90 lines
2.3 KiB
YAML
90 lines
2.3 KiB
YAML
# vim: ft=yaml.ansible
|
|
---
|
|
- name: Create SearXNG volume directory
|
|
ansible.builtin.file:
|
|
path: "{{ services.searxng.volume }}/searxng"
|
|
owner: root
|
|
mode: u=rwx,g=rx,o=rx
|
|
state: directory
|
|
|
|
- name: Create SearXNG volume directory for Redis
|
|
ansible.builtin.file:
|
|
path: "{{ services.searxng.volume }}/redis"
|
|
owner: '999'
|
|
group: '1000'
|
|
mode: u=rwx,g=rx,o=rx
|
|
state: directory
|
|
|
|
- name: Copy SearXNG settings.yml file
|
|
ansible.builtin.template:
|
|
src: settings.yml.j2
|
|
dest: "{{ services.searxng.volume }}/searxng/settings.yml"
|
|
owner: root
|
|
mode: u=rw,g=r,o=r
|
|
|
|
- name: Copy SearXNG limiter.toml file
|
|
ansible.builtin.template:
|
|
src: limiter.toml.j2
|
|
dest: "{{ services.searxng.volume }}/searxng/limiter.toml"
|
|
owner: root
|
|
mode: u=rw,g=r,o=r
|
|
|
|
- name: Deploy SearXNG with Docker Compose
|
|
community.docker.docker_compose:
|
|
project_name: searxng
|
|
state: "{{ 'absent' if down is defined and down else 'present' }}"
|
|
restarted: "{{ restart is defined and restart }}"
|
|
recreate: "{{ 'always' if recreate is defined and recreate else 'smart' }}"
|
|
remove_orphans: true
|
|
pull: true
|
|
definition:
|
|
version: '3.8'
|
|
|
|
services:
|
|
app:
|
|
image: searxng/searxng:{{ services.searxng.version }}
|
|
restart: always
|
|
environment:
|
|
SEARXNG_BASE_URL: https://{{ services.searxng.domain }}
|
|
networks:
|
|
default:
|
|
services:
|
|
aliases:
|
|
- searxng
|
|
tor:
|
|
aliases:
|
|
- searxng
|
|
volumes:
|
|
- "{{ services.searxng.volume }}/searxng:/etc/searxng:rw"
|
|
cap_add:
|
|
- chown
|
|
- dac_override
|
|
- setuid
|
|
- setgid
|
|
cap_drop:
|
|
- all
|
|
logging:
|
|
driver: json-file
|
|
options:
|
|
max-size: 1m
|
|
max-file: '1'
|
|
|
|
redis:
|
|
image: redis:{{ services.searxng.redis_version }}
|
|
restart: always
|
|
command: redis-server --save 60 1 --appendonly no
|
|
volumes:
|
|
- "{{ services.searxng.volume }}/redis:/data:rw"
|
|
cap_add:
|
|
- dac_override
|
|
- setuid
|
|
- setgid
|
|
cap_drop:
|
|
- all
|
|
|
|
networks:
|
|
services:
|
|
external: true
|
|
tor:
|
|
external: true
|