bump: 2025.1.25-176079977

Reviewed-on: #5

.env

@@ -1,2 +1,2 @@
 PROD_URL=searx.gmoker.com
-IMAGEAPP=docker.io/searxng/searxng:2024.9.26-6a3375be3
+IMAGEAPP=docker.io/searxng/searxng:2025.1.25-176079977

compose.yaml

@@ -14,4 +14,4 @@ services:
     environment:
       - SEARXNG_SECRET=secret # $(openssl rand -hex 32)
     volumes:
-      - ./config/:/etc/searxng/
+      - ./config/:/etc/searxng/:ro

config/limiter.toml

@@ -12,7 +12,7 @@ ipv6_prefix = 48
 
 [botdetection.ip_limit]
 
-# To get unlimited access in a local network, by default link-lokal addresses
+# To get unlimited access in a local network, by default link-local addresses
 # (networks) are not monitored by the ip_limit
 filter_link_local = false
 

config/settings.yml

@@ -12,6 +12,10 @@ general:
   contact_url: false
   # record stats
   enable_metrics: true
+  # expose stats in open metrics format at /metrics
+  # leave empty to disable (no password set)
+  # open_metrics: <password>
+  open_metrics: ''
 
 brand:
   new_issue_url: https://github.com/searxng/searxng/issues/new
@@ -35,6 +39,9 @@ search:
   autocomplete: "brave"
   # minimun characters to type before autocompleter starts
   autocomplete_min: 4
+  # backend for the favicon near URL in search results.
+  # Available resolvers: "allesedv", "duckduckgo", "google", "yandex" - leave blank to turn it off by default.
+  favicon_resolver: ""
   # Default search language - leave blank to detect from browser information or
   # use codes from 'languages.py'
   default_lang: "auto"
@@ -133,6 +140,8 @@ ui:
   search_on_category_select: true
   # Hotkeys: default or vim
   hotkeys: vim
+  # URL formatting: pretty, full or host
+  url_formatting: pretty
 
 # Lock arbitrary settings on the preferences page.  To find the ID of the user
 # setting you want to lock, check the ID of the form on the page "preferences".
@@ -218,22 +227,16 @@ enabled_plugins:
   - 'Hash plugin'
   - 'Self Information'
   - 'Tracker URL remover'
+  - 'Unit converter plugin'
   - 'Ahmia blacklist'  # activation depends on outgoing.using_tor_proxy
 #   # these plugins are disabled if nothing is configured ..
   - 'Hostnames plugin'  # see 'hostnames' configuration below
 #   - 'Open Access DOI rewrite'
 #   - 'Tor check plugin'
-#   # Read the docs before activate: auto-detection of the language could be
-#   # detrimental to users expectations / users can activate the plugin in the
-#   # preferences if they want.
-  - 'Autodetect search language'
 
 # Configuration of the "Hostnames plugin":
 #
 hostnames:
-  replace:
-    '(.*\.)?reddit\.com$': 'old.reddit.com'
-    '(.*\.)?redd\.it$': 'old.reddit.com'
   remove: 'hostnames_remove.yml'
 
 checker:
@@ -298,6 +301,63 @@ engines:
     shortcut: 9g
     disabled: true
 
+  - name: adobe stock
+    engine: adobe_stock
+    shortcut: asi
+    categories: ["images"]
+    # https://docs.searxng.org/dev/engines/online/adobe_stock.html
+    adobe_order: relevance
+    adobe_content_types: ["photo", "illustration", "zip_vector", "template", "3d", "image"]
+    timeout: 6
+    disabled: true
+
+  - name: adobe stock video
+    engine: adobe_stock
+    shortcut: asv
+    network: adobe stock
+    categories: ["videos"]
+    adobe_order: relevance
+    adobe_content_types: ["video"]
+    timeout: 6
+    disabled: true
+
+  - name: adobe stock audio
+    engine: adobe_stock
+    shortcut: asa
+    network: adobe stock
+    categories: ["music"]
+    adobe_order: relevance
+    adobe_content_types: ["audio"]
+    timeout: 6
+    disabled: true
+
+  - name: alexandria
+    engine: json_engine
+    shortcut: alx
+    categories: general
+    paging: true
+    search_url: https://api.alexandria.org/?a=1&q={query}&p={pageno}
+    results_query: results
+    title_query: title
+    url_query: url
+    content_query: snippet
+    timeout: 1.5
+    disabled: true
+    about:
+      website: https://alexandria.org/
+      official_api_documentation: https://github.com/alexandria-org/alexandria-api/raw/master/README.md
+      use_official_api: true
+      require_api_key: false
+      results: JSON
+
+  # - name: astrophysics data system
+  #   engine: astrophysics_data_system
+  #   sort: asc
+  #   weight: 5
+  #   categories: [science]
+  #   api_key: your-new-key
+  #   shortcut: ads
+
   - name: alpine linux packages
     engine: alpinelinux
     disabled: true
@@ -383,7 +443,6 @@ engines:
     shortcut: wp
     # add "list" to the array to get results in the results list
     display_type: ["infobox"]
-    base_url: 'https://{language}.wikipedia.org/'
     categories: [general]
 
   - name: bilibili
@@ -503,6 +562,8 @@ engines:
     url_query: link
     title_query: title
     content_query: snippet
+    title_html_to_text: true
+    content_html_to_text: true
     disabled: true
     about:
       website: https://crowdview.ai/
@@ -979,6 +1040,11 @@ engines:
     timeout: 3.0
     disabled: true
 
+  - name: ipernity
+    engine: ipernity
+    shortcut: ip
+    disabled: true
+
   - name: jisho
     engine: jisho
     shortcut: js
@@ -1251,6 +1317,12 @@ engines:
       require_api_key: false
       results: JSON
 
+  - name: openlibrary
+    engine: openlibrary
+    shortcut: ol
+    timeout: 5
+    disabled: true
+
   - name: openmeteo
     engine: open_meteo
     shortcut: om
@@ -1443,6 +1515,11 @@ engines:
       require_api_key: false
       results: HTML
 
+  - name: Public Domain Image Archive
+    engine: public_domain_image_archive
+    shortcut: pdia
+    disabled: true
+
   - name: pubmed
     engine: pubmed
     shortcut: pub
@@ -1587,11 +1664,6 @@ engines:
     api_site: 'askubuntu'
     categories: [it, q&a]
 
-  - name: internetarchivescholar
-    engine: internet_archive_scholar
-    shortcut: ias
-    timeout: 15.0
-
   - name: superuser
     engine: stackexchange
     shortcut: su
@@ -2007,6 +2079,16 @@ engines:
   #    query_str: 'SELECT * from mytable WHERE fieldname=%(query)s'
   #    shortcut: mysql
 
+  # Required dependency: mariadb
+  #  - name: mariadb
+  #    engine: mariadb_server
+  #    database: mydatabase
+  #    username: user
+  #    password: pass
+  #    limit: 10
+  #    query_str: 'SELECT * from mytable WHERE fieldname=%(query)s'
+  #    shortcut: mdb
+
   - name: 1337x
     engine: 1337x
     shortcut: 1337x
@@ -2164,7 +2246,6 @@ engines:
   - name: wordnik
     engine: wordnik
     shortcut: def
-    base_url: https://www.wordnik.com/
     categories: [dictionaries]
     timeout: 5.0
 
@@ -2210,13 +2291,6 @@ engines:
     seekr_category: videos
     disabled: true
 
-  - name: sjp.pwn
-    engine: sjp
-    shortcut: sjp
-    base_url: https://sjp.pwn.pl/
-    timeout: 5.0
-    disabled: true
-
   - name: stract
     engine: stract
     shortcut: str

diff.sh

@@ -12,7 +12,7 @@ new_commit="$(grep -Eo '\w+$' <<< "$new_tag")"
 
 for f in limiter.toml settings.yml; do
     if curl -Lo "$tmp" "$REPO/$new_commit/searx/$f" && ! diff -Z "$tmp" "config/$f" > /dev/null; then
-        $EDITOR -d -c "wincmd l" -- "config/$f" "$tmp"
+        $EDITOR -d -c "wincmd l" -- "$tmp" "config/$f"
     fi
 done
 

generate_hostnames_remove.py

@@ -0,0 +1,27 @@
+#!/usr/bin/env python3
+
+import urllib.request as request
+import re
+
+HOSTS = "https://someonewhocares.org/hosts/zero/hosts"
+OUTPUT = "config/hostnames_remove.yml"
+
+
+def main():
+    with request.urlopen(HOSTS) as i:
+        with open(OUTPUT, "w+") as o:
+            print(
+                *sorted(
+                    [
+                        rf"- '(.*\.)?{re.escape(l.split()[1])}$'"
+                        for l in i.read().decode("utf-8").split("\n")
+                        if l.startswith("0")
+                    ]
+                ),
+                sep="\n",
+                file=o,
+            )
+
+
+if __name__ == "__main__":
+    main()

manifests/bin/deploy.sh

@@ -3,40 +3,45 @@ set -o pipefail
 
 function kapply() {
     for f in "$@"; do
-        kubectl apply -f \
-            <(envsubst "$(env | xargs printf '$%s ')" < "manifests/$f")
+        kubectl apply -f <(envsubst < "manifests/$f")
     done
-}
+}; export -f kapply
 
 function kcreatesec() {
-    kubectl create secret generic --save-config --dry-run=client -oyaml "$@" | kubectl apply -f-
-}
+    kubectl create secret generic --dry-run=client -oyaml "$@" | kubectl replace -f-
+}; export -f kcreatesec
 
 function kcreatecm() {
-    kubectl create configmap --dry-run=client -oyaml "$@" | kubectl apply -f-
-}
+    kubectl create configmap --dry-run=client -oyaml "$@" | kubectl replace -f-
+}; export -f kcreatecm
 
 function kgseckey() {
     local sec="$1"; shift
     local key="$1"; shift
 
-    kubectl get secret "$sec" -o jsonpath="{.data.$key}" | base64 -d
-}
+    if ! kubectl get secret "$sec" -ojson | jq -re ".data.\"$key\" // empty" | base64 -d; then
+        return 1
+    fi
+}; export -f kgseckey
 
 function kgcmkey() {
     local cm="$1";  shift
     local key="$1"; shift
 
-    kubectl get configmap "$cm" -o jsonpath="{.data.$key}"
-}
+    if ! kubectl get configmap "$cm" -ojson | jq -re ".data.\"$key\" // empty"; then
+        return 1
+    fi
+}; export -f kgcmkey
 
 
 kcreatesec searxng \
     --from-literal=SEARXNG_SECRET="$(kgseckey searxng SEARXNG_SECRET || openssl rand -hex 32)"
 
-kcreatecm searxng \
-    --from-file=config/settings.yml \
-    --from-file=config/limiter.toml
+opts=()
+for f in config/*; do
+    opts+=(--from-file="$f")
+done
+kcreatecm searxng "${opts[@]}"
 
 kapply common/valkey.yaml common/app.yaml
 

manifests/bin/devel.sh

@@ -1,4 +1,5 @@
 #!/bin/bash -e
+set -o pipefail
 
 export NB_REPLICAS=1
 

manifests/bin/prod.sh

@@ -1,4 +1,5 @@
 #!/bin/bash -e
+set -o pipefail
 
 export NB_REPLICAS=3
 

manifests/common/app.yaml

@@ -69,11 +69,7 @@ spec:
                 name: searxng
           volumeMounts:
             - name: config
-              mountPath: /etc/searxng/limiter.toml
-              subPath: limiter.toml
-            - name: config
-              mountPath: /etc/searxng/settings.yml
-              subPath: settings.yml
+              mountPath: /etc/searxng/
       volumes:
         - name: config
           configMap: