Beanz/searxng
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

refactor dockerfile to debian

Browse Source
This commit is contained in:
loorisr 2025-03-26 17:09:49 +01:00
parent eee08e099f
commit 44af0366ba
4 changed files with 227 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
Dockerfile
View File

@ -1,48 +1,64 @@
FROM python:3.13-alpine FROM python:3.13-slim
EXPOSE 8080 EXPOSE 8080
VOLUME /etc/searxng
ARG SEARXNG_GID=977 ARG SEARXNG_GID=977
ARG SEARXNG_UID=977 ARG SEARXNG_UID=977
RUN addgroup -g ${SEARXNG_GID} searxng && \ RUN groupadd -g ${SEARXNG_GID} searxng && \
adduser -u ${SEARXNG_UID} -D -h /usr/local/searxng -s /bin/sh -G searxng searxng useradd -u ${SEARXNG_UID} -d /usr/local/searxng -s /bin/sh -g searxng searxng
ENV INSTANCE_NAME=searxng \ ENV INSTANCE_NAME=searxng \
AUTOCOMPLETE= \ AUTOCOMPLETE= \
BASE_URL= \ BASE_URL= \
SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \ SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \
UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini \ UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini \
UWSGI_WORKERS=%k \ UWSGI_WORKERS=%k \
UWSGI_THREADS=4 UWSGI_THREADS=4
WORKDIR /usr/local/searxng WORKDIR /usr/local/searxng
# install necessary runtime packages # install necessary runtime packages
RUN apk add --no-cache brotli openssl mailcap libxml2 libxslt pcre && rm -rf /root/.cache RUN apt-get update && apt-get install -y --no-install-recommends \
brotli \
openssl \
mailcap \
libxml2 \
libxslt1.1 \
libpcre3
COPY requirements.txt ./requirements.txt COPY requirements.txt ./requirements.txt
# build and install uwsgi and necessary python packages # build and install uwsgi and necessary python packages
RUN apk add --no-cache -t build-dependencies build-base libffi-dev libxml2-dev libxslt-dev pcre-dev \ RUN --mount=type=cache,target=/root/.cache/pip apt-get update && apt-get install -y --no-install-recommends \
&& pip install --no-cache "uwsgi~=2.0.0" \ build-essential \
&& pip install --no-cache -r requirements.txt \ zlib1g-dev \
&& apk del build-dependencies \ libffi-dev \
&& rm -rf /root/.cache libxml2-dev \
libxslt-dev \
libpcre3-dev && \
pip install "uwsgi~=2.0.0" && \
pip install -r requirements.txt && \
apt-get purge -y build-essential libffi-dev libxml2-dev libxslt1-dev libpcre3-dev && \
apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/*
COPY --chown=searxng:searxng dockerfiles ./dockerfiles COPY --chown=searxng:searxng dockerfiles ./dockerfiles
COPY --chown=searxng:searxng searx ./searx COPY --chown=searxng:searxng searx ./searx
RUN mkdir /etc/searxng && chown searxng:searxng /etc/searxng
ARG TIMESTAMP_SETTINGS=0 ARG TIMESTAMP_SETTINGS=0
ARG TIMESTAMP_UWSGI=0 ARG TIMESTAMP_UWSGI=0
ARG VERSION_GITCOMMIT=unknown ARG VERSION_GITCOMMIT=unknown
RUN su searxng -c "/usr/local/bin/python3 -m compileall -q searx" \ USER searxng
&& touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml \
&& touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini \ RUN python3 -m compileall -q searx \
&& find /usr/local/searxng/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' \ && touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml \
-o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \ && touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini \
-type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+ && find /usr/local/searxng/searx/static \( -name '*.html' -o -name '*.css' -o -name '*.js' \
-o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \
-type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+
# Keep these arguments at the end to prevent redundant layer rebuilds # Keep these arguments at the end to prevent redundant layer rebuilds
ARG LABEL_DATE= ARG LABEL_DATE=
@ -52,22 +68,22 @@ ARG SEARXNG_DOCKER_TAG=unknown
ARG LABEL_VCS_REF= ARG LABEL_VCS_REF=
ARG LABEL_VCS_URL= ARG LABEL_VCS_URL=
LABEL maintainer="searxng <${GIT_URL}>" \ LABEL maintainer="searxng <${GIT_URL}>" \
description="A privacy-respecting, hackable metasearch engine." \ description="A privacy-respecting, hackable metasearch engine." \
version="${SEARXNG_GIT_VERSION}" \ version="${SEARXNG_GIT_VERSION}" \
org.label-schema.schema-version="1.0" \ org.label-schema.schema-version="1.0" \
org.label-schema.name="searxng" \ org.label-schema.name="searxng" \
org.label-schema.version="${SEARXNG_GIT_VERSION}" \ org.label-schema.version="${SEARXNG_GIT_VERSION}" \
org.label-schema.url="${LABEL_VCS_URL}" \ org.label-schema.url="${LABEL_VCS_URL}" \
org.label-schema.vcs-ref=${LABEL_VCS_REF} \ org.label-schema.vcs-ref=${LABEL_VCS_REF} \
org.label-schema.vcs-url=${LABEL_VCS_URL} \ org.label-schema.vcs-url=${LABEL_VCS_URL} \
org.label-schema.build-date="${LABEL_DATE}" \ org.label-schema.build-date="${LABEL_DATE}" \
org.label-schema.usage="https://github.com/searxng/searxng-docker" \ org.label-schema.usage="https://github.com/searxng/searxng-docker" \
org.opencontainers.image.title="searxng" \ org.opencontainers.image.title="searxng" \
org.opencontainers.image.version="${SEARXNG_DOCKER_TAG}" \ org.opencontainers.image.version="${SEARXNG_DOCKER_TAG}" \
org.opencontainers.image.url="${LABEL_VCS_URL}" \ org.opencontainers.image.url="${LABEL_VCS_URL}" \
org.opencontainers.image.revision=${LABEL_VCS_REF} \ org.opencontainers.image.revision=${LABEL_VCS_REF} \
org.opencontainers.image.source=${LABEL_VCS_URL} \ org.opencontainers.image.source=${LABEL_VCS_URL} \
org.opencontainers.image.created="${LABEL_DATE}" \ org.opencontainers.image.created="${LABEL_DATE}" \
org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker" org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker"
ENTRYPOINT ["/usr/local/searxng/dockerfiles/docker-entrypoint.sh"] ENTRYPOINT ["/usr/local/searxng/dockerfiles/docker-entrypoint.sh"]

73
Dockerfile.alpine Normal file
View File

@ -0,0 +1,73 @@
FROM python:3.13-alpine
EXPOSE 8080
VOLUME /etc/searxng
ARG SEARXNG_GID=977
ARG SEARXNG_UID=977
RUN addgroup -g ${SEARXNG_GID} searxng && \
adduser -u ${SEARXNG_UID} -D -h /usr/local/searxng -s /bin/sh -G searxng searxng
ENV INSTANCE_NAME=searxng \
AUTOCOMPLETE= \
BASE_URL= \
SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \
UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini \
UWSGI_WORKERS=%k \
UWSGI_THREADS=4
WORKDIR /usr/local/searxng
# install necessary runtime packages
RUN apk add --no-cache brotli openssl mailcap libxml2 libxslt pcre && rm -rf /root/.cache
COPY requirements.txt ./requirements.txt
# build and install uwsgi and necessary python packages
RUN apk add --no-cache -t build-dependencies build-base libffi-dev libxml2-dev libxslt-dev pcre-dev \
&& pip install --no-cache "uwsgi~=2.0.0" \
&& pip install --no-cache -r requirements.txt \
&& apk del build-dependencies \
&& rm -rf /root/.cache
COPY --chown=searxng:searxng dockerfiles ./dockerfiles
COPY --chown=searxng:searxng searx ./searx
ARG TIMESTAMP_SETTINGS=0
ARG TIMESTAMP_UWSGI=0
ARG VERSION_GITCOMMIT=unknown
RUN su searxng -c "/usr/local/bin/python3 -m compileall -q searx" \
&& touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml \
&& touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini \
&& find /usr/local/searxng/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' \
-o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \
-type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+
# Keep these arguments at the end to prevent redundant layer rebuilds
ARG LABEL_DATE=
ARG GIT_URL=unknown
ARG SEARXNG_GIT_VERSION=unknown
ARG SEARXNG_DOCKER_TAG=unknown
ARG LABEL_VCS_REF=
ARG LABEL_VCS_URL=
LABEL maintainer="searxng <${GIT_URL}>" \
description="A privacy-respecting, hackable metasearch engine." \
version="${SEARXNG_GIT_VERSION}" \
org.label-schema.schema-version="1.0" \
org.label-schema.name="searxng" \
org.label-schema.version="${SEARXNG_GIT_VERSION}" \
org.label-schema.url="${LABEL_VCS_URL}" \
org.label-schema.vcs-ref=${LABEL_VCS_REF} \
org.label-schema.vcs-url=${LABEL_VCS_URL} \
org.label-schema.build-date="${LABEL_DATE}" \
org.label-schema.usage="https://github.com/searxng/searxng-docker" \
org.opencontainers.image.title="searxng" \
org.opencontainers.image.version="${SEARXNG_DOCKER_TAG}" \
org.opencontainers.image.url="${LABEL_VCS_URL}" \
org.opencontainers.image.revision=${LABEL_VCS_REF} \
org.opencontainers.image.source=${LABEL_VCS_URL} \
org.opencontainers.image.created="${LABEL_DATE}" \
org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker"
ENTRYPOINT ["/usr/local/searxng/dockerfiles/docker-entrypoint.sh"]

97
Dockerfile.multistage Normal file
View File

@ -0,0 +1,97 @@
FROM python:3.13-slim AS builder
RUN mkdir /usr/local/searxng
WORKDIR /usr/local/searxng
RUN python3 -m venv /venv
ENV PATH=/venv/bin:$PATH
COPY requirements.txt ./requirements.txt
# Install build dependencies and Python packages
RUN apt-get update && apt-get install -y --no-install-recommends build-essential libpcre3-dev libxml2-dev libxslt1-dev zlib1g-dev
RUN --mount=type=cache,target=/root/.cache/pip pip install "uwsgi~=2.0.0"
RUN --mount=type=cache,target=/root/.cache/pip pip install -r requirements.txt
COPY dockerfiles ./dockerfiles
COPY searx ./searx
ARG TIMESTAMP_SETTINGS=0
ARG TIMESTAMP_UWSGI=0
ARG VERSION_GITCOMMIT=unknown
RUN python3 -m compileall -q searx \
&& touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml \
&& touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini
# Final image stage
FROM python:3.13-slim
EXPOSE 8080
VOLUME /etc/searxng
ARG SEARXNG_GID=977
ARG SEARXNG_UID=977
RUN groupadd -g ${SEARXNG_GID} searxng && \
useradd -u ${SEARXNG_UID} -d /usr/local/searxng -s /bin/sh -g searxng searxng
ENV INSTANCE_NAME=searxng \
AUTOCOMPLETE= \
BASE_URL= \
SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \
UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini \
UWSGI_WORKERS=%k \
UWSGI_THREADS=4
WORKDIR /usr/local/searxng
# Install necessary runtime packages
RUN apt-get update && apt-get install -y --no-install-recommends \
brotli \
# openssl \
mailcap \
libxml2 \
libxslt1.1 \
libpcre3 && \
rm -rf /var/lib/apt/lists/*
# Copy only the necessary files from the builder stage
COPY --from=builder --chown=searxng:searxng /usr/local/searxng /usr/local/searxng
COPY --from=builder --chown=searxng:searxng /venv /venv
ENV PATH=/venv/bin:$PATH
USER searxng
RUN find /usr/local/searxng/searx/static \( -name '*.html' -o -name '*.css' -o -name '*.js' \
-o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \
-type f -exec gzip -9 -k {} + -exec brotli --best {} +
# Keep these arguments at the end to prevent redundant layer rebuilds
ARG LABEL_DATE=
ARG GIT_URL=unknown
ARG SEARXNG_GIT_VERSION=unknown
ARG SEARXNG_DOCKER_TAG=unknown
ARG LABEL_VCS_REF=
ARG LABEL_VCS_URL=
LABEL maintainer="searxng <${GIT_URL}>" \
description="A privacy-respecting, hackable metasearch engine." \
version="${SEARXNG_GIT_VERSION}" \
org.label-schema.schema-version="1.0" \
org.label-schema.name="searxng" \
org.label-schema.version="${SEARXNG_GIT_VERSION}" \
org.label-schema.url="${LABEL_VCS_URL}" \
org.label-schema.vcs-ref=${LABEL_VCS_REF} \
org.label-schema.vcs-url=${LABEL_VCS_URL} \
org.label-schema.build-date="${LABEL_DATE}" \
org.label-schema.usage="https://github.com/searxng/searxng-docker" \
org.opencontainers.image.title="searxng" \
org.opencontainers.image.version="${SEARXNG_DOCKER_TAG}" \
org.opencontainers.image.url="${LABEL_VCS_URL}" \
org.opencontainers.image.revision=${LABEL_VCS_REF} \
org.opencontainers.image.source=${LABEL_VCS_URL} \
org.opencontainers.image.created="${LABEL_DATE}" \
org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker"
ENTRYPOINT ["/usr/local/searxng/dockerfiles/docker-entrypoint.sh"]

2
dockerfiles/docker-entrypoint.sh
View File

@ -81,7 +81,7 @@ patch_searxng_settings() {
-e "s|base_url: false|base_url: ${BASE_URL}|g" \ -e "s|base_url: false|base_url: ${BASE_URL}|g" \
-e "s/instance_name: \"SearXNG\"/instance_name: \"${INSTANCE_NAME}\"/g" \ -e "s/instance_name: \"SearXNG\"/instance_name: \"${INSTANCE_NAME}\"/g" \
-e "s/autocomplete: \"\"/autocomplete: \"${AUTOCOMPLETE}\"/g" \ -e "s/autocomplete: \"\"/autocomplete: \"${AUTOCOMPLETE}\"/g" \
-e "s/ultrasecretkey/$(openssl rand -hex 32)/g" \ -e "s/ultrasecretkey/$(head -c 32 /dev/urandom | od -An -tx1 | tr -d ' \n')/g" \
"${CONF}" "${CONF}"
# Morty configuration # Morty configuration