diff options
| author | Markus Heiser <markus.heiser@darmarit.de> | 2020-04-07 18:31:51 +0200 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2020-04-07 18:31:51 +0200 |
| commit | ee39a098acb2386abd5382de5c9476cc4ffe2e03 (patch) | |
| tree | 196b289570df3bd6e014a45da63a3b8825e92f1d | |
| parent | eb0d4646d818fe12032379aae2fcd8b5bdb6467e (diff) | |
| download | searxng-ee39a098acb2386abd5382de5c9476cc4ffe2e03.tar.gz searxng-ee39a098acb2386abd5382de5c9476cc4ffe2e03.zip | |
apache: normalize installation (docs and script)s over all distros
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
| -rw-r--r-- | docs/admin/installation-apache.rst | 169 | ||||
| -rw-r--r-- | docs/admin/installation-searx.rst | 2 | ||||
| -rwxr-xr-x | utils/filtron.sh | 8 | ||||
| -rwxr-xr-x | utils/lib.sh | 119 | ||||
| -rwxr-xr-x | utils/lxc.sh | 9 | ||||
| -rw-r--r-- | utils/makefile.include | 4 | ||||
| -rwxr-xr-x | utils/morty.sh | 9 | ||||
| -rwxr-xr-x | utils/searx.sh | 30 | ||||
| l--------- | utils/templates/etc/apache2 | 1 | ||||
| -rw-r--r-- | utils/templates/etc/apache2/sites-available/searx.conf:uwsgi | 27 | ||||
| -rw-r--r-- | utils/templates/etc/httpd/sites-available/morty.conf (renamed from utils/templates/etc/apache2/sites-available/morty.conf) | 14 | ||||
| -rw-r--r-- | utils/templates/etc/httpd/sites-available/searx.conf:filtron (renamed from utils/templates/etc/apache2/sites-available/searx.conf:filtron) | 16 | ||||
| -rw-r--r-- | utils/templates/etc/httpd/sites-available/searx.conf:uwsgi | 27 |
13 files changed, 264 insertions, 171 deletions
diff --git a/docs/admin/installation-apache.rst b/docs/admin/installation-apache.rst index da551c3a9..0b6cc38df 100644 --- a/docs/admin/installation-apache.rst +++ b/docs/admin/installation-apache.rst @@ -30,8 +30,6 @@ Install with apache https://httpd.apache.org/docs/trunk/mod/core.html#location .. _uWSGI Apache support: https://uwsgi-docs.readthedocs.io/en/latest/Apache.html -.. _apache uwsgi: - https://uwsgi-docs.readthedocs.io/en/latest/Apache.html#mod-proxy-uwsgi .. _mod_proxy_uwsgi: https://uwsgi-docs.readthedocs.io/en/latest/Apache.html#mod-proxy-uwsgi @@ -149,22 +147,6 @@ How this default intro site is configured, depends on the linux distribution less /etc/httpd/conf.d/welcome.conf -.. _The Debian Layout: - -The Debian Layout -================= - -Be aware that the Debian layout is quite different from the standard Apache -configuration. For details look at the README.Debian_ -(``/usr/share/doc/apache2/README.Debian.gz``). Some commands you should know on -Debian: - -* :man:`apache2ctl`: Apache HTTP server control interface -* :man:`a2enmod`, :man:`a2dismod`: switch on/off modules -* :man:`a2enconf`, :man:`a2disconf`: switch on/off configurations -* :man:`a2ensite`, :man:`a2dissite`: switch on/off sites - - .. _apache searx site: Apache Reverse Proxy @@ -179,8 +161,12 @@ Apache Reverse Proxy To setup a Apache revers proxy you have to enable the *headers* and *proxy* modules and create a `Location`_ configuration for the searx site. In most -distributions you have to uncomment the lines in the main configuration file, -except in the :ref:`The Debian Layout`. +distributions you have to un-comment the lines in the main configuration file, +except in :ref:`The Debian Layout`. + +To pass the HTTP HOST header +With ProxyPreserveHost_ the incoming Host HTTP request header is passed to the +proxied host. .. tabs:: @@ -210,6 +196,8 @@ except in the :ref:`The Debian Layout`. .. code:: apache + FIXME needs test + LoadModule headers_module modules/mod_headers.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so @@ -221,7 +209,9 @@ except in the :ref:`The Debian Layout`. .. code:: apache - LoadModule headers_module modules/mod_headers.so + FIXME needs test + + LoadModule headers_module modules/mod_headers.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so @@ -256,8 +246,7 @@ except in the :ref:`The Debian Layout`. </Location> 2. Configure reverse proxy for :ref:`morty <searx morty>`, listening on - *localhost 3000* (FYI: ``ProxyPreserveHost On`` is already set, see - above): + *localhost 3000* .. code:: apache @@ -297,10 +286,9 @@ uWSGI support ============= Be warned, with this setup, your instance isn't :ref:`protected <searx -filtron>`. Nevertheless it is good enough for intranet usage and it -demonstrates: *how different the uwsgi support is, depending on the -distribution*. To enable :ref:`uWSGI <searx uwsgi>` support you need to install -the apache `apache uwsgi`_ support: +filtron>`, nevertheless it is good enough for intranet usage. In modern Linux +distributions, the `mod_proxy_uwsgi`_ is compiled into the *normal* apache +package and you need to install only the :ref:`uWSGI <searx uwsgi>` package: .. tabs:: @@ -308,8 +296,10 @@ the apache `apache uwsgi`_ support: .. code:: sh - sudo -H apt-get install libapache2-mod-uwsgi - sudo -H a2enmod uwsgi + sudo -H apt-get install uwsgi + + # Ubuntu =< 18.04 + sudo -H apt-get install libapache2-mod-proxy-uwsgi .. group-tab:: Arch Linux @@ -317,74 +307,88 @@ the apache `apache uwsgi`_ support: sudo -H pacman -S uwsgi - In the ``/etc/httpd/conf/httpd.conf`` file, activate headers and proxy - modules (LoadModule_): - - .. code:: apache - - LoadModule proxy_module modules/mod_proxy.so - LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so - .. group-tab:: Fedora / RHEL .. code:: sh sudo -H dnf install uwsgi - FIXME: enable uwsgi in apache The next example shows a configuration using the `uWSGI Apache support`_ via -unix sockets. For socket communication, you have to activate ``socket = -/run/uwsgi/app/searx/socket`` and comment out the ``http = 127.0.0.1:8888`` -configuration in your :ref:`uwsgi ini file <uwsgi configuration>`. +unix sockets and `mod_proxy_uwsgi`_. -If not already exists, create a folder for the unix sockets, which can be -used by the searx account: +For socket communication, you have to activate ``socket = +/run/uwsgi/app/searx/socket`` and comment out the ``http = 127.0.0.1:8888`` +configuration in your :ref:`uwsgi ini file <uwsgi configuration>`. If not +already exists, create a folder for the unix sockets, which can be used by the +searx account (see :ref:`create searx user`): .. code:: bash sudo -H mkdir -p /run/uwsgi/app/searx/ sudo -H chown -R searx:searx /run/uwsgi/app/searx/ -To limit acces to your intranet replace ``Allow from all`` directive and replace -``192.168.0.0/16`` with your subnet IP/class. +If the server is public; to limit access to your intranet replace ``Allow from +all`` directive and replace ``192.168.0.0/16`` with your subnet IP/class. .. tabs:: .. group-tab:: Ubuntu / debian - Debian uses the (old) `mod_uwsgi - <https://uwsgi-docs.readthedocs.io/en/latest/Apache.html#mod-uwsgi>`_. - .. code:: apache - <IfModule mod_uwsgi.c> + LoadModule headers_module /usr/lib/apache2/mod_headers.so + LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so + LoadModule proxy_uwsgi_module /usr/lib/apache2/modules/mod_proxy_uwsgi.so - # SetEnvIf Request_URI "/searx" dontlog - # CustomLog /dev/null combined env=dontlog + # SetEnvIf Request_URI /searx dontlog + # CustomLog /dev/null combined env=dontlog - <Location /searx > + <Location /searx> - Require all granted + Require all granted + Order deny,allow + Deny from all + # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 + Allow from all - Options FollowSymLinks Indexes - SetHandler uwsgi-handler - uWSGISocket /run/uwsgi/app/searx/socket + ProxyPreserveHost On + ProxyPass unix:/run/uwsgi/app/searx/socket|uwsgi://uwsgi-uds-searx/ - Order deny,allow - Deny from all - # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 - Allow from all + </Location> - </Location> + .. group-tab:: Arch Linux - </IfModule> + .. code:: apache - .. group-tab:: Arch Linux + FIXME needs test + + LoadModule proxy_module modules/mod_proxy.so + LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so + + # SetEnvIf Request_URI /searx dontlog + # CustomLog /dev/null combined env=dontlog + + <Location /searx> + + Require all granted + Order deny,allow + Deny from all + # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 + Allow from all + + ProxyPreserveHost On + ProxyPass unix:/run/uwsgi/app/searx/socket|uwsgi://uwsgi-uds-searx/ - Arch Linux uses the (recommend) `mod_proxy_uwsgi`_. + </Location> + + .. group-tab:: Fedora / RHEL .. code:: apache + FIXME needs test + + LoadModule proxy_module modules/mod_proxy.so + LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so <IfModule proxy_uwsgi_module> # SetEnvIf Request_URI /searx dontlog @@ -405,29 +409,33 @@ To limit acces to your intranet replace ``Allow from all`` directive and replace </IfModule> - .. group-tab:: Fedora / RHEL + .. group-tab:: old mod_wsgi - RHEL uses the (recommend) `mod_proxy_uwsgi`_. + We show this only for historical reasons, DON'T USE `mod_uwsgi + <https://uwsgi-docs.readthedocs.io/en/latest/Apache.html#mod-uwsgi>`_. + ANYMORE! .. code:: apache - <IfModule proxy_uwsgi_module> + <IfModule mod_uwsgi.c> - # SetEnvIf Request_URI /searx dontlog + # SetEnvIf Request_URI "/searx" dontlog # CustomLog /dev/null combined env=dontlog - <Location /searx> + <Location /searx > Require all granted + + Options FollowSymLinks Indexes + SetHandler uwsgi-handler + uWSGISocket /run/uwsgi/app/searx/socket + Order deny,allow Deny from all # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 Allow from all - ProxyPreserveHost On - ProxyPass unix:/run/uwsgi/app/searx/socket|uwsgi://uwsgi-uds-searx/ - - </Location> + </Location> </IfModule> @@ -473,3 +481,18 @@ one of the lines and `restart apache`_:: The ``CustomLog`` directive disable logs for the whole (virtual) server, use it when the URL of the service does not have a path component (``/searx``) / is located at root (``/``). + +.. _The Debian Layout: + +The Debian Layout +================= + +Be aware that the Debian layout is quite different from the standard Apache +configuration. For details look at the README.Debian_ +(``/usr/share/doc/apache2/README.Debian.gz``). Some commands you should know on +Debian: + +* :man:`apache2ctl`: Apache HTTP server control interface +* :man:`a2enmod`, :man:`a2dismod`: switch on/off modules +* :man:`a2enconf`, :man:`a2disconf`: switch on/off configurations +* :man:`a2ensite`, :man:`a2dissite`: switch on/off sites diff --git a/docs/admin/installation-searx.rst b/docs/admin/installation-searx.rst index 91891d85c..d5c0063ee 100644 --- a/docs/admin/installation-searx.rst +++ b/docs/admin/installation-searx.rst @@ -25,6 +25,8 @@ Install packages This installs also the packages needed by :ref:`searx uwsgi` +.. _create searx user: + Create user =========== diff --git a/utils/filtron.sh b/utils/filtron.sh index 6c58b07a2..0fbf74787 100755 --- a/utils/filtron.sh +++ b/utils/filtron.sh @@ -441,14 +441,12 @@ This installs a reverse proxy (ProxyPass) into apache site (${APACHE_FILTRON_SIT ! apache_is_installed && err_msg "Apache is not installed." - if ! ask_yn "Do you really want to continue?"; then + if ! ask_yn "Do you really want to continue?" Yn; then return + else + install_apache fi - a2enmod headers - a2enmod proxy - a2enmod proxy_http - echo apache_install_site --variant=filtron "${APACHE_FILTRON_SITE}" diff --git a/utils/lib.sh b/utils/lib.sh index aaeb5093b..2c0c179bb 100755 --- a/utils/lib.sh +++ b/utils/lib.sh @@ -627,21 +627,56 @@ EOF # Apache # ------ -# FIXME: Arch Linux & RHEL should be added +apache_distro_setup() { + # shellcheck disable=SC2034 + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) + # debian uses the /etc/apache2 path, while other distros use + # the apache default at /etc/httpd + APACHE_SITES_AVAILABLE="/etc/apache2/sites-available" + APACHE_SITES_ENABLED="/etc/apache2/sites-enabled" + APACHE_MODULES="/usr/lib/apache2/modules" + APACHE_PACKAGES="apache2" + ;; + arch-*) + APACHE_SITES_AVAILABLE="/etc/httpd/sites-available" + APACHE_SITES_ENABLED="/etc/httpd/sites-enabled" + APACHE_MODULES="modules" + APACHE_PACKAGES="apache" + ;; + fedora-*) + APACHE_SITES_AVAILABLE="/etc/httpd/sites-available" + APACHE_SITES_ENABLED="/etc/httpd/sites-enabled" + APACHE_MODULES="modules" + APACHE_PACKAGES="httpd" + ;; + *) + err_msg "$DIST_ID-$DIST_VERS: apache not yet implemented" + ;; + esac +} -if [[ -z "${APACHE_SITES_AVAILABE}" ]]; then - APACHE_SITES_AVAILABE="/etc/apache2/sites-available" -fi +apache_distro_setup -apache_is_installed() { +install_apache(){ + info_msg "installing apache ..." + pkg_install "$APACHE_PACKAGES" case $DIST_ID-$DIST_VERS in - ubuntu-*|debian-*) - (command -v apachectl \ - && command -v a2ensite \ - && command -v a2dissite ) &>/dev/null + arch-*|fedora-*) + if ! grep "IncludeOptional sites-enabled" "/etc/httpd/conf/httpd.conf"; then + echo "IncludeOptional sites-enabled/*.conf" >> "/etc/httpd/conf/httpd.conf" + fi + systemctl enable httpd + systemctl start httpd ;; - arch) (command -v httpd) ;; - fedora) (command -v httpd) ;; + esac +} + +apache_is_installed() { + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) (command -v apachectl) &>/dev/null;; + arch-*) (command -v httpd) &>/dev/null;; + fedora-*) (command -v httpd) &>/dev/null;; esac } @@ -649,8 +684,16 @@ apache_reload() { info_msg "reload apache .." echo - sudo -H apachectl configtest - sudo -H service apache2 force-reload + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) + sudo -H apachectl configtest + sudo -H systemctl force-reload apache2 + ;; + arch-*| fedora-*) + sudo -H httpd -t + sudo -H systemctl force-reload httpd + ;; + esac } apache_install_site() { @@ -670,9 +713,8 @@ apache_install_site() { done install_template "${template_opts[@]}" \ - "${APACHE_SITES_AVAILABE}/${pos_args[1]}" \ + "${APACHE_SITES_AVAILABLE}/${pos_args[1]}" \ root root 644 - apache_enable_site "${pos_args[1]}" info_msg "installed apache site: ${pos_args[1]}" } @@ -683,15 +725,32 @@ apache_remove_site() { info_msg "remove apache site: $1" apache_dissable_site "$1" - rm -f "${APACHE_SITES_AVAILABE}/$1" + rm -f "${APACHE_SITES_AVAILABLE}/$1" } apache_enable_site() { # usage: apache_enable_site <mysite.conf> - info_msg "enable apache site: $1" - sudo -H a2ensite -q "$1" + local CONF="$1" + + info_msg "enable apache site: ${CONF}" + + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) + sudo -H a2ensite -q "${CONF}" + ;; + arch-*) + mkdir -p "${APACHE_SITES_ENABLED}" + rm -f "${APACHE_SITES_ENABLED}/${CONF}" + ln -s "${APACHE_SITES_AVAILABLE}/${CONF}" "${APACHE_SITES_ENABLED}/${CONF}" + ;; + fedora-*) + mkdir -p "${APACHE_SITES_ENABLED}" + rm -f "${APACHE_SITES_ENABLED}/${CONF}" + ln -s "${APACHE_SITES_AVAILABLE}/${CONF}" "${APACHE_SITES_ENABLED}/${CONF}" + ;; + esac apache_reload } @@ -699,9 +758,25 @@ apache_dissable_site() { # usage: apache_disable_site <mysite.conf> - info_msg "disable apache site: $1" - sudo -H a2dissite -q "$1" - apache_reload + local CONF="$1" + + info_msg "disable apache site: ${CONF}" + + case $DIST_ID-$DIST_VERS in + ubuntu-*|debian-*) + sudo -H a2dissite -q "${CONF}" + ;; + arch-*) + mkdir -p "${APACHE_SITES_ENABLED}" + rm -f "${APACHE_SITES_ENABLED}/${CONF}" + ln -s "${APACHE_SITES_AVAILABLE}/${CONF}" "${APACHE_SITES_ENABLED}/${CONF}" + ;; + fedora-*) + mkdir -p "${APACHE_SITES_ENABLED}" + rm -f "${APACHE_SITES_ENABLED}/${CONF}" + ln -s "${APACHE_SITES_AVAILABLE}/${CONF}" "${APACHE_SITES_ENABLED}/${CONF}" + ;; + esac } # uWSGI @@ -741,7 +816,7 @@ uWSGI_distro_setup() { uWSGI_GROUP="uwsgi" ;; *) - info_msg "$DIST_ID-$DIST_VERS: uWSGI not yet implemented" + err_msg "$DIST_ID-$DIST_VERS: uWSGI not yet implemented" ;; esac } diff --git a/utils/lxc.sh b/utils/lxc.sh index 9eb28f498..6a26f80eb 100755 --- a/utils/lxc.sh +++ b/utils/lxc.sh @@ -98,7 +98,7 @@ start/stop show :info: show info of all (or <name>) containers from LXC suite :config: show config of all (or <name>) containers from the LXC suite - :suite: show services of all the containers from the LXC suite + :suite: show services of all (or <name>) containers from the LXC suite :images: show information of local images cmd use single qoutes to evaluate in container's bash, e.g. 'echo $(hostname)' @@ -294,11 +294,9 @@ main() { build_all_containers() { rst_title "Build all LXC containers of suite" + echo usage_containers lxc_copy_images_localy - echo - rst_title "build containers" section - echo lxc_init_all_containers lxc_config_all_containers lxc_boilerplate_all_containers @@ -368,7 +366,6 @@ remove_containers() { lxc_copy_images_localy() { rst_title "copy images" section - echo for ((i=0; i<${#LXC_SUITE[@]}; i+=2)); do lxc_image_copy "${LXC_SUITE[i]}" "${LXC_SUITE[i+1]}" done @@ -477,7 +474,7 @@ lxc_init_all_containers() { local container_name for ((i=0; i<${#LXC_SUITE[@]}; i+=2)); do - lxc_init_container "${LXC_SUITE[i+1]}" "${LXC_HOST_PREFIX}-${image_name}" + lxc_init_container "${LXC_SUITE[i+1]}" "${LXC_HOST_PREFIX}-${LXC_SUITE[i+1]}" done } diff --git a/utils/makefile.include b/utils/makefile.include index 933d2b57a..65aca70f0 100644 --- a/utils/makefile.include +++ b/utils/makefile.include @@ -1,9 +1,11 @@ # -*- coding: utf-8; mode: makefile-gmake -*- ifeq (,$(wildcard /.lxcenv.mk)) -PHONY += lxc-activate +PHONY += lxc-activate lxc-purge lxc-activate: @$(MAKE) -s -f /share/searx/utils/makefile.lxc lxc-activate +lxc-purge: + $(Q)rm -rf ./lxc else include /.lxcenv.mk endif diff --git a/utils/morty.sh b/utils/morty.sh index 17039a05e..4de411999 100755 --- a/utils/morty.sh +++ b/utils/morty.sh @@ -402,15 +402,12 @@ This installs a reverse proxy (ProxyPass) into apache site (${APACHE_MORTY_SITE} ! apache_is_installed && err_msg "Apache is not installed." - if ! ask_yn "Do you really want to continue?"; then + if ! ask_yn "Do you really want to continue?" Yn; then return + else + install_apache fi - a2enmod headers - a2enmod proxy - a2enmod proxy_http - - echo apache_install_site "${APACHE_MORTY_SITE}" info_msg "testing public url .." diff --git a/utils/searx.sh b/utils/searx.sh index 86b651696..6a8588c23 100755 --- a/utils/searx.sh +++ b/utils/searx.sh @@ -75,21 +75,23 @@ texlive-xetex-bin texlive-collection-fontsrecommended texlive-collection-latex dejavu-sans-fonts dejavu-serif-fonts dejavu-sans-mono-fonts" -case $DIST_ID in - ubuntu|debian) +case $DIST_ID-$DIST_VERS in + ubuntu-16.04|ubuntu-18.04) SEARX_PACKAGES="${SEARX_PACKAGES_debian}" BUILD_PACKAGES="${BUILD_PACKAGES_debian}" - APACHE_PACKAGES="libapache2-mod-uwsgi" + APACHE_PACKAGES="$APACHE_PACKAGES libapache2-mod-proxy-uwsgi" ;; - arch) + ubuntu-*|debian-*) + SEARX_PACKAGES="${SEARX_PACKAGES_debian}" + BUILD_PACKAGES="${BUILD_PACKAGES_debian}" + ;; + arch-*) SEARX_PACKAGES="${SEARX_PACKAGES_arch}" BUILD_PACKAGES="${BUILD_PACKAGES_arch}" - APACHE_PACKAGES="uwsgi" ;; - fedora) + fedora-*) SEARX_PACKAGES="${SEARX_PACKAGES_fedora}" BUILD_PACKAGES="${BUILD_PACKAGES_fedora}" - APACHE_PACKAGES="uwsgi" ;; esac @@ -462,6 +464,7 @@ EOF wait_key info_msg "install needed python packages" tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 | prefix_stdout "$_service_prefix" +pip install wheel ${SEARX_SRC}/manage.sh update_packages EOF } @@ -735,21 +738,14 @@ This installs the searx uwsgi app as apache site. If your server is public to the internet, you should instead use a reverse proxy (filtron) to block excessively bot queries." - case $DIST_ID-$DIST_VERS in - ubuntu-*|debian-*) : ;; - *) err_msg "sorry distro $DIST_ID $DIST_VERS not yet supported"; exit 42 ;; - esac - ! apache_is_installed && err_msg "Apache is not installed." - if ! ask_yn "Do you really want to install apache site for searx-uwsgi?"; then + if ! ask_yn "Do you really want to continue?" Yn; then return + else + install_apache fi - pkg_install "$APACHE_PACKAGES" - a2enmod uwsgi - - echo apache_install_site --variant=uwsgi "${APACHE_SEARX_SITE}" if ! service_is_available "${PUBLIC_URL}"; then diff --git a/utils/templates/etc/apache2 b/utils/templates/etc/apache2 new file mode 120000 index 000000000..558a90717 --- /dev/null +++ b/utils/templates/etc/apache2 @@ -0,0 +1 @@ +httpd
\ No newline at end of file diff --git a/utils/templates/etc/apache2/sites-available/searx.conf:uwsgi b/utils/templates/etc/apache2/sites-available/searx.conf:uwsgi deleted file mode 100644 index 21e01ac4e..000000000 --- a/utils/templates/etc/apache2/sites-available/searx.conf:uwsgi +++ /dev/null @@ -1,27 +0,0 @@ -# -*- coding: utf-8; mode: apache -*- - -<IfModule mod_uwsgi.c> - - # SetEnvIf Request_URI "${SEARX_URL_PATH}" dontlog - # CustomLog /dev/null combined env=dontlog - - <Location ${SEARX_URL_PATH}> - - <IfModule mod_security2.c> - SecRuleEngine Off - </IfModule> - - Require all granted - - Options FollowSymLinks Indexes - SetHandler uwsgi-handler - uWSGISocket ${SEARX_UWSGI_SOCKET} - - Order deny,allow - Deny from all - # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 - Allow from all - - </Location> - -</IfModule> diff --git a/utils/templates/etc/apache2/sites-available/morty.conf b/utils/templates/etc/httpd/sites-available/morty.conf index 4421cdd51..326fcc755 100644 --- a/utils/templates/etc/apache2/sites-available/morty.conf +++ b/utils/templates/etc/httpd/sites-available/morty.conf @@ -1,6 +1,12 @@ # -*- coding: utf-8; mode: apache -*- -ProxyPreserveHost On +LoadModule headers_module ${APACHE_MODULES}/mod_headers.so +LoadModule proxy_module ${APACHE_MODULES}/mod_proxy.so +LoadModule proxy_module ${APACHE_MODULES}/mod_proxy_http.so +#LoadModule setenvif_module ${APACHE_MODULES}/mod_setenvif.so + +# SetEnvIf Request_URI "${PUBLIC_URL_PATH_MORTY}" dontlog +# CustomLog /dev/null combined env=dontlog <Location ${PUBLIC_URL_PATH_MORTY} > @@ -15,12 +21,8 @@ ProxyPreserveHost On #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 Allow from all + ProxyPreserveHost On ProxyPass http://${MORTY_LISTEN} RequestHeader set X-Script-Name ${PUBLIC_URL_PATH_MORTY} - # In Apache it seems, that setting HTTP_HOST header directive here does have - # no effect. I needed to set 'ProxyPreserveHost On' (see above). - - # RequestHeader set Host ${PUBLIC_HOST} - </Location> diff --git a/utils/templates/etc/apache2/sites-available/searx.conf:filtron b/utils/templates/etc/httpd/sites-available/searx.conf:filtron index 2d6af7889..11dd360bc 100644 --- a/utils/templates/etc/apache2/sites-available/searx.conf:filtron +++ b/utils/templates/etc/httpd/sites-available/searx.conf:filtron @@ -1,6 +1,12 @@ # -*- coding: utf-8; mode: apache -*- -ProxyPreserveHost On +LoadModule headers_module ${APACHE_MODULES}/mod_headers.so +LoadModule proxy_module ${APACHE_MODULES}/mod_proxy.so +LoadModule proxy_module ${APACHE_MODULES}/mod_proxy_http.so +#LoadModule setenvif_module ${APACHE_MODULES}/mod_setenvif.so + +# SetEnvIf Request_URI "${FILTRON_URL_PATH}" dontlog +# CustomLog /dev/null combined env=dontlog # SecRuleRemoveById 981054 # SecRuleRemoveById 981059 @@ -20,14 +26,8 @@ ProxyPreserveHost On #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 Allow from all + ProxyPreserveHost On ProxyPass http://${FILTRON_LISTEN} RequestHeader set X-Script-Name ${FILTRON_URL_PATH} - # In Apache it seems, that setting HTTP_HOST header directive here does have - # no effect. I needed to set 'ProxyPreserveHost On' (see above). HTTP_HOST - # (ProxyPreserveHost On) is needed by searx to render correct *Search URL* - # in the *Link* box and *saved preference*. - - # RequestHeader set Host ${PUBLIC_HOST} - </Location> diff --git a/utils/templates/etc/httpd/sites-available/searx.conf:uwsgi b/utils/templates/etc/httpd/sites-available/searx.conf:uwsgi new file mode 100644 index 000000000..ef702de3a --- /dev/null +++ b/utils/templates/etc/httpd/sites-available/searx.conf:uwsgi @@ -0,0 +1,27 @@ +# -*- coding: utf-8; mode: apache -*- + +LoadModule headers_module ${APACHE_MODULES}/mod_headers.so +LoadModule proxy_module ${APACHE_MODULES}/mod_proxy.so +LoadModule proxy_uwsgi_module ${APACHE_MODULES}/mod_proxy_uwsgi.so +# LoadModule setenvif_module ${APACHE_MODULES}/mod_setenvif.so + +# SetEnvIf Request_URI "${SEARX_URL_PATH}" dontlog +# CustomLog /dev/null combined env=dontlog + +<Location ${SEARX_URL_PATH}> + + <IfModule mod_security2.c> + SecRuleEngine Off + </IfModule> + + Require all granted + + Order deny,allow + Deny from all + # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1 + Allow from all + + ProxyPreserveHost On + ProxyPass unix:${SEARX_UWSGI_SOCKET}|uwsgi://uwsgi-uds-searx/ + +</Location> |