Add searx deployment

2021-10-23 15:30:31 +02:00 · 2021-10-23 15:30:31 +02:00 · 1fae9f9a19
commit 1fae9f9a19
parent 27daf9031b
11 changed files with 211 additions and 0 deletions
--- a/group_vars/testing.yml
+++ b/group_vars/testing.yml
@ -8,5 +8,7 @@ caddy_tls_use_staging: yes
 whoami_use_https: no
 wallabag_use_https: no
 miniflux_use_https: no
 searx_use_https: no
 #server_domain: mytest.com
--- a/roles/searx/README.md
+++ b/roles/searx/README.md
@ -0,0 +1,31 @@
 # searx
 A self-hosted privacy-oriented metasearch engine.
 ## Defaults
 ```
 searx_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}"
 ```
 The on-target directory where the proxy configuration file should be stashed.
 ```
 searx_use_https: true
 ```
 Whether the service should be reachable through http (port 80) or through https (port 443) and provision an https certificate. Usually you will want this to stay `true`.
 ```
 searx_version: latest
 ```
 The docker image version to be used in stack creation.
 ```
 subdomain_alias: search
 ```
 If the deployed container should be served over a uri that is not the stack name. 
 By default, it will be set to `search.yourdomain.com` - 
 if this option is not set it will be served on `searx.yourdomain.com` instead.
--- a/roles/searx/defaults/main.yml
+++ b/roles/searx/defaults/main.yml
@ -0,0 +1,10 @@
 ---
 searx_version: latest
 searx_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}"
 searx_use_https: true
 # the subdomain link searx will be reachable under
 subdomain_alias: search
--- a/roles/searx/handlers/main.yml
+++ b/roles/searx/handlers/main.yml
@ -0,0 +1,53 @@
 ## Register reverse proxy
 - name: Ensure upstream directory exists
  ansible.builtin.file:
    path: "{{ searx_upstream_file_dir }}"
    state: directory
    mode: '0755'
  become: yes
  listen: "update searx upstream"
 - name: Update upstream template
  ansible.builtin.template:
    src: upstream.json.j2
    dest: "{{ searx_upstream_file_dir }}/upstream.json"
  become: yes
  listen: "update searx upstream"
 # figure out if upstream id exists
 - name: check {{ stack_name }} upstream
  community.docker.docker_container_exec:
    container: "{{ caddy_container_id }}"
    command: >
      curl localhost:2019/id/{{ stack_name }}_upstream/
  changed_when: False
  register: result
  become: yes
  listen: "update searx upstream"
 # upstream already exists, patch it
 - name: remove old {{ stack_name }} upstream
  community.docker.docker_container_exec:
    container: "{{ caddy_container_id }}"
    command: >
      curl -X DELETE localhost:2019/id/{{ stack_name }}_upstream/
  become: yes
  when: (result.stdout | from_json)['error'] is not defined
  listen: "update searx upstream"
 # upstream has to be created
 - name: add {{ stack_name }} upstream
  community.docker.docker_container_exec:
    container: "{{ caddy_container_id }}"
    command: >
      curl -X POST -H "Content-Type: application/json" -d @{{ searx_upstream_file_dir }}/upstream.json localhost:2019/config/apps/http/servers/{{ (searx_use_https == True) | ternary(caddy_https_server_name, caddy_http_server_name) }}/routes/0/ 
  become: yes
  listen: "update searx upstream"
 - name: Ensure upstream directory is gone again
  ansible.builtin.file:
    path: "{{ searx_upstream_file_dir }}"
    state: absent
  become: yes
  listen: "update searx upstream"
--- a/roles/searx/meta/main.yml
+++ b/roles/searx/meta/main.yml
@ -0,0 +1,14 @@
 ---
 galaxy_info:
  author: Marty Oehme
  description: Installs searx as a docker stack service
  license: GPL-3.0-only
  min_ansible_version: 2.9
  galaxy_tags: []
 dependencies:
  - docker
  - docker-swarm
  - caddy
--- a/roles/searx/tasks/main.yml
+++ b/roles/searx/tasks/main.yml
@ -0,0 +1,24 @@
 ---
 ## install searx container
 - name: Check upstream status
  community.docker.docker_container_exec:
    container: "{{ caddy_container_id }}"
    command: >
      curl localhost:2019/id/{{ stack_name }}_upstream/
  register: result
  changed_when: (result.stdout | from_json) != (lookup('template', 'upstream.json.j2') | from_yaml)
  become: yes
  notify: "update searx upstream"
 - name: Deploy searx to swarm
  community.general.docker_stack:
    name: "{{ stack_name }}"
    state: present
    prune: yes
    compose:
      - "{{ stack_compose }}"
  become: yes
  tags:
    - docker-swarm
  notify: "update searx upstream"
--- a/roles/searx/templates/docker-stack.yml.j2
+++ b/roles/searx/templates/docker-stack.yml.j2
@ -0,0 +1,30 @@
 version: '3.7'
 services:
  app:
    image: {{ stack_image }}:{{ searx_version }}
    networks:
      - "{{ docker_swarm_public_network_name }}"
    healthcheck:
        test: ["CMD", "wget", "-q", "--spider", "http://localhost:8080"]
        interval: 1m
        timeout: 10s
        retries: 3
        start_period: 1m
    environment:
      - BIND_ADDRESS=0.0.0.0:8080
 {% if server_domain is not undefined and not none %}   
      - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}.{{server_domain}}"
 {% else %}
      - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://localhost/{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}"
 {% endif %}
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - data:/etc/searx:rw
 volumes:
  data:
 networks:
  "{{ docker_swarm_public_network_name }}":
    external: true
--- a/roles/searx/templates/upstream.json.j2
+++ b/roles/searx/templates/upstream.json.j2
@ -0,0 +1,38 @@
 {
    "@id": "{{ stack_name }}_upstream",
 {% if server_domain is not undefined and not none %}   
    "match": [
        {
            "host": [
 {% if subdomain_alias is not undefined and not none %}
                "{{ subdomain_alias }}.{{ server_domain }}"
 {% else %}
                "{{ stack_name }}.{{ server_domain }}"
 {% endif %}
            ]
        }
    ],
 {% else %}
    "match": [
        {
            "path": [
 {% if subdomain_alias is not undefined and not none %}
                "/{{ subdomain_alias }}*"
 {% else %}
                "/{{ stack_name }}*"
 {% endif %}
            ]
        }
    ],
 {% endif %}
    "handle": [
        {
            "handler": "reverse_proxy",
            "upstreams": [
                {
                    "dial": "{{ stack_name }}_app:8080"
                }
            ]
        }
    ]
 }
--- a/roles/searx/vars/main.yml
+++ b/roles/searx/vars/main.yml
@ -0,0 +1,7 @@
 ---
 stack_name: searx
 stack_image: "searx/searx"
 stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
--- a/site-dev.yml
+++ b/site-dev.yml
@ -5,3 +5,4 @@
    - whoami
    - wallabag
    - miniflux
    - searx
--- a/site.yml
+++ b/site.yml
@ -12,3 +12,4 @@
    - whoami
    - wallabag
    - miniflux
    - searx