Selfhosted

46679 readers

616 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Need help with searxng docker compose (lemmy.world)

submitted 16 hours ago* (last edited 14 hours ago) by Override4414@lemmy.world to c/selfhosted@lemmy.world

26 comments fedilink hide all child comments

I hosted searxng on portainer and receive PermissionError and no python application found error

Log:

PermissionError: [Errno 13] Permission denied: '/etc/searxng/settings.yml'

unable to load app 0 (mountpoint='') (callable not found or import error)

*** no app loaded. going in full dynamic mode ***

***
no python application found, check your startup logs for errors
***

[pid: 19|app: -1|req: -1/1] 127.0.0.1 () {28 vars in 330 bytes} [Sat May 17 05:06:00 2025] HEAD /healthz => generated 21 bytes in 0 msecs (HTTP/1.1 500) 3 headers in 102 bytes (0 switches on core 0)

I tried removing cap_drop (as instructed on https://github.com/searxng/searxng-docker/issues/115) but no luck

version: "3.7"

services:
  # caddy:
  #   container_name: caddy
  #   image: docker.io/library/caddy:2-alpine
  #   network_mode: host
  #   restart: unless-stopped
  #   volumes:
  #     - ./Caddyfile:/etc/caddy/Caddyfile:ro
  #     - caddy-data:/data:rw
  #     - caddy-config:/config:rw
  #   environment:
  #     # - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost/}
  #     - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
  #   cap_drop:
  #     - ALL
  #   cap_add:
  #     - NET_BIND_SERVICE
  #   logging:
  #     driver: "json-file"
  #     options:
  #       max-size: "1m"
  #       max-file: "1"

  redis:
    container_name: redis
    image: docker.io/valkey/valkey:8-alpine
    command: valkey-server --save 30 1 --loglevel warning
    restart: unless-stopped
    networks:
      - searxng
    volumes:
      - valkey-data2:/data
    # cap_drop:
    #   - ALL
    cap_add:
      - SETGID
      - SETUID
      - DAC_OVERRIDE
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"

  searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    restart: unless-stopped
    networks:
      - searxng
    ports:
      # - "127.0.0.1:8080:8080"
      - "20054:8080"
    volumes:
      - ./searxng:/etc/searxng:rw
    environment:
      # - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
      - SEARXNG_BASE_URL="http://mydomain:20054/"
      - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
      - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}
    # cap_drop:
    #   - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"

networks:
  searxng:

volumes:
  # caddy-data:
  # caddy-config:
  valkey-data2:

thx a lot!

you are viewing a single comment's thread
view the rest of the comments

[–] muntedcrocodile@lemm.ee 1 points 15 hours ago* (last edited 15 hours ago) (1 children)

Here is my searxng rocker compose:

services:
  redis:
    container_name: redis
    image: docker.io/valkey/valkey:7-alpine
    command: valkey-server --save 30 1 --loglevel warning
    restart: unless-stopped
    networks:
      - local_bridge
    volumes:
      - ./data/reddis:/data
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
      - DAC_OVERRIDE
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"

  searxng:
    container_name: searxng
    image: docker.io/searxng/searxng:latest
    restart: unless-stopped
    networks:
      - local_bridge
      - proxy
    volumes:
      - ./data/searxng:/etc/searxng
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
      - SEARXNG_SECRET=${SEARXNG_SECRET}
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"

networks:
  local_bridge: # local bridge with ipv6 internet access
    driver: bridge
    enable_ipv6: true
  proxy:
    external: true

And my searxng settings:

searxng/data/searxng/settings.yml
# see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings
use_default_settings: true

server:
  # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
  limiter: false  # can be disabled for a private instance
  image_proxy: false
ui:
  static_use_hash: true
  query_in_title: true
  infinite_scroll: true
  default_theme: simple
  theme_args:
    # style of simple theme: auto, light, dark
    simple_style: dark
redis:
  url: redis://redis:6379/0


search:
  safe_search: 0
  autocomplete: 'duckduckgo'
  default_lang: "en"
  formats:
    - html
    - json


outgoing:
  # default timeout in seconds, can be override by engine
  request_timeout: 3.0


enabled_plugins:
  - 'Hash plugin'
  - 'Basic Calculator'
  - 'Self Informations'
  - 'Tracker URL remover'
  # - 'Ahmia blacklist'
  - 'Hostnames plugin'  # see 'hostnames' configuration below
  - 'Open Access DOI rewrite'

And the proxy network is just the docker network that nginx is connected to. Here is my nginx conf https://github.com/muntedcrocodile/nginxconf .

[–] Override4414@lemmy.world 1 points 15 hours ago

thank you!