Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
11 KiB
Apache
This section explains how to set up a SearXNG site using the HTTP server Apache. If you have used the installation scripts
and do not have any preference you can install the SearXNG site <apache searxng site>
using searxng.sh <searxng.sh overview>
:
sudo -H ./utils/searxng.sh install apache $
If you have special interests or problems with setting up Apache, the following section might give you some guidance.
Contents
The Apache HTTP server
If Apache is not installed, install it now. If apache is new to you, the Getting Started, Configuration Files and Terms Used to Describe Directives documentation gives first orientation. There is also a list of Apache directives to keep in the pocket.
Ubuntu / debian
sudo -H apt-get install apache2
Arch Linux
sudo -H pacman -S apache
sudo -H systemctl enable httpd
sudo -H systemctl start http
Fedora / RHEL
sudo -H dnf install httpd
sudo -H systemctl enable httpd
sudo -H systemctl start httpd
Now at http://localhost you should see any kind of Welcome or Test page. How this default intro site is configured, depends on the linux distribution (compare Apache directives).
Ubuntu / debian
less /etc/apache2/sites-enabled/000-default.conf
In this file, there is a line setting the DocumentRoot directive:
/var/www/html DocumentRoot
And the welcome page is the HTML file at /var/www/html/index.html
.
Arch Linux
less /etc/httpd/conf/httpd.conf
In this file, there is a line setting the DocumentRoot directive:
"/srv/http"
DocumentRoot<Directory "/srv/http">
Options Indexes FollowSymLinks
AllowOverride None
all granted
Require</Directory>
The welcome page of Arch Linux is a page showing the directory located at DocumentRoot
. This directory page is generated by the Module mod_autoindex:
autoindex_module modules/mod_autoindex.so
LoadModule
... conf/extra/httpd-autoindex.conf Include
Fedora / RHEL
less /etc/httpd/conf/httpd.conf
In this file, there is a line setting the DocumentRoot
directive:
"/var/www/html"
DocumentRoot
...<Directory "/var/www">
AllowOverride None
# Allow open access:
all granted
Require</Directory>
On fresh installations, the /var/www
is empty and the default welcome page is shown, the configuration is located at:
less /etc/httpd/conf.d/welcome.conf
Debian's Apache layout
Be aware, Debian's Apache layout is quite different from the standard Apache configuration. For details look at the apache2.README.Debian (/usr/share/doc/apache2/README.Debian.gz
). Some commands you should know on Debian:
apache2ctl
: Apache HTTP server control interfacea2enmod
,a2dismod
: switch on/off modulesa2enconf
,a2disconf
: switch on/off configurationsa2ensite
,a2dissite
: switch on/off sites
Apache modules
To load additional modules, in most distributions you have to un-comment the lines with the corresponding LoadModule directive, except in Debian's
Apache layout
.
Ubuntu / debian
Debian's Apache layout
uses a2enmod
and a2dismod
to activate or disable modules:
sudo -H a2enmod ssl
sudo -H a2enmod headers
sudo -H a2enmod proxy
sudo -H a2enmod proxy_http
sudo -H a2enmod proxy_uwsgi
Arch Linux
In the /etc/httpd/conf/httpd.conf
file, activate LoadModule directives:
ssl_module modules/mod_ssl.so
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so LoadModule
Fedora / RHEL
In the /etc/httpd/conf/httpd.conf
file, activate LoadModule directives:
ssl_module modules/mod_ssl.so
LoadModule headers_module modules/mod_headers.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so LoadModule
Apache sites
Ubuntu / debian
In Debian's Apache layout
you create a searxng.conf
with the <Location /searxng >
directive and save this file in the sites available folder at /etc/apache2/sites-available
. To enable the searxng.conf
use a2ensite
:
sudo -H a2ensite searxng.conf
Arch Linux
In the /etc/httpd/conf/httpd.conf
file add a IncludeOptional directive:
IncludeOptional sites-enabled/*.conf
Create two folders, one for the available sites and one for the enabled sites:
mkdir -p /etc/httpd/sites-available
mkdir -p /etc/httpd/sites-enabled
Create configuration at /etc/httpd/sites-available
and place a symlink to sites-enabled
:
sudo -H ln -s /etc/httpd/sites-available/searxng.conf \
/etc/httpd/sites-enabled/searxng.conf
Fedora / RHEL
In the /etc/httpd/conf/httpd.conf
file add a IncludeOptional directive:
IncludeOptional sites-enabled/*.conf
Create two folders, one for the available sites and one for the enabled sites:
mkdir -p /etc/httpd/sites-available
mkdir -p /etc/httpd/sites-enabled
Create configuration at /etc/httpd/sites-available
and place a symlink to sites-enabled
:
sudo -H ln -s /etc/httpd/sites-available/searxng.conf \
/etc/httpd/sites-enabled/searxng.conf
Apache's SearXNG site
uWSGI
Use mod_proxy_uwsgi / don't use the old mod_uwsgi anymore.
To proxy the incoming requests to the SearXNG instance Apache needs the mod_proxy module (apache modules
).
HTTP headers
With ProxyPreserveHost the incoming Host
header is passed to the proxied host.
Depending on what your SearXNG installation is listen, you need a http mod_proxy_http) or socket (mod_proxy_uwsgi) communication to upstream.
The installation scripts
installs by default the reference setup
<use_default_settings.yml>
and a uwsgi setup
that listens on a socket. You can install and activate your own searxng.conf
like shown in apache sites
.
socket
$DOCS_BUILD/includes/searxng.rst
http
$DOCS_BUILD/includes/searxng.rst
Restart service:
Ubuntu / debian
sudo -H systemctl restart apache2
sudo -H service uwsgi restart searxng
Arch Linux
sudo -H systemctl restart httpd
sudo -H systemctl restart uwsgi@searxng
Fedora / RHEL
sudo -H systemctl restart httpd
sudo -H touch /etc/uwsgi.d/searxng.ini
disable logs
For better privacy you can disable Apache logs. In the examples above activate one of the lines and restart apache:
Request_URI "/searxng" dontlog
SetEnvIf# CustomLog /dev/null combined env=dontlog
The CustomLog
directive disable logs of the entire (virtual) server, use it when the URL of the service does not have a path component (/searxng
), when SearXNG is located at root (/
).