this post was submitted on 22 Apr 2025
15 points (94.1% liked)

Selfhosted

60693 readers
407 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Hello, I want to install searxng without using Docker on my homeserver so I basically run the install script from the official documentation. Already tried to use the automatic script for setting up apache and it basically worked by exposing /searxng. But I would like to do something simpler as I like that apache would only expose localhost:80 (for example) to use a reverse proxy later to point to it. Just wondering how this configuration work and how I could do something that applicates to my use case :

# -*- coding: utf-8; mode: apache -*-

LoadModule ssl_module           /mod_ssl.so
LoadModule headers_module       /mod_headers.so
LoadModule proxy_module         /mod_proxy.so
LoadModule proxy_uwsgi_module   /mod_proxy_uwsgi.so
# LoadModule setenvif_module      /mod_setenvif.so
#
# SetEnvIf Request_URI /searxng dontlog
# CustomLog /dev/null combined env=dontlog

<Location /searxng>

    Require all granted
    Order deny,allow
    Deny from all
    # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
    Allow from all

    # add the trailing slash
    RedirectMatch  308 /searxng$ /searxng/

    ProxyPreserveHost On
    ProxyPass unix:/usr/local/searxng/run/socket|uwsgi://uwsgi-uds-searxng/

    # see flaskfix.py
    RequestHeader set X-Scheme %{REQUEST_SCHEME}s
    RequestHeader set X-Script-Name /searxng

    # see limiter.py
    RequestHeader set X-Real-IP %{REMOTE_ADDR}s
    RequestHeader append X-Forwarded-For %{REMOTE_ADDR}s

</Location>

# uWSGI serves the static files and in settings.yml we use::
#
#   ui:
#     static_use_hash: true
#
# Alias /searxng/static/ /usr/local/searxng/searxng-src/searx/static/

Any help here? Thank you very much

you are viewing a single comment's thread
view the rest of the comments
[–] bradley@techhub.social -1 points 1 year ago (1 children)

@foremanguy92_ if it is just you using the service I would suggest skipping apache and using tailscale to access. Allows you to get to it as if you're always on your network.

If you need it public my apologies I'm no help.

[–] foremanguy92_@lemmy.ml 2 points 1 year ago (1 children)

Would like to make it "pseudo-public" thank you anyway

[–] WeirdGoesPro@lemmy.dbzer0.com 5 points 1 year ago* (last edited 1 year ago)

Making it pseudo-public and not using docker would be a mistake, in my opinion. Anything public-ish can benefit from the extra security of docker’s sandboxing.

It will also make it much easier to run things through a VPN with Gluetun—something you definitely want to do if you have strangers using your SearXNG instance.

You should really consider a container of some kind.