diff --git a/Dockerfile b/Dockerfile index 543c74d0e..acc2b2e4e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,50 @@ -FROM python:2.7-slim +FROM alpine:3.3 -WORKDIR /app +ENV BASE_URL=False IMAGE_PROXY=False +EXPOSE 8888 +WORKDIR /usr/local/searx +CMD ["./run.sh"] -RUN useradd searx +RUN adduser -D -h /usr/local/searx -s /bin/sh searx searx \ + && echo '#!/bin/sh' >> run.sh \ + && echo 'sed -i "s|base_url : False|base_url : $BASE_URL|g" searx/settings.yml' >> run.sh \ + && echo 'sed -i "s/image_proxy : False/image_proxy : $IMAGE_PROXY/g" searx.setting.yml' >> run.sh \ + && echo 'sed -i "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml' >> run.sh \ + && echo 'python searx/webapp.py' >> run.sh \ + && chmod +x run.sh -EXPOSE 5000 -CMD ["/usr/local/bin/uwsgi", "--uid", "searx", "--gid", "searx", "--http", ":5000", "-w", "searx.webapp"] +COPY requirements.txt . -RUN apt-get update && \ - apt-get install -y --no-install-recommends \ - zlib1g-dev libxml2-dev libxslt1-dev libffi-dev build-essential \ - libssl-dev openssl && \ - rm -rf /var/lib/apt/lists/* +RUN apk -U add \ + build-base \ + python \ + python-dev \ + py-pip \ + libxml2 \ + libxml2-dev \ + libxslt \ + libxslt-dev \ + libffi-dev \ + openssl \ + openssl-dev \ + ca-certificates \ + && pip install --no-cache -r requirements.txt \ + && apk del \ + build-base \ + python-dev \ + py-pip\ + libffi-dev \ + openssl-dev \ + libxslt-dev \ + libxml2-dev \ + openssl-dev \ + ca-certificates \ + && rm -f /var/cache/apk/* -RUN pip install --no-cache uwsgi +COPY . . -COPY requirements.txt /app/requirements.txt -RUN pip install --no-cache -r requirements.txt +RUN chown -R searx:searx * -COPY . /app -RUN sed -i -e "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml +USER searx + +RUN sed -i "s/127.0.0.1/0.0.0.0/g" searx/settings.yml diff --git a/searx/__init__.py b/searx/__init__.py index 76038a443..7b67a394f 100644 --- a/searx/__init__.py +++ b/searx/__init__.py @@ -52,7 +52,8 @@ logger = logging.getLogger('searx') # Workaround for openssl versions <1.0.2 # https://github.com/certifi/python-certifi/issues/26 if OPENSSL_VERSION_INFO[0:3] < (1, 0, 2): - environ['REQUESTS_CA_BUNDLE'] = certifi.old_where() + if hasattr(certifi, 'old_where'): + environ['REQUESTS_CA_BUNDLE'] = certifi.old_where() logger.warning('You are using an old openssl version({0}), please upgrade above 1.0.2!'.format(OPENSSL_VERSION)) logger.info('Initialisation done')