/ Docs

Installation guide

SearXNG is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. Additionally, SearXNG can be used over Tor for online anonymity.- https://docs.searxng.org/

This guide will show you how to setup a SearXNG instance to be used with Khofly Search as it's front-end, your instance will still be perfectly usable on it's own. Important differences:

  • Khofly utilizes SearXNG /search API to get the results as JSON so we will need to enable - json as output format in settings.yml.

  • Since Khofly Search and SearXNG instance are on different domains we will need to add Access-Control-Allow-Origin header in Nginx config to avoid CORS error

Requirements:

  • A fully qualified domain name (FQDN)

  • Virtual Private Server (VPS) that you are renting

If you're the only person using your SearXNG instance a basic 5$ VPS will do just fine

Make sure everything is up to date

apt update && apt upgrade

Create a new user

useradd -s /bin/bash -d /home/searx -m -G sudo searx
passwd searx
su searx

Doing this allows you to isolate all the commands and files when installing and configuring SearXNG. It can be especially useful if you intend to host the search engine on a VPS with multiple services.

Install dependencies

sudo apt install git nginx certbot python3-certbot-nginx

Clone and install SearXNG

There are three different methods for installing SearXNG ( manual, installation script, docker ), all explained at the official wiki. Here we will use the installation script which automates the manual process. First we need to clone the SearXNG repository. After that is finished, run the installation script.

git clone https://github.com/searxng/searxng searxng && cd searxng
sudo -H ./utils/searxng.sh install all

Installation process is mostly automatic, but you will be asked to confirm everything that SearXNG wants to install.

Nginx configuration

On Arch check if sites-available and sites-enable directories exist, if not create them ( mkdir sites-available sites-enabled ) and create the default file inside of /sites-available ( touch default )
server {
  # Load configuration files for the default server block.
  include /etc/nginx/default.d/*.conf;

  # Change this to your domain!
  server_name example.com;

  # Searx Redirect.
  location / {
      uwsgi_pass unix:///usr/local/searxng/run/socket;

      include uwsgi_params;

      uwsgi_param    HTTP_HOST             $host;
      uwsgi_param    HTTP_CONNECTION       $http_connection;

      # see flaskfix.py
      uwsgi_param    HTTP_X_SCHEME         $scheme;
      # uwsgi_param    HTTP_X_SCRIPT_NAME    /searxng;

      # see limiter.py
      uwsgi_param    HTTP_X_REAL_IP        $remote_addr;
      uwsgi_param    HTTP_X_FORWARDED_FOR  $proxy_add_x_forwarded_for;

      # Set this to avoid CORS error, you can set explicit domain if you want instead of *
      add_header access-control-allow-origin * always;
  }
}
If your server is behind a Cloudflare proxy you need to adjust X-Real-IP and X-Forwarded-For like this
server {
  # ...

  location / {
      # ...

      # see limiter.py
      # uwsgi_param    HTTP_X_REAL_IP        $remote_addr;
      # uwsgi_param    HTTP_X_FORWARDED_FOR  $proxy_add_x_forwarded_for;
      uwsgi_param    HTTP_X_REAL_IP        $http_cf_connecting_ip;
      uwsgi_param    HTTP_X_FORWARDED_FOR  $http_cf_connecting_ip;
      
      # ...
  }
}

SearXNG configuration

Default configuration file for SearXNG is located at /etc/searxng/settings.yml ( read more about the different options at the official wiki ), this is an example config and you will want to change the following values:
  • general.instance_name - to whatever you want ( optional )
  • search.suspended_times.SearxEngineAccessDenied - 240 is ok, default is way too high ( optional )
  • search.formats - make sure the json format is enabled along with html if you want to use your instacne as a front-end as well
  • server.secret - make sure to change to a random key ( ex. run openssl rand -hex 32 )
# SearXNG settings

use_default_settings: true

general:
  debug: false
  instance_name: "Your name"

search:
  safe_search: 0
  autocomplete: ''
  formats:
    - html
    - json
  suspended_times:
    SearxEngineAccessDenied: 240

server:
  # Is overwritten by $/{SEARXNG_SECRET}
  secret_key: "sercet"
  limiter: false
  image_proxy: true
  # public URL of the instance, to ensure correct inbound links. Is overwritten
  # by $/{SEARXNG_URL}.
  # base_url: http://example.com/location

  redis:
  # URL to connect redis database. Is overwritten by $/{SEARXNG_REDIS_URL}.
  url: unix:///usr/local/searxng-redis/run/redis.sock?db=0

ui:
  static_use_hash: true

# preferences:
#   lock:
#     - autocomplete
#     - method

enabled_plugins:
  - 'Hash plugin'
  - 'Self Informations'
  - 'Tracker URL remover'
  - 'Ahmia blacklist'
  # - 'Hostname replace'  # see hostname_replace configuration below
  # - 'Open Access DOI rewrite'

engines:
#   - name: fdroid
#     disabled: false

Finalize installation

# Add SSL certificate for your domain
certbot --nginx

# Create a copy of default file in sites-enabled
sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/

# Restart both SearXNG and Nginx
sudo systemctl reload nginx
sudo service uwsgi restart searxng

Maintenance

How to update

# cd into the SearXNG root folder
cd searxng

# Update your instance
sudo -H ./utils/searxng.sh instance update

Read more

/docs/site-data

Site Data

View all site data that Khofly stores

/docs/self-host-cf-workers

CF Workers

Setup your own Cloudflare Worker