Merge branch 'stretch' of https://github.com/bashrc/freedombone

2017-09-23 11:05:51 +01:00 · 2017-09-23 11:05:51 +01:00 · 1b14ea302d
parent 557d3c4cd5 ac69919662
commit 1b14ea302d
4 changed files with 87 additions and 13 deletions
--- a/doc/EN/app_searx.org
+++ b/doc/EN/app_searx.org
@ -25,6 +25,8 @@ In terms of security both the connection between you and the server, and the out
 [[file:images/searx.jpg]]
 #+END_CENTER

+* Installation
+
 ssh into the system with:

 #+BEGIN_SRC bash
@ -33,6 +35,18 @@ ssh myusername@mydomain.com -p 2222

 Select *Administrator controls* then *Add/remove apps*. From there you can use cursor keys, space and enter keys to select *searx*.

-Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to *Passwords* on the *Administrator control panel* and select *searx*. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system.
+Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
+
+* Make it your default search
+
+If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "/Freedombone Metasearch/" and you can then right click on it and make it the default search.
+
+* Enabling password login
+
+It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
+
+To enable password login go to the *Administrator control panel* then *App settings* then select *searx* and *Enable login*. If you select "yes" then the password will be displayed.
+
+* Customization

 It's also possible to customise the background image if you go to *App settings* then select *searx*.
--- a/src/freedombone-app-searx
+++ b/src/freedombone-app-searx
@ -147,6 +147,33 @@ function searx_set_background_image {
    esac
 }

+function searx_enable_login {
+    dialog --title $"Enable Searx login" \
+           --backtitle $"Freedombone Control Panel" \
+           --defaultno \
+           --yesno $"\nDo you want to add a login so that random web users can't use your metasearch engine?" 10 60
+    sel=$?
+    case $sel in
+        0) if grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
+               sed -i 's|#auth_basic|auth_basic|g' /etc/nginx/sites-available/searx
+               systemctl restart nginx
+           fi
+           read_config_param $MY_USERNAME
+           SEARX_LOGIN_PASS=$(${PROJECT_NAME}-pass -u $MY_USERNAME -a searx)
+           dialog --title $"Enable Searx login" \
+                  --msgbox $"Searx logins are now enabled with the password $SEARX_LOGIN_PASS" 6 65
+           SEARX_LOGIN_PASS=
+           ;;
+        1) if ! grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
+               sed -i 's|auth_basic|#auth_basic|g' /etc/nginx/sites-available/searx
+               systemctl restart nginx
+           fi
+           dialog --title $"Disable Searx login" \
+                  --msgbox $"Searx logins are now disabled. Anyone can access your metasearch engine." 6 65
+           ;;
+    esac
+}
+
 function configure_interactive_searx {
    while true
    do
@ -154,9 +181,10 @@ function configure_interactive_searx {
        trap "rm -f $data" 0 1 2 5 15
        dialog --backtitle $"Freedombone Control Panel" \
               --title $"SearX Metasearch" \
-               --radiolist $"Choose an operation:" 11 70 2 \
+               --radiolist $"Choose an operation:" 12 70 3 \
               1 $"Set a background image" off \
-               2 $"Exit" on 2> $data
+               2 $"Enable login" off \
+               3 $"Exit" on 2> $data
        sel=$?
        case $sel in
            1) return;;
@ -164,7 +192,8 @@ function configure_interactive_searx {
        esac
        case $(cat $data) in
            1) searx_set_background_image;;
-            2) break;;
+            2) searx_enable_login;;
+            3) break;;
        esac
    done
 }
@ -942,8 +971,8 @@ function install_searx {
    function_check nginx_limits
    nginx_limits searx '1M'
    echo '        proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
-    echo "        auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
-    echo '        auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
+    echo "        #auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
+    echo '        #auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
    echo '    }' >> /etc/nginx/sites-available/searx
    echo '' >> /etc/nginx/sites-available/searx
    echo '    fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx
--- a/src/freedombone-usb-canary
+++ b/src/freedombone-usb-canary
@ -5,8 +5,7 @@ PROJECT_NAME=freedombone
 UPTIME=$(cat /proc/uptime | awk -F '.' '{print $1}')
 if [ $UPTIME -gt 120 ]; then
    ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
-    #MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
-    MY_EMAIL_ADDRESS=root@$(cat /etc/hostname)
+    MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
    echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
    echo "${ACTION}" > /tmp/usb-canary
    echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary
--- a/website/EN/app_searx.html
+++ b/website/EN/app_searx.html
@ -3,10 +3,10 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-04-16 Sun 21:00 -->
+<!-- 2017-09-23 Sat 11:02 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
-<title></title>
+<title>&lrm;</title>
 <meta name="generator" content="Org mode" />
 <meta name="author" content="Bob Mottram" />
 <meta name="description" content="How to use SearX metasearch"
@ -265,13 +265,16 @@ In terms of security both the connection between you and the server, and the out
 </div>
 </div>

+<div id="outline-container-org404708e" class="outline-2">
+<h2 id="org404708e">Installation</h2>
+<div class="outline-text-2" id="text-org404708e">
 <p>
 ssh into the system with:
 </p>

 <div class="org-src-container">
-<pre><code class="src src-bash">ssh myusername@mydomain.com -p 2222
-</code></pre>
+<pre class="src src-bash">ssh myusername@mydomain.com -p 2222
+</pre>
 </div>

 <p>
@ -279,13 +282,42 @@ Select <b>Administrator controls</b> then <b>Add/remove apps</b>. From there you
 </p>

 <p>
-Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to <b>Passwords</b> on the <b>Administrator control panel</b> and select <b>searx</b>. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system.
+Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
+</p>
+</div>
+</div>
+
+<div id="outline-container-org312dbda" class="outline-2">
+<h2 id="org312dbda">Make it your default search</h2>
+<div class="outline-text-2" id="text-org312dbda">
+<p>
+If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "<i>Freedombone Metasearch</i>" and you can then right click on it and make it the default search.
+</p>
+</div>
+</div>
+
+<div id="outline-container-org6b74e84" class="outline-2">
+<h2 id="org6b74e84">Enabling password login</h2>
+<div class="outline-text-2" id="text-org6b74e84">
+<p>
+It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
 </p>

+<p>
+To enable password login go to the <b>Administrator control panel</b> then <b>App settings</b> then select <b>searx</b> and <b>Enable login</b>. If you select "yes" then the password will be displayed.
+</p>
+</div>
+</div>
+
+<div id="outline-container-orgae556b2" class="outline-2">
+<h2 id="orgae556b2">Customization</h2>
+<div class="outline-text-2" id="text-orgae556b2">
 <p>
 It's also possible to customise the background image if you go to <b>App settings</b> then select <b>searx</b>.
 </p>
 </div>
+</div>
+</div>
 <div id="postamble" class="status">

 <style type="text/css">