diff --git a/src/freedombone-app-searx b/src/freedombone-app-searx deleted file mode 100755 index 92bce04e..00000000 --- a/src/freedombone-app-searx +++ /dev/null @@ -1,291 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# -# Searx engine application -# -# License -# ======= -# -# Copyright (C) 2014-2016 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -VARIANTS='' - -IN_DEFAULT_INSTALL=0 -SHOW_ON_ABOUT=1 - -SEARX_REPO="https://github.com/asciimoo/searx" -SEARX_COMMIT='fee556c9904637051a9ba874ba7e71cd9f10789f' -SEARX_PATH=/etc -SEARX_ONION_PORT=8094 -SEARX_ONION_HOSTNAME= -SEARX_LOGIN_TEXT=$"Search engine login" -SEARX_PASSWORD= - -searx_variables=(SEARX_REPO - SEARX_COMMIT - SEARX_PATH - SEARX_LOGIN_TEXT - MY_USERNAME - SYSTEM_TYPE) - -function install_interactive_searx { - echo -n '' - APP_INSTALLED=1 -} - -function change_password_searx { - echo -n '' -} - -function reconfigure_searx { - echo -n '' -} - -function upgrade_searx { - set_repo_commit $SEARX_PATH/searx "Search engine commit" "$SEARX_COMMIT" $SEARX_REPO - if grep "Search engine key" $COMPLETION_FILE; then - if [ -f ${SEARX_PATH}/searx/searx/settings.yml ]; then - # note: this might change to a --tor option in a later version - if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then - echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml - fi - SEARX_SECRET_KEY=$(get_completion_param "searx key") - sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml - if [ -f /var/lib/tor/hidden_service_searx/hostname ]; then - SEARX_ONION_HOSTNAME=$(echo /var/lib/tor/hidden_service_searx/hostname) - sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml - fi - fi - fi -} - -function backup_local_searx { - echo -n '' -} - -function restore_local_searx { - echo -n '' -} - -function backup_remote_searx { - echo -n '' -} - -function restore_remote_searx { - echo -n '' -} - -function remove_searx { - systemctl stop searx - systemctl disable searx - rm /etc/systemd/system/searx.service - function_check remove_onion_service - remove_onion_service searx ${SEARX_ONION_PORT} - userdel -r searx - nginx_dissite searx - if [ -f /etc/nginx/sites-available/searx ]; then - rm /etc/nginx/sites-available/searx - fi - if [ -d ${SEARX_PATH}/searx ]; then - rm -rf ${SEARX_PATH}/searx - fi - remove_completion_param install_searx - sed -i '/Search engine /d' $COMPLETION_FILE - sed -i '/Search Engine /d' /home/$MY_USERNAME/README - sed -i '/Search engine /d' /home/$MY_USERNAME/README - sed -i '/search engine /d' /home/$MY_USERNAME/README -} - -function install_searx { - # Note: currently socks5 outgoing proxies to other search engines does not work - if [ ! -d /etc/nginx ]; then - echo $'Webserver is not installed' - exit 62429 - fi - - apt-get -yq install python-pip libyaml-dev python-werkzeug python-babel python-lxml apache2-utils - apt-get -yq install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev uwsgi uwsgi-plugin-python libapache2-mod-uwsgi - - pip install --upgrade pip - - pip install certifi - if [ ! "$?" = "0" ]; then - echo $'Failed to install certifi' - exit 737692 - fi - - pip install pyyaml - if [ ! "$?" = "0" ]; then - echo $'Failed to install pyyaml' - exit 469242 - fi - - pip install flask --upgrade - if [ ! "$?" = "0" ]; then - echo $'Failed to install flask' - exit 888575 - fi - - pip install flask_restless --upgrade - if [ ! "$?" = "0" ]; then - echo $'Failed to install flask_restless' - exit 54835 - fi - - pip install flask_babel --upgrade - if [ ! "$?" = "0" ]; then - echo $'Failed to install flask_babel' - exit 63738 - fi - - if [ ! -d $SEARX_PATH ]; then - mkdir -p $SEARX_PATH - fi - - # clone the repo - cd $SEARX_PATH - function_check git_clone - git_clone $SEARX_REPO searx - git checkout $SEARX_COMMIT -b $SEARX_COMMIT - set_completion_param "searx commit" "$SEARX_COMMIT" - - # create an onion service - SEARX_ONION_HOSTNAME=$(add_onion_service searx 80 ${SEARX_ONION_PORT}) - - # an unprivileged user to run as - useradd -d ${SEARX_PATH}/searx/ -s /bin/false searx - adduser searx debian-tor - - # daemon - echo '[Unit]' > /etc/systemd/system/searx.service - echo 'Description=Searx (search engine)' >> /etc/systemd/system/searx.service - echo 'After=syslog.target' >> /etc/systemd/system/searx.service - echo 'After=network.target' >> /etc/systemd/system/searx.service - echo '' >> /etc/systemd/system/searx.service - echo '[Service]' >> /etc/systemd/system/searx.service - echo 'Type=simple' >> /etc/systemd/system/searx.service - echo 'User=searx' >> /etc/systemd/system/searx.service - echo 'Group=searx' >> /etc/systemd/system/searx.service - echo "WorkingDirectory=${SEARX_PATH}/searx" >> /etc/systemd/system/searx.service - echo "ExecStart=/usr/bin/python ${SEARX_PATH}/searx/searx/webapp.py" >> /etc/systemd/system/searx.service - echo 'Restart=always' >> /etc/systemd/system/searx.service - echo 'Environment="USER=searx"' >> /etc/systemd/system/searx.service - echo '' >> /etc/systemd/system/searx.service - echo '[Install]' >> /etc/systemd/system/searx.service - echo 'WantedBy=multi-user.target' >> /etc/systemd/system/searx.service - - # create a webserver file - echo 'server {' > /etc/nginx/sites-available/searx - echo " listen 127.0.0.1:${SEARX_ONION_PORT} default_server;" >> /etc/nginx/sites-available/searx - echo " root ${SEARX_PATH}/searx;" >> /etc/nginx/sites-available/searx - echo " server_name ${SEARX_ONION_HOSTNAME};" >> /etc/nginx/sites-available/searx - echo ' access_log /dev/null;' >> /etc/nginx/sites-available/searx - echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx - echo '' >> /etc/nginx/sites-available/searx - function_check nginx_disable_sniffing - nginx_disable_sniffing searx - echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx - echo '' >> /etc/nginx/sites-available/searx - echo ' location / {' >> /etc/nginx/sites-available/searx - function_check nginx_limits - nginx_limits searx '1M' - echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx - echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx - echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx - echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/searx - echo ' proxy_set_header X-Remote-Port $remote_port;' >> /etc/nginx/sites-available/searx - echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/searx - echo ' proxy_redirect off;' >> /etc/nginx/sites-available/searx - - echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx - echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx - echo ' }' >> /etc/nginx/sites-available/searx - echo '' >> /etc/nginx/sites-available/searx - echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx - echo '' >> /etc/nginx/sites-available/searx - echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/searx - echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/searx - echo '' >> /etc/nginx/sites-available/searx - echo ' location = /robots.txt {' >> /etc/nginx/sites-available/searx - echo ' allow all;' >> /etc/nginx/sites-available/searx - echo ' log_not_found off;' >> /etc/nginx/sites-available/searx - echo ' access_log /dev/null;' >> /etc/nginx/sites-available/searx - echo ' }' >> /etc/nginx/sites-available/searx - echo '}' >> /etc/nginx/sites-available/searx - - # replace the secret key - if ! grep "searx key" $COMPLETION_FILE; then - SEARX_SECRET_KEY="$(create_password 30)" - fi - set_completion_param "searx key" "${SEARX_SECRET_KEY}" - sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml - sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings_robot.yml - sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml - sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings_robot.yml - - # note: this might change to a --tor option in a later version - if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then - echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml - echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml - fi - - chown -R searx:searx ${SEARX_PATH}/searx - - # enable the site - nginx_ensite searx - - # restart the web server - systemctl restart php5-fpm - systemctl restart nginx - - # start the daemon - systemctl enable searx.service - systemctl daemon-reload - systemctl start searx.service - - if ! grep -q "Your search engine password is" /home/$MY_USERNAME/README; then - if [ ${#SEARX_PASSWORD} -lt 8 ]; then - if [ -f $IMAGE_PASSWORD_FILE ]; then - SEARX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)" - else - SEARX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})" - fi - fi - echo "$SEARX_PASSWORD" | htpasswd -i -s -c /etc/nginx/.htpasswd $MY_USERNAME - echo '' >> /home/$MY_USERNAME/README - echo '' >> /home/$MY_USERNAME/README - echo $'# Search Engine' >> /home/$MY_USERNAME/README - echo $"Search engine onion domain: ${SEARX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README - echo $"Your search engine password is: $SEARX_PASSWORD" >> /home/$MY_USERNAME/README - chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README - chmod 600 /home/$MY_USERNAME/README - fi - APP_INSTALLED=1 -} - -# NOTE: deliberately no exit 0