From 37493b0a1ea8bfede427e4d68c2a17dfdb8a6078 Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Fri, 25 Mar 2022 10:23:15 +0100 Subject: [PATCH] [doc] add some documentation about the limiter plugin (and redis) Requested-by: https://github.com/searxng/searxng/discussions/993#discussioncomment-2396914 Signed-off-by: Markus Heiser --- docs/admin/engines/settings.rst | 25 ++++++++++++++++++++----- docs/admin/filtron.rst | 14 ++++++++------ docs/src/searx.plugins.limiter.rst | 4 ++++ searx/plugins/limiter.py | 4 ++++ 4 files changed, 36 insertions(+), 11 deletions(-) diff --git a/docs/admin/engines/settings.rst b/docs/admin/engines/settings.rst index a55e2575..2726674d 100644 --- a/docs/admin/engines/settings.rst +++ b/docs/admin/engines/settings.rst @@ -226,6 +226,17 @@ Global Settings .. _Redis.from_url(url): https://redis-py.readthedocs.io/en/stable/connections.html#redis.client.Redis.from_url +A redis DB can be connected by an URL, in :py:obj:`searx.shared.redisdb` you +will find a description to test your redis connection in SerXNG. When using +sockets, don't forget to check the access rights on the socket:: + + ls -la /usr/local/searxng-redis/run/redis.sock + srwxrwx--- 1 searxng-redis searxng-redis ... /usr/local/searxng-redis/run/redis.sock + +In this example read/write access is given to the *searxng-redis* group. To get +access rights to redis instance (the socket), your SearXNG (or even your +developer) account needs to be added to the *searxng-redis* group. + ``url`` URL to connect redis database, see `Redis.from_url(url)`_ & :ref:`redis db`:: @@ -235,17 +246,21 @@ Global Settings .. admonition:: Tip for developers - To set up a redis instance simply use:: + To set up a local redis instance using sockets simply use:: $ ./manage redis.build $ sudo -H ./manage redis.install - - To get access rights to this instance, your developer account needs to be - added to the *searxng-redis* group:: - $ sudo -H ./manage redis.addgrp "${USER}" # don't forget to logout & login to get member of group + The YAML setting for such a redis instance is: + + .. code:: yaml + + redis: + url: unix:///usr/local/searxng-redis/run/redis.sock?db=0 + + .. _settings outgoing: ``outgoing:`` diff --git a/docs/admin/filtron.rst b/docs/admin/filtron.rst index f08149ae..60d7cbeb 100644 --- a/docs/admin/filtron.rst +++ b/docs/admin/filtron.rst @@ -5,17 +5,19 @@ How to protect an instance ========================== +.. tip:: + + To protect your instance a installation of filtron (as described here) is no + longer needed, alternatively activate the :ref:`limiter plugin` in your + ``settings.yml``. Note that the :ref:`limiter plugin` requires a :ref:`Redis + ` database. + + .. sidebar:: further reading - :ref:`filtron.sh` - :ref:`nginx searxng site` - -.. contents:: Contents - :depth: 2 - :local: - :backlinks: entry - .. _filtron: https://github.com/searxng/filtron SearXNG depends on external search services. To avoid the abuse of these services diff --git a/docs/src/searx.plugins.limiter.rst b/docs/src/searx.plugins.limiter.rst index 4984cd37..75d06f5c 100644 --- a/docs/src/searx.plugins.limiter.rst +++ b/docs/src/searx.plugins.limiter.rst @@ -4,6 +4,10 @@ Limiter Plugin ============== +.. sidebar:: info + + The :ref:`limiter plugin` requires a :ref:`Redis ` database. + .. automodule:: searx.plugins.limiter :members: diff --git a/searx/plugins/limiter.py b/searx/plugins/limiter.py index 6accf2c1..c3ec6428 100644 --- a/searx/plugins/limiter.py +++ b/searx/plugins/limiter.py @@ -3,6 +3,10 @@ # pyright: basic """Some bot protection / rate limitation +To monitore rate limits and protect privacy the IP addresses are getting stored +with a hash so the limiter plugin knows who to block. A redis database is +needed to store the hash values. + Enable the plugin in ``settings.yml``: - ``server.limiter: true``