This commit is contained in:
Bob Mottram 2017-09-23 11:05:51 +01:00
commit 1b14ea302d
4 changed files with 87 additions and 13 deletions

View File

@ -25,6 +25,8 @@ In terms of security both the connection between you and the server, and the out
[[file:images/searx.jpg]] [[file:images/searx.jpg]]
#+END_CENTER #+END_CENTER
* Installation
ssh into the system with: ssh into the system with:
#+BEGIN_SRC bash #+BEGIN_SRC bash
@ -33,6 +35,18 @@ ssh myusername@mydomain.com -p 2222
Select *Administrator controls* then *Add/remove apps*. From there you can use cursor keys, space and enter keys to select *searx*. Select *Administrator controls* then *Add/remove apps*. From there you can use cursor keys, space and enter keys to select *searx*.
Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to *Passwords* on the *Administrator control panel* and select *searx*. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system. Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
* Make it your default search
If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "/Freedombone Metasearch/" and you can then right click on it and make it the default search.
* Enabling password login
It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
To enable password login go to the *Administrator control panel* then *App settings* then select *searx* and *Enable login*. If you select "yes" then the password will be displayed.
* Customization
It's also possible to customise the background image if you go to *App settings* then select *searx*. It's also possible to customise the background image if you go to *App settings* then select *searx*.

View File

@ -147,6 +147,33 @@ function searx_set_background_image {
esac esac
} }
function searx_enable_login {
dialog --title $"Enable Searx login" \
--backtitle $"Freedombone Control Panel" \
--defaultno \
--yesno $"\nDo you want to add a login so that random web users can't use your metasearch engine?" 10 60
sel=$?
case $sel in
0) if grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
sed -i 's|#auth_basic|auth_basic|g' /etc/nginx/sites-available/searx
systemctl restart nginx
fi
read_config_param $MY_USERNAME
SEARX_LOGIN_PASS=$(${PROJECT_NAME}-pass -u $MY_USERNAME -a searx)
dialog --title $"Enable Searx login" \
--msgbox $"Searx logins are now enabled with the password $SEARX_LOGIN_PASS" 6 65
SEARX_LOGIN_PASS=
;;
1) if ! grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
sed -i 's|auth_basic|#auth_basic|g' /etc/nginx/sites-available/searx
systemctl restart nginx
fi
dialog --title $"Disable Searx login" \
--msgbox $"Searx logins are now disabled. Anyone can access your metasearch engine." 6 65
;;
esac
}
function configure_interactive_searx { function configure_interactive_searx {
while true while true
do do
@ -154,9 +181,10 @@ function configure_interactive_searx {
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
dialog --backtitle $"Freedombone Control Panel" \ dialog --backtitle $"Freedombone Control Panel" \
--title $"SearX Metasearch" \ --title $"SearX Metasearch" \
--radiolist $"Choose an operation:" 11 70 2 \ --radiolist $"Choose an operation:" 12 70 3 \
1 $"Set a background image" off \ 1 $"Set a background image" off \
2 $"Exit" on 2> $data 2 $"Enable login" off \
3 $"Exit" on 2> $data
sel=$? sel=$?
case $sel in case $sel in
1) return;; 1) return;;
@ -164,7 +192,8 @@ function configure_interactive_searx {
esac esac
case $(cat $data) in case $(cat $data) in
1) searx_set_background_image;; 1) searx_set_background_image;;
2) break;; 2) searx_enable_login;;
3) break;;
esac esac
done done
} }
@ -942,8 +971,8 @@ function install_searx {
function_check nginx_limits function_check nginx_limits
nginx_limits searx '1M' nginx_limits searx '1M'
echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx echo " #auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx echo ' #auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
echo ' }' >> /etc/nginx/sites-available/searx echo ' }' >> /etc/nginx/sites-available/searx
echo '' >> /etc/nginx/sites-available/searx echo '' >> /etc/nginx/sites-available/searx
echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx

View File

@ -5,8 +5,7 @@ PROJECT_NAME=freedombone
UPTIME=$(cat /proc/uptime | awk -F '.' '{print $1}') UPTIME=$(cat /proc/uptime | awk -F '.' '{print $1}')
if [ $UPTIME -gt 120 ]; then if [ $UPTIME -gt 120 ]; then
ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}') ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
#MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname) MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
MY_EMAIL_ADDRESS=root@$(cat /etc/hostname)
echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS} echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
echo "${ACTION}" > /tmp/usb-canary echo "${ACTION}" > /tmp/usb-canary
echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary

View File

@ -3,10 +3,10 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-04-16 Sun 21:00 --> <!-- 2017-09-23 Sat 11:02 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title>&lrm;</title>
<meta name="generator" content="Org mode" /> <meta name="generator" content="Org mode" />
<meta name="author" content="Bob Mottram" /> <meta name="author" content="Bob Mottram" />
<meta name="description" content="How to use SearX metasearch" <meta name="description" content="How to use SearX metasearch"
@ -265,13 +265,16 @@ In terms of security both the connection between you and the server, and the out
</div> </div>
</div> </div>
<div id="outline-container-org404708e" class="outline-2">
<h2 id="org404708e">Installation</h2>
<div class="outline-text-2" id="text-org404708e">
<p> <p>
ssh into the system with: ssh into the system with:
</p> </p>
<div class="org-src-container"> <div class="org-src-container">
<pre><code class="src src-bash">ssh myusername@mydomain.com -p 2222 <pre class="src src-bash">ssh myusername@mydomain.com -p 2222
</code></pre> </pre>
</div> </div>
<p> <p>
@ -279,13 +282,42 @@ Select <b>Administrator controls</b> then <b>Add/remove apps</b>. From there you
</p> </p>
<p> <p>
Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to <b>Passwords</b> on the <b>Administrator control panel</b> and select <b>searx</b>. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system. Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
</p>
</div>
</div>
<div id="outline-container-org312dbda" class="outline-2">
<h2 id="org312dbda">Make it your default search</h2>
<div class="outline-text-2" id="text-org312dbda">
<p>
If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "<i>Freedombone Metasearch</i>" and you can then right click on it and make it the default search.
</p>
</div>
</div>
<div id="outline-container-org6b74e84" class="outline-2">
<h2 id="org6b74e84">Enabling password login</h2>
<div class="outline-text-2" id="text-org6b74e84">
<p>
It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
</p> </p>
<p>
To enable password login go to the <b>Administrator control panel</b> then <b>App settings</b> then select <b>searx</b> and <b>Enable login</b>. If you select "yes" then the password will be displayed.
</p>
</div>
</div>
<div id="outline-container-orgae556b2" class="outline-2">
<h2 id="orgae556b2">Customization</h2>
<div class="outline-text-2" id="text-orgae556b2">
<p> <p>
It's also possible to customise the background image if you go to <b>App settings</b> then select <b>searx</b>. It's also possible to customise the background image if you go to <b>App settings</b> then select <b>searx</b>.
</p> </p>
</div> </div>
</div>
</div>
<div id="postamble" class="status"> <div id="postamble" class="status">
<style type="text/css"> <style type="text/css">