Traefik v2 instead of Caddy #23
Comments
|
for reference check out my traefik config file for my searxng fork: https://github.com/paulgoio/searxng/blob/main/docker-compose.yml |
Thx for your reply. Your docker-compose put me on the trail : i don't need to expose any ports. Here is my finale docker-compose.yml : And the searx.yml Thx again @mrpaulblack 👍 |
|
@mrwormo Please may I have the content of your middlewares.yml file. I am getting error regarding compression. |
Here is my Have you tried to comment |
|
@mrwormo Thank you. It's all running ok now. I use a middlewares-chain.yml file and created a middleware-chain for searx as below using your snippet code: chain-searx:
|
|
Im going to throw in my configuration, i had big troubles getting this configured right because i just picked up traefik, but managed to get it working well, with an A+ grade I got it working with something like this: http:
services:
searxng:
loadBalancer:
servers:
- url: "http://searxng:8080"
routers:
searxng:
rule: "Host(`amongus.sus`) && Method(`GET`,`POST`,`HEAD`)"
middlewares:
- general_security
- searxng_headers
service: searxng
entryPoints:
- "websecure"
tls:
certResolver: production
middlewares:
general_security:
headers:
stsSeconds: 31536000
stsIncludeSubdomains: true
stsPreload: true
browserXssFilter: true
contentTypeNosniff: true
referrerPolicy: "no-referrer"
searxng_headers:
headers:
customResponseHeaders:
X-Robots-Tag: "noindex, noarchive, nofollow"
Content-Security-Policy: "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/searxng/searxng/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com"
Permissions-Policy: "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"where certificatesResolvers:
production:
acme:
email: [email protected]
storage: /etc/traefik/certs/acme.json
caServer: "https://acme-v02.api.letsencrypt.org/directory"
httpChallenge:
entryPoint: webi also have set a default option for minimum tls version in the same tls:
# ...
options:
default:
minVersion: VersionTLS12for HTTP -> HTTPS redirecting i have this in entryPoints:
web:
address: :80
# (Optional) Redirect to HTTPS
# ---
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: :443 |
|
Close since issue has been solved / answered. |
github-project-automation
bot
moved this from Waiting on Answer
to Closed
in SearXNG Issues
|
Additional note from me; If you want the best TLS score, add this to your tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256related issue (#391) on searxng/searx-instances |
hi, is this still working? I can't get mine to work with traefik :( getting bad gateway error |
Hello,
I'm running Traefik v2 on my server to serve a dozen of container without problems.
But i'm facing of a "Bad gateway" with the Searxng container.
I've no error in Traefik logs, neither in Searxng logs. And the Traefik's dashboard is happy too.
My docker-compose.yml :
And my searx.yml is similar to others :
Is someone manages to operate Searxng with Traefik v2 ?
The text was updated successfully, but these errors were encountered: