ulysses: remove bundled searxng — conflicts with standalone instance at :8888
Some checks are pending
CI / Focused test guidance (report-only) (push) Waiting to run
CI / Python syntax (compileall) (push) Waiting to run
CI / JS syntax (node --check) (push) Waiting to run
CI / Python tests (pytest) (push) Waiting to run
Container scan / hadolint (Dockerfile lint) (push) Waiting to run
Container scan (Trivy) / Trivy (image scan, advisory) (push) Waiting to run
Container scan (Trivy) / Trivy (image scan + SARIF upload) (push) Waiting to run
Dependency review / dependency-review (PR gate) (push) Waiting to run
Dependency review / pip-audit (advisory) (push) Waiting to run
ci / docker publish / build (amd64) (push) Waiting to run
ci / docker publish / build (arm64) (push) Waiting to run
ci / docker publish / merge manifest + tag (push) Blocked by required conditions
Secret scan / gitleaks (push) Waiting to run
Workflow security / actionlint (push) Waiting to run
Workflow security / zizmor (Actions SAST) (push) Waiting to run
Some checks are pending
CI / Focused test guidance (report-only) (push) Waiting to run
CI / Python syntax (compileall) (push) Waiting to run
CI / JS syntax (node --check) (push) Waiting to run
CI / Python tests (pytest) (push) Waiting to run
Container scan / hadolint (Dockerfile lint) (push) Waiting to run
Container scan (Trivy) / Trivy (image scan, advisory) (push) Waiting to run
Container scan (Trivy) / Trivy (image scan + SARIF upload) (push) Waiting to run
Dependency review / dependency-review (PR gate) (push) Waiting to run
Dependency review / pip-audit (advisory) (push) Waiting to run
ci / docker publish / build (amd64) (push) Waiting to run
ci / docker publish / build (arm64) (push) Waiting to run
ci / docker publish / merge manifest + tag (push) Blocked by required conditions
Secret scan / gitleaks (push) Waiting to run
Workflow security / actionlint (push) Waiting to run
Workflow security / zizmor (Actions SAST) (push) Waiting to run
This commit is contained in:
parent
ea201ab4b0
commit
4b98744495
1 changed files with 47 additions and 47 deletions
|
|
@ -71,8 +71,8 @@ services:
|
||||||
- PUID=${PUID:-1000}
|
- PUID=${PUID:-1000}
|
||||||
- PGID=${PGID:-1000}
|
- PGID=${PGID:-1000}
|
||||||
depends_on:
|
depends_on:
|
||||||
searxng:
|
# searxng:
|
||||||
condition: service_healthy
|
# condition: service_healthy
|
||||||
chromadb:
|
chromadb:
|
||||||
condition: service_started
|
condition: service_started
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
@ -87,55 +87,55 @@ services:
|
||||||
- ANONYMIZED_TELEMETRY=FALSE
|
- ANONYMIZED_TELEMETRY=FALSE
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
searxng:
|
# searxng:
|
||||||
# Pinned, not :latest — odysseus waits on searxng's healthcheck
|
# Pinned, not :latest — odysseus waits on searxng's healthcheck
|
||||||
# (depends_on: condition: service_healthy), so a broken upstream `latest`
|
# (depends_on: condition: service_healthy), so a broken upstream `latest`
|
||||||
# tag blocks the whole app from starting. 2026.6.2 crashes on boot with
|
# tag blocks the whole app from starting. 2026.6.2 crashes on boot with
|
||||||
# `KeyError: 'default_doi_resolver'`, failing the healthcheck (issue #1414).
|
# `KeyError: 'default_doi_resolver'`, failing the healthcheck (issue #1414).
|
||||||
# Bump this deliberately after verifying a newer tag boots clean.
|
# Bump this deliberately after verifying a newer tag boots clean.
|
||||||
image: docker.io/searxng/searxng:2026.5.31-7159b8aed
|
# image: docker.io/searxng/searxng:2026.5.31-7159b8aed
|
||||||
entrypoint:
|
# entrypoint:
|
||||||
- /bin/sh
|
# - /bin/sh
|
||||||
- -c
|
# - -c
|
||||||
- |
|
# - |
|
||||||
set -eu
|
# set -eu
|
||||||
if [ ! -s /etc/searxng/settings.yml ] || grep -q 'odysseus-local-searxng-json-2026-05-30\|__SEARXNG_SECRET__' /etc/searxng/settings.yml; then
|
# if [ ! -s /etc/searxng/settings.yml ] || grep -q 'odysseus-local-searxng-json-2026-05-30\|__SEARXNG_SECRET__' /etc/searxng/settings.yml; then
|
||||||
secret="$${SEARXNG_SECRET:-}"
|
# secret="$${SEARXNG_SECRET:-}"
|
||||||
if [ -z "$$secret" ]; then
|
# if [ -z "$$secret" ]; then
|
||||||
secret="$$(python -c 'import secrets; print(secrets.token_urlsafe(48))')"
|
# secret="$$(python -c 'import secrets; print(secrets.token_urlsafe(48))')"
|
||||||
fi
|
# fi
|
||||||
sed "s|__SEARXNG_SECRET__|$$secret|g" /tmp/searxng-settings.yml.template > /etc/searxng/settings.yml
|
# sed "s|__SEARXNG_SECRET__|$$secret|g" /tmp/searxng-settings.yml.template > /etc/searxng/settings.yml
|
||||||
fi
|
# fi
|
||||||
exec /usr/local/searxng/entrypoint.sh
|
# exec /usr/local/searxng/entrypoint.sh
|
||||||
ports:
|
# ports:
|
||||||
- "127.0.0.1:8080:8080"
|
# - "127.0.0.1:8080:8080"
|
||||||
volumes:
|
# volumes:
|
||||||
- searxng-data:/etc/searxng
|
# - searxng-data:/etc/searxng
|
||||||
- ./config/searxng/settings.yml:/tmp/searxng-settings.yml.template:ro,z
|
# - ./config/searxng/settings.yml:/tmp/searxng-settings.yml.template:ro,z
|
||||||
environment:
|
# environment:
|
||||||
- SEARXNG_BASE_URL=http://localhost:8080/
|
# - SEARXNG_BASE_URL=http://localhost:8080/
|
||||||
- SEARXNG_SECRET=${SEARXNG_SECRET:-}
|
# restart: unless-stopped
|
||||||
# The official searxng image runs as the non-root `searxng` user, but its
|
# # The official searxng image runs as the non-root `searxng` user, but its
|
||||||
# entrypoint still needs to chown /etc/searxng on first boot, drop privs via
|
# # entrypoint still needs to chown /etc/searxng on first boot, drop privs via
|
||||||
# su-exec, and (with our wrapper above) write settings.yml into the named
|
# # su-exec, and (with our wrapper above) write settings.yml into the named
|
||||||
# volume. Without these capabilities the wrapper aborts at the redirection
|
# # volume. Without these capabilities the wrapper aborts at the redirection
|
||||||
# with EACCES and the container fails its healthcheck with permission
|
# # with EACCES and the container fails its healthcheck with permission
|
||||||
# errors during setup. Mirrors the cap set recommended by the upstream
|
# # errors during setup. Mirrors the cap set recommended by the upstream
|
||||||
# searxng-docker compose file. See issue #721.
|
# # searxng-docker compose file. See issue #721.
|
||||||
cap_drop:
|
# cap_drop:
|
||||||
- ALL
|
# - ALL
|
||||||
cap_add:
|
# cap_add:
|
||||||
- CHOWN
|
# - CHOWN
|
||||||
- SETGID
|
# - SETGID
|
||||||
- SETUID
|
# - SETUID
|
||||||
- DAC_OVERRIDE
|
# - DAC_OVERRIDE
|
||||||
healthcheck:
|
# healthcheck:
|
||||||
test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://localhost:8080/', timeout=5).read(1)\""]
|
# test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://localhost:8080/', timeout=5).read(1)\""]
|
||||||
interval: 5s
|
# interval: 5s
|
||||||
timeout: 6s
|
# timeout: 6s
|
||||||
retries: 20
|
# retries: 20
|
||||||
start_period: 10s
|
# start_period: 10s
|
||||||
restart: unless-stopped
|
# restart: unless-stopped
|
||||||
|
|
||||||
ntfy:
|
ntfy:
|
||||||
image: docker.io/binwiederhier/ntfy
|
image: docker.io/binwiederhier/ntfy
|
||||||
|
|
@ -149,6 +149,6 @@ services:
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
searxng-data:
|
# searxng-data:
|
||||||
chromadb-data:
|
chromadb-data:
|
||||||
ntfy-cache:
|
ntfy-cache:
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue