[mod] document server:public_instance & remove it out of the botdetection

- the option server:public_instance lacks some documentation - the processing of this option belongs in the limiter and not in botdetection module Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2024-01-01 19:24:07 +01:00 · 2023-10-02 18:29:58 +02:00 · 2023-10-02 18:29:58 +02:00 · d13a8f6453
commit d13a8f6453
parent fd814aac86
4 changed files with 29 additions and 9 deletions
--- a/docs/admin/settings/settings_server.rst
+++ b/docs/admin/settings/settings_server.rst
@ -12,6 +12,7 @@
       bind_address: "127.0.0.1"
       secret_key: "ultrasecretkey"           # change this!
       limiter: false
+       public_instance: false
       image_proxy: false
       default_http_headers:
         X-Content-Type-Options : nosniff
@ -20,7 +21,6 @@
         X-Robots-Tag : noindex, nofollow
         Referrer-Policy : no-referrer

-
 ``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>`
  The base URL where SearXNG is deployed.  Used to create correct inbound links.
  If you change the value, don't forget to rebuild instance's environment
@ -40,6 +40,16 @@
  Rate limit the number of request on the instance, block some bots.  The
  :ref:`limiter` requires a :ref:`settings redis` database.

+.. _public_instance:
+
+``public_instance`` :
+
+  Setting that allows to enable features specifically for public instances (not
+  needed for local usage).  By set to ``true`` the following features are
+  activated:
+
+  - :py:obj:`searx.botdetection.link_token` in the :ref:`limiter`
+
 .. _image_proxy:

 ``image_proxy`` :
--- a/searx/init.py
+++ b/searx/init.py
@ -108,5 +108,6 @@ else:
 if settings['server']['public_instance']:
    logger.warning(
        "Be aware you have activated features intended only for public instances. "
-        + "This force the usage of the bot limiter and link_token plugins."
+        "This force the usage of the limiter and link_token / "
+        "see https://docs.searxng.org/admin/searx.limiter.html"
    )
--- a/searx/botdetection/ip_limit.py
+++ b/searx/botdetection/ip_limit.py
@ -45,7 +45,6 @@ from ipaddress import (

 import flask
 import werkzeug
-from searx import settings

 from searx import redisdb
 from searx.redislib import incr_sliding_window, drop_counter
@ -109,7 +108,7 @@ def filter_request(
        if c > API_MAX:
            return too_many_requests(network, "too many request in API_WINDOW")

-    if settings['server']['public_instance'] or cfg['botdetection.ip_limit.link_token']:
+    if cfg['botdetection.ip_limit.link_token']:

        suspicious = link_token.is_suspicious(network, request, True)

--- a/searx/limiter.py
+++ b/searx/limiter.py
@ -211,23 +211,33 @@ def pre_request():


 def is_installed():
+    """Returns ``True`` if limiter is active and a redis DB is available."""
    return _INSTALLED


 def initialize(app: flask.Flask, settings):
-    """Instal the botlimiter aka limiter"""
+    """Install the limiter"""
    global _INSTALLED  # pylint: disable=global-statement
-    if not settings['server']['limiter'] and not settings['server']['public_instance']:
+
+    if not (settings['server']['limiter'] or settings['server']['public_instance']):
        return
+
    redis_client = redisdb.client()
    if not redis_client:
        logger.error(
            "The limiter requires Redis, please consult the documentation: "
-            + "https://docs.searxng.org/admin/searx.botdetection.html#limiter"
+            "https://docs.searxng.org/admin/searx.limiter.html"
        )
        if settings['server']['public_instance']:
            sys.exit(1)
        return
-    botdetection.init(get_cfg(), redis_client)
-    app.before_request(pre_request)
+
    _INSTALLED = True
+
+    cfg = get_cfg()
+    if settings['server']['public_instance']:
+        # overwrite limiter.toml setting
+        cfg.set('botdetection.ip_limit.link_token', True)
+
+    botdetection.init(cfg, redis_client)
+    app.before_request(pre_request)