="/run/uwsgi/app/searx/socket" case $DIST_ID in ubuntu|debian) # apt packages SEARX_PACKAGES="\ python3-dev python3-babel python3-venv \ uwsgi uwsgi-plugin-python3 \ git build-essential libxslt-dev zlib1g-dev libffi-dev libssl-dev " ;; arch) # pacman packages # FIXME: # - /usr/lib/uwsgi/http_plugin.so: cannot open shared object file: No such file or directory !!! # - /usr/lib/uwsgi/systemd_logger_plugin.so: cannot open shared object file: No such file or directory !!! SEARX_PACKAGES="\ python python-pip python-lxml python-babel \ uwsgi uwsgi-plugin-python \ git base-devel libxml2 " ;; fedora) # dnf packages SEARX_PACKAGES="\ python python-pip python-lxml python-babel \ uwsgi uwsgi-plugin-python3 \ git @development-tools libxml2 " ;; esac # Apache Settings APACHE_APT_PACKAGES="\ libapache2-mod-uwsgi \ " APACHE_SEARX_SITE="searx.conf" # shellcheck disable=SC2034 CONFIG_FILES=( "${uWSGI_APPS_AVAILABLE}/${SEARX_UWSGI_APP}" ) # shellcheck disable=SC2034 CONFIG_BACKUP_ENCRYPTED=( "${SEARX_SETTINGS_PATH}" ) # ---------------------------------------------------------------------------- usage() { # ---------------------------------------------------------------------------- # shellcheck disable=SC1117 cat <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} git checkout -B "$SEARX_GIT_BRANCH" git pull ${SEARX_SRC}/manage.sh update_packages EOF install_settings uWSGI_restart "$SEARX_UWSGI_APP" } remove_all() { rst_title "De-Install $SEARX_INSTANCE_NAME (service)" rst_para "\ It goes without saying that this script can only be used to remove installations that were installed with this script." if ! ask_yn "Do you really want to deinstall $SEARX_INSTANCE_NAME?"; then return fi remove_searx_uwsgi drop_service_account "${SERVICE_USER}" remove_settings wait_key if service_is_available "${PUBLIC_URL}"; then MSG="** Don't forgett to remove your public site! (${PUBLIC_URL}) **" wait_key 10 fi } assert_user() { rst_title "user $SERVICE_USER" section echo tee_stderr 1 </dev/null)" if [[ ! "${SERVICE_HOME}" ]]; then err_msg "to clone searx sources, user $SERVICE_USER hast to be created first" return 42 fi export SERVICE_HOME git_clone "$REPO_ROOT" "$SEARX_SRC" \ "$SEARX_GIT_BRANCH" "$SERVICE_USER" pushd "${SEARX_SRC}" > /dev/null tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd "${SEARX_SRC}" git remote set-url origin ${SEARX_GIT_URL} git config user.email "$ADMIN_EMAIL" git config user.name "$ADMIN_NAME" git config --list EOF popd > /dev/null } install_settings() { rst_title "${SEARX_SETTINGS_PATH}" section if ! clone_is_available; then err_msg "you have to install searx first" exit 42 fi mkdir -p "$(dirname ${SEARX_SETTINGS_PATH})" if [[ ! -f ${SEARX_SETTINGS_PATH} ]]; then info_msg "install settings ${REPO_ROOT}/searx/settings.yml" info_msg " --> ${SEARX_SETTINGS_PATH}" cp "${REPO_ROOT}/searx/settings.yml" "${SEARX_SETTINGS_PATH}" configure_searx return fi rst_para "Diff between origin's setting file (-) and current (+):" echo $DIFF_CMD "${SEARX_SRC}/searx/settings.yml" "${SEARX_SETTINGS_PATH}" local action choose_one action "What should happen to the settings file? " \ "keep new configuration" \ "start interactiv shell" case $action in "keep new configuration") info_msg "continue using new settings file" ;; "start interactiv shell") echo -e "// exit with [${_BCyan}CTRL-D${_creset}]" sudo -H -i rst_para 'Diff between new setting file (-) and current (+):' echo $DIFF_CMD "${SEARX_SRC}/searx/settings.yml" "${SEARX_SETTINGS_PATH}" wait_key ;; esac } remove_settings() { rst_title "remove searx settings" section echo info_msg "delete ${SEARX_SETTINGS_PATH}" rm -f "${SEARX_SETTINGS_PATH}" } remove_searx() { rst_title "Drop searx sources" section if ask_yn "Do you really want to drop searx sources ($SEARX_SRC)?"; then rm -rf "$SEARX_SRC" else rst_para "Leave searx sources unchanged." fi } pyenv_is_available() { [[ -f "${SEARX_PYENV}/bin/activate" ]] } create_pyenv() { rst_title "Create virtualenv (python)" section echo if [[ ! -f "${SEARX_SRC}/manage.sh" ]]; then err_msg "to create pyenv for searx, searx has to be cloned first" return 42 fi info_msg "create pyenv in ${SEARX_PYENV}" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" rm -rf "${SEARX_PYENV}" python3 -m venv "${SEARX_PYENV}" grep -qFs -- 'source ${SEARX_PYENV}/bin/activate' ~/.profile \ || echo 'source ${SEARX_PYENV}/bin/activate' >> ~/.profile EOF info_msg "inspect python's virtual environment" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" command -v python && python --version EOF wait_key info_msg "install needed python packages" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" ${SEARX_SRC}/manage.sh update_packages EOF } remove_pyenv() { rst_title "Remove virtualenv (python)" section if ! ask_yn "Do you really want to drop ${SEARX_PYENV} ?"; then return fi info_msg "remove pyenv activation from ~/.profile" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" grep -v 'source ${SEARX_PYENV}/bin/activate' ~/.profile > ~/.profile.## mv ~/.profile.## ~/.profile EOF rm -rf "${SEARX_PYENV}" } configure_searx() { rst_title "Configure searx" section rst_para "Setup searx config located at $SEARX_SETTINGS_PATH" echo tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/ultrasecretkey/$(openssl rand -hex 16)/g" "$SEARX_SETTINGS_PATH" sed -i -e "s/{instance_name}/${SEARX_INSTANCE_NAME}/g" "$SEARX_SETTINGS_PATH" EOF } test_local_searx() { rst_title "Testing searx instance localy" section echo if service_is_available "http://$SEARX_INTERNAL_URL" &>/dev/null; then err_msg "URL/port http://$SEARX_INTERNAL_URL is already in use, you" err_msg "should stop that service before starting local tests!" if ! ask_yn "Continue with local tests?"; then return fi fi sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS_PATH" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" export SEARX_SETTINGS_PATH="${SEARX_SETTINGS_PATH}" cd ${SEARX_SRC} timeout 10 python3 searx/webapp.py & sleep 3 curl --location --verbose --head --insecure $SEARX_INTERNAL_URL EOF sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS_PATH" } install_searx_uwsgi() { rst_title "Install searx's uWSGI app (searx.ini)" section echo uWSGI_install_app "$SEARX_UWSGI_APP" } remove_searx_uwsgi() { rst_title "Remove searx's uWSGI app (searx.ini)" section echo uWSGI_remove_app "$SEARX_UWSGI_APP" } activate_service() { rst_title "Activate $SEARX_INSTANCE_NAME (service)" section echo uWSGI_enable_app "$SEARX_UWSGI_APP" uWSGI_restart "$SEARX_UWSGI_APP" } deactivate_service() { rst_title "De-Activate $SEARX_INSTANCE_NAME (service)" section echo uWSGI_disable_app "$SEARX_UWSGI_APP" uWSGI_restart "$SEARX_UWSGI_APP" } enable_debug() { warn_msg "Do not enable debug in production enviroments!!" info_msg "try to enable debug mode ..." tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS_PATH" EOF uWSGI_restart "$SEARX_UWSGI_APP" } disable_debug() { info_msg "try to disable debug mode ..." tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS_PATH" EOF uWSGI_restart "$SEARX_UWSGI_APP" } inspect_service() { rst_title "service status & log" cat < ${PUBLIC_URL}" info_msg "internal URL --> http://${SEARX_INTERNAL_URL}" # shellcheck disable=SC2059 printf "// use ${_BCyan}CTRL-C${_creset} to stop monitoring the log" read -r -s -n1 -t 2 echo while true; do trap break 2 #journalctl -f -u "${SERVICE_NAME}" tail -f /var/log/uwsgi/app/searx.log done if [[ $_debug_on == 1 ]]; then disable_debug fi return 0 } install_apache_site() { rst_title "Install Apache site $APACHE_SEARX_SITE" rst_para "\ This installs the searx uwsgi app as apache site. If your server ist public to the internet you should instead use a reverse proxy (filtron) to block excessively bot queries." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then return fi pkg_install "$APACHE_APT_PACKAGES" a2enmod uwsgi echo apache_install_site --variant=uwsgi "${APACHE_SEARX_SITE}" if ! service_is_available "${PUBLIC_URL}"; then err_msg "Public service at ${PUBLIC_URL} is not available!" fi } remove_apache_site() { rst_title "Remove Apache site ${APACHE_SEARX_SITE}" rst_para "\ This removes apache site ${APACHE_SEARX_SITE}." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to continue?"; then return fi apache_remove_site "${APACHE_SEARX_SITE}" } # ---------------------------------------------------------------------------- main "$@" # ----------------------------------------------------------------------------