Trouble with SearXNG

I’m getting headaches.
Yesterday I had SearXNG working until a reboot, now I’m unable to get it back!!!

I have a split terminal running…
top prompt is zsh… so here I enter commands to enable debug and when finished to disable debug

So we have a problem with the ‘ultrasecretkey’ and I just can’t find out how to fix it.

Any clues? I’d like it to be persistent - yesterday it worked, but I can’t remember exactly how, and after a reboot it’s dead.

In the hope that we’ll create a nice tutorial, I’ll put the instructions in a list here:

Install Packages
sudo -H pacman -S --noconfirm \
    python python-pip python-lxml python-babel \
    uwsgi uwsgi-plugin-python \
    git base-devel libxml2
Create User
sudo -H useradd --shell /bin/bash --system \
    --home-dir "/usr/local/searxng" \
    --comment 'Privacy-respecting metasearch engine' \
    searxng

sudo -H mkdir "/usr/local/searxng"
sudo -H chown -R "searxng:searxng" "/usr/local/searxng"
Install Dependencies
sudo -H -u searxng -i

(searxng)$

git clone "https://github.com/searxng/searxng" \
                   "/usr/local/searxng/searxng-src"

In the same shell we can create virtualenv

(searx-pyenv)
python3 -m venv "/usr/local/searxng/searx-pyenv"
echo ". /usr/local/searxng/searx-pyenv/bin/activate" \
                   >>  "/usr/local/searxng/.profile"

Exit the session you opened above, start a new one…

Start new session

sudo -H -u searxng -i

Now in the 'Step by Step` we have something odd…

command -v python && python --version
/usr/local/searxng/searx-pyenv/bin/python
Python 3.8.1

I find this confusing - it just reports, and there’s no explanation.
I get a different result here:
/usr/local/searxng/searx-pyenv/bin/python Python 3.10.5

Is this a problem? I don’t know - so noobs come on, let’s just ignore it and continue!!! (searx-pyenv) [searxng@evo ~]$ <still in searx prompt

Update pip's boilerplate
pip install -U pip
pip install -U setuptools
pip install -U wheel
pip install -U pyyaml
Jump to SearXNG's working tree and install SearXNG into virtualenv
cd "/usr/local/searxng/searxng-src"
pip install -e .

Now I see a positive result Successfully installed searxng-2022.08.21-5ed40af3

Next we need settings - bash terminal for this.

Create default settings
sudo -H mkdir -p "/etc/searxng"
sudo -H cp "/usr/local/searxng/searxng-src/utils/templates/etc/searxng/settings.yml" \
             "/etc/searxng/settings.yml"

Then we’re into the CHECK.

Check
# enable debug .. bash terminal
sudo -H sed -i -e "s/debug : False/debug : True/g" "/etc/searxng/settings.yml"

start webapp

sudo -H -u searxng -i

(searxng)$

cd /usr/local/searxng/searxng-src
export SEARXNG_SETTINGS_PATH="/etc/searxng/settings.yml"
python searx/webapp.py
# disable debug .. bash terminal
sudo -H sed -i -e "s/debug : True/debug : False/g" "/etc/searxng/settings.yml"

And here’s where I fail -
2022-08-22 12:04:51,255 ERROR:searx.webapp: server.secret_key is not changed. Please use something else instead of ultrasecretkey.

I think you have to change ultrasecretkey to your key in /etc/searxng/settings.yml


Because this code checks the default known key “ultrasecretkey”, then it’s the security vulnerability.

 if not searx_debug and settings['server']['secret_key'] == 'ultrasecretkey': 
     logger.error('server.secret_key is not changed. Please use something else instead of ultrasecretkey.') 
     exit(1) 

Source code: here


Amazing how simple the answer turns out to be - thank you. I just used Bitwarden to generate a gibberish key and it’s good to go now.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.