#!/usr/bin/env bash # -*- coding: utf-8; mode: sh indent-tabs-mode: nil -*- # SPDX-License-Identifier: AGPL-3.0-or-later # shellcheck disable=SC2001 # shellcheck source=utils/lib.sh source "$(dirname "${BASH_SOURCE[0]}")/lib.sh" source_dot_config # ---------------------------------------------------------------------------- # config # ---------------------------------------------------------------------------- SEARX_URL_PATH="${SEARX_URL_PATH:-$(echo "${PUBLIC_URL}" \ | sed -e 's,^.*://[^/]*\(/.*\),\1,g')}" [[ "${SEARX_URL_PATH}" == "${PUBLIC_URL}" ]] && SEARX_URL_PATH=/ SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(echo "$PUBLIC_URL" \ | sed -e 's,^.*://\([^\:/]*\).*,\1,g') }" SERVICE_NAME="searx" SERVICE_USER="${SERVICE_USER:-${SERVICE_NAME}}" SERVICE_HOME="/home/${SERVICE_USER}" # shellcheck disable=SC2034 SERVICE_GROUP="${SERVICE_USER}" SEARX_INTERNAL_URL="127.0.0.1:8888" SEARX_GIT_URL="https://github.com/asciimoo/searx.git" SEARX_GIT_BRANCH="master" SEARX_PYENV="${SERVICE_HOME}/searx-pyenv" SEARX_SRC="${SERVICE_HOME}/searx-src" SEARX_SETTINGS="${SEARX_SRC}/searx/settings.yml" SEARX_UWSGI_APP="searx.ini" # shellcheck disable=SC2034 SEARX_UWSGI_SOCKET="/run/uwsgi/app/searx/socket" # FIXME: Arch Linux & RHEL should be added SEARX_APT_PACKAGES="\ uwsgi uwsgi-plugin-python3 \ git build-essential libxslt-dev python3-dev python3-babel zlib1g-dev \ libffi-dev libssl-dev \ " # Apache Settings APACHE_APT_PACKAGES="\ libapache2-mod-uwsgi \ " APACHE_SEARX_SITE="searx.conf" # shellcheck disable=SC2034 CONFIG_FILES=( "${uWSGI_SETUP}/apps-available/${SEARX_UWSGI_APP}" ) # shellcheck disable=SC2034 CONFIG_BACKUP_ENCRYPTED=( "${SEARX_SETTINGS}" ) # ---------------------------------------------------------------------------- usage() { # ---------------------------------------------------------------------------- # shellcheck disable=SC1117 cat <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} cp -f ${SEARX_SETTINGS} ${SEARX_SETTINGS}.backup git stash push -m "BACKUP -- 'update server' at ($(date))" git checkout -b $SEARX_GIT_BRANCH" --track "$SEARX_GIT_BRANCH" git pull "$SEARX_GIT_BRANCH" ${SEARX_SRC}/manage.sh update_packages EOF configure_searx rst_title "${SEARX_SETTINGS}" section rstBlock 'Diff between new setting file (<) and backup (>):' echo diff "$SEARX_SETTINGS}" "${SEARX_SETTINGS}.backup" local action choose_one action "What should happen to the settings file? " \ "keep new configuration" \ "revert to the old configuration (backup file)" \ "start interactiv shell" case $action in "keep new configuration") info_msg "continue using new settings file" ;; "revert to the old configuration (backup file)") tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cp -f ${SEARX_SETTINGS}.backup ${SEARX_SETTINGS} EOF ;; "start interactiv shell") interactive_shell "${SERVICE_USER}" ;; esac chown "${SERVICE_USER}:${SERVICE_USER}" "${SEARX_SETTINGS}" # shellcheck disable=SC2016 rst_para 'Diff between local modified settings (<) and $SEARX_GIT_BRANCH branch (>):' echo git_diff wait_key uWSGI_restart } remove_all() { rst_title "De-Install $SEARX_INSTANCE_NAME (service)" rst_para "\ It goes without saying that this script can only be used to remove installations that were installed with this script." if ! ask_yn "Do you really want to deinstall $SEARX_INSTANCE_NAME?"; then return fi remove_searx_uwsgi wait_key drop_service_account "${SERVICE_USER}" if service_is_available "${PUBLIC_URL}"; then MSG="** Don't forgett to remove your public site! (${PUBLIC_URL}) **" wait_key 10 fi } assert_user() { rst_title "user $SERVICE_USER" section echo tee_stderr 1 </dev/null)" if [[ ! "${SERVICE_HOME}" ]]; then err_msg "to clone searx sources, user $SERVICE_USER hast to be created first" return 42 fi export SERVICE_HOME git_clone "$SEARX_GIT_URL" "$SEARX_SRC" \ "$SEARX_GIT_BRANCH" "$SERVICE_USER" pushd "${SEARX_SRC}" > /dev/null tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd "${SEARX_SRC}" git config user.email "$ADMIN_EMAIL" git config user.name "$ADMIN_NAME" git config --list EOF popd > /dev/null } remove_searx() { rst_title "Drop searx sources" section if ask_yn "Do you really want to drop searx sources ($SEARX_SRC)?"; then rm -rf "$SEARX_SRC" else rst_para "Leave searx sources unchanged." fi } pyenv_is_available() { [[ -f "${SEARX_PYENV}/bin/activate" ]] } create_pyenv() { rst_title "Create virtualenv (python)" section echo if [[ ! -f "${SEARX_SRC}/manage.sh" ]]; then err_msg "to create pyenv for searx, searx has to be cloned first" return 42 fi info_msg "create pyenv in ${SEARX_PYENV}" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" rm -rf "${SEARX_PYENV}" python3 -m venv "${SEARX_PYENV}" grep -qFs -- 'source ${SEARX_PYENV}/bin/activate' ~/.profile \ || echo 'source ${SEARX_PYENV}/bin/activate' >> ~/.profile EOF info_msg "inspect python's virtual environment" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" command -v python && python --version EOF wait_key info_msg "install needed python packages" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" ${SEARX_SRC}/manage.sh update_packages EOF } remove_pyenv() { rst_title "Remove virtualenv (python)" section if ! ask_yn "Do you really want to drop ${SEARX_PYENV} ?"; then return fi info_msg "remove pyenv activation from ~/.profile" tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" grep -v 'source ${SEARX_PYENV}/bin/activate' ~/.profile > ~/.profile.## mv ~/.profile.## ~/.profile EOF rm -rf "${SEARX_PYENV}" } configure_searx() { rst_title "Configure searx" section rst_para "Setup searx config located at $SEARX_SETTINGS" echo tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/ultrasecretkey/$(openssl rand -hex 16)/g" "$SEARX_SETTINGS" sed -i -e "s/{instance_name}/${SEARX_INSTANCE_NAME}/g" "$SEARX_SETTINGS" EOF } test_local_searx() { rst_title "Testing searx instance localy" section echo if service_is_available "http://$SEARX_INTERNAL_URL" &>/dev/null; then err_msg "URL/port http://$SEARX_INTERNAL_URL is already in use, you" err_msg "should stop that service before starting local tests!" if ! ask_yn "Continue with local tests?"; then return fi fi tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS" timeout 5 python3 searx/webapp.py & sleep 1 curl --location --verbose --head --insecure $SEARX_INTERNAL_URL sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS" EOF } install_searx_uwsgi() { rst_title "Install searx's uWSGI app (searx.ini)" section echo uWSGI_install_app "$SEARX_UWSGI_APP" } remove_searx_uwsgi() { rst_title "Remove searx's uWSGI app (searx.ini)" section echo uWSGI_remove_app "$SEARX_UWSGI_APP" } activate_service() { rst_title "Activate $SEARX_INSTANCE_NAME (service)" section echo uWSGI_enable_app "$SEARX_UWSGI_APP" uWSGI_restart } deactivate_service() { rst_title "De-Activate $SEARX_INSTANCE_NAME (service)" section echo uWSGI_disable_app "$SEARX_UWSGI_APP" uWSGI_restart } git_diff() { sudo -H -u "${SERVICE_USER}" -i <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/debug : False/debug : True/g" "$SEARX_SETTINGS" EOF uWSGI_restart } disable_debug() { info_msg "try to disable debug mode ..." tee_stderr 0.1 <&1 | prefix_stdout "$_service_prefix" cd ${SEARX_SRC} sed -i -e "s/debug : True/debug : False/g" "$SEARX_SETTINGS" EOF uWSGI_restart } inspect_service() { rst_title "service status & log" cat < ${PUBLIC_URL}" info_msg "internal URL --> http://${SEARX_INTERNAL_URL}" printf "// use ${_BCyan}CTRL-C${_creset} to stop monitoring the log" read -r -s -n1 -t 2 echo while true; do trap break 2 #journalctl -f -u "${SERVICE_NAME}" tail -f /var/log/uwsgi/app/searx.log done if [[ $_debug_on == 1 ]]; then disable_debug fi return 0 } install_apache_site() { rst_title "Install Apache site $APACHE_SEARX_SITE" rst_para "\ This installs the searx uwsgi app as apache site. If your server ist public to the internet you should instead use a reverse proxy (filtron) to block excessively bot queries." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then return fi pkg_install "$APACHE_APT_PACKAGES" a2enmod uwsgi echo apache_install_site --variant=uwsgi "${APACHE_SEARX_SITE}" if ! service_is_available "${PUBLIC_URL}"; then err_msg "Public service at ${PUBLIC_URL} is not available!" fi } remove_apache_site() { rst_title "Remove Apache site ${APACHE_SEARX_SITE}" rst_para "\ This removes apache site ${APACHE_SEARX_SITE}." ! apache_is_installed && err_msg "Apache is not installed." if ! ask_yn "Do you really want to continue?"; then return fi apache_remove_site "${APACHE_SEARX_SITE}" } # ---------------------------------------------------------------------------- main "$@" # ----------------------------------------------------------------------------