diff --git a/onepush.sh b/onepush.sh index f4be09a..2ba841a 100644 --- a/onepush.sh +++ b/onepush.sh @@ -1,17 +1,12 @@ #!/bin/bash # ============================================================================== -# Automated Open WebUI & SearXNG Installer (v26 - The Definitive Version) +# Automated Open WebUI & SearXNG Installer (v27 - The Final) # -# This script is the final, consolidated version incorporating all bug fixes -# and best practices discovered through our collaborative debugging process. -# -# Key Fixes: -# 1. Uses a robust "port-publishing" method for Nginx-to-Docker communication. -# 2. Uses environment variables to configure SearXNG, the correct method. -# 3. Uses a safe, non-blocking command to generate secrets. -# 4. Builds Docker commands safely in an array to prevent errors. -# 5. All previous logic (UFW, cron, etc.) is complete and verified. +# This script will: +# 1. Deploy a complete, secure, and automated stack for Open WebUI. +# 2. Optionally deploy SearXNG and add a user-defined JSON engine override. +# 3. All previous bug fixes and best practices are retained. # ============================================================================== # --- Safety Checks --- @@ -52,12 +47,12 @@ echo "---"; echo "✅ Thank you. Starting the setup."; sleep 3 UI_CONTAINER="open-webui" SEARXNG_CONTAINER="searxng" NETWORK_NAME="open-webui-net" +SEARXNG_CONFIG_DIR="/srv/searxng" # --- Step 1: Dependencies --- echo "▶️ [1/9] Installing dependencies..." export DEBIAN_FRONTEND=noninteractive apt-get update -# Add openssl for robust secret generation BASE_PACKAGES="ca-certificates curl gnupg nginx certbot python3-certbot-nginx fail2ban unattended-upgrades openssl" if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then apt-get install -y $BASE_PACKAGES apache2-utils; else apt-get install -y $BASE_PACKAGES; fi @@ -91,8 +86,19 @@ docker rm $UI_CONTAINER $SEARXNG_CONTAINER 2>/dev/null || true # --- Step 5: Configure and Deploy SearXNG (Optional) --- if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then - echo "▶️ [5/9] Deploying SearXNG..." - + echo "▶️ [5/9] Configuring and deploying SearXNG..." + + # Create a user-defined settings override to add the JSON engine + sudo mkdir -p $SEARXNG_CONFIG_DIR + sudo tee "$SEARXNG_CONFIG_DIR/user.yml" >/dev/null <<'EOF' +use_default_settings: true # <- keep everything from the upstream settings +search: + formats: + - html + - json +EOF + sudo chown 1000:1000 "$SEARXNG_CONFIG_DIR/user.yml" + # Generate a robust, shell-safe secret key SECRET_KEY=$(openssl rand -hex 32) @@ -101,11 +107,11 @@ if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then docker run -d --name "$SEARXNG_CONTAINER" --network "$NETWORK_NAME" - # Publish port to localhost for Nginx to connect to -p "127.0.0.1:8081:8080" - # Core settings via environment variables + -v "$SEARXNG_CONFIG_DIR:/etc/searxng" + -e "SEARXNG_SETTINGS_PATH=/etc/searxng/user.yml" -e "SEARXNG_SECRET=$SECRET_KEY" - -e "SEARXNG_BIND_ADDRESS=0.0.0.0" # Listen on all interfaces inside the container + -e "SEARXNG_BIND_ADDRESS=0.0.0.0" -e "SEARXNG_BASE_URL=https://$SEARCH_DOMAIN" --restart always ) @@ -116,17 +122,10 @@ if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then docker_cmd+=( -e "SEARXNG_ENGINES_BRAVE_API_KEY=$BRAVE_API_KEY" -e "SEARXNG_ENGINES_BRAVE_DISABLED=false" - # Disable a noisy engine if a key is present - -e "SEARXNG_ENGINES_DUCKDUCKGO_DISABLED=true" ) - else - echo " - No Brave API key provided, using default search engines." fi - # Add the image name to the end of the command docker_cmd+=(searxng/searxng) - - # Execute the final, safe command "${docker_cmd[@]}" else echo "▶️ [5/9] Skipping SearXNG deployment." @@ -161,7 +160,6 @@ if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then server { listen 80; listen [::]:80; server_name $SEARCH_DOMAIN; location / { - # Proxy directly to the port we published on the host's localhost proxy_pass http://127.0.0.1:8081; auth_basic "Private Search Instance"; auth_basic_user_file /etc/nginx/.htpasswd; @@ -213,12 +211,23 @@ echo "--- ACCESS ---" echo " - Open WebUI: https://$UI_DOMAIN" if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then echo " - SearXNG: https://$SEARCH_DOMAIN (user: admin)"; fi echo "" -echo "--- NEXT STEPS: ADDING THE RESEARCH TOOL ---" +echo "--- NEXT STEPS: USING YOUR PRIVATE SEARCH ENGINE ---" if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then - echo "1. Go to Open WebUI -> Settings -> Tools." - echo "2. Paste the Python code from https://github.com/iamarcel/open-webui-utils/blob/main/research_tool.py" - echo "3. Go to the Settings tab in the tool editor." - echo "4. Add Environment Variable: Key: SEARXNG_BASE_URL, Value: http://searxng:8080" - echo "5. Click 'Save'." + echo "You now have two ways to use your private SearXNG instance:" + echo "" + echo " OPTION A: Native Web Search (Recommended for most users)" + echo " 1. Go to your Open WebUI Admin Panel -> Settings -> Web Search." + echo " 2. Enable the 'Web Search' toggle." + echo " 3. In the 'SearXNG URL' field, enter: http://searxng:8080" + echo " (This works because the containers are on a private network)." + echo " 4. Save settings. You can now enable web search for any model." + echo "" + echo " OPTION B: Advanced Python Tool (For custom logic)" + echo " 1. Go to Settings -> Tools and click 'Add Tool'." + echo " 2. In the 'Load from URL' field, paste:" + echo " https://raw.githubusercontent.com/iamarcel/open-webui-utils/main/research_tool.py" + echo " 3. Go to the tool's 'Settings' tab (gear icon)." + echo " 4. Add Environment Variable -> Key: SEARXNG_BASE_URL, Value: http://searxng:8080" + echo " 5. Save the tool. You can now call it with '@research' in a chat." fi echo "---" \ No newline at end of file