[fix] container: setup minimal (#6268)

Start minimal, use defaults, and extend later on. The templates are no longer checked for changes, which was confusing and annoying after a while. See: https://github.com/searxng/searxng/issues/6261#issuecomment-4716008282
2026-06-22 01:28:31 +02:00 · 2026-06-16 15:32:47 +02:00
parent 4fb49b4498
commit 502c820a25
5 changed files with 19 additions and 37 deletions
@@ -1,5 +1,6 @@
 *

+!container/*.template.*
 !container/entrypoint.sh
 !searx/**
 !requirements*.txt
@@ -21,8 +21,6 @@ RUN --mount=type=cache,id=uv,target=/root/.cache/uv set -eux -o pipefail; \

 COPY --exclude=./searx/version_frozen.py ./searx/ ./searx/

-ARG TIMESTAMP_SETTINGS="0"
-
 RUN set -eux -o pipefail; \
    python -m compileall -q -f -j 0 --invalidation-mode=unchecked-hash ./searx/; \
    find ./searx/static/ -type f \
@@ -30,5 +28,4 @@ RUN set -eux -o pipefail; \
    -exec gzip -9 -k {} + \
    -exec brotli -9 -k {} + \
    -exec gzip --test {}.gz + \
-    -exec brotli --test {}.br +; \
-    touch -c --date="@$TIMESTAMP_SETTINGS" ./searx/settings.yml
+    -exec brotli --test {}.br +
@@ -77,43 +77,23 @@ volume_handler() {
    setup_ownership "$target" "directory"
 }

-# Handle configuration file updates
-config_handler() {
-    local target="$1"
-    local template="$2"
-    local new_template_target="$target.new"
+setup() {
+    local template_settings="/usr/local/searxng/settings.template.yml"
+    local target_settings="$__SEARXNG_CONFIG_PATH/settings.yml"

-    # Create/Update the configuration file
-    if [ -f "$target" ]; then
-        setup_ownership "$target" "file"
-
-        if [ "$template" -nt "$target" ]; then
-            cp -pfT "$template" "$new_template_target"
-
-            cat <<EOF
-...
-... INFORMATION
-... Update available for "$target"
-... It is recommended to update the configuration file to ensure proper functionality
-...
-... New version placed at "$new_template_target"
-... Please review and merge changes
-...
-EOF
-        fi
-    else
+    if [ ! -f "$target_settings" ]; then
        cat <<EOF
 ...
 ... INFORMATION
-... "$target" does not exist, creating from template...
+... "$target_settings" does not exist, creating from template...
 ...
 EOF
-        cp -pfT "$template" "$target"
+        cp -pfT "$template_settings" "$target_settings"

-        sed -i "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" "$target"
+        sed -i "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" "$target_settings"
    fi

-    check_file "$target"
+    check_file "$target_settings"
 }

 cat <<EOF
@@ -124,8 +104,7 @@ EOF
 volume_handler "$__SEARXNG_CONFIG_PATH"
 volume_handler "$__SEARXNG_DATA_PATH"

-# Check for files
-config_handler "$__SEARXNG_SETTINGS_PATH" "/usr/local/searxng/searx/settings.yml"
+setup

 # root only features
 if [ "$(id -u)" -eq 0 ]; then
@@ -0,0 +1,8 @@
+# Read the documentation before extending the defaults:
+# https://docs.searxng.org/admin/settings/
+
+use_default_settings: true
+
+server:
+  secret_key: "ultrasecretkey"
+  image_proxy: true
@@ -99,8 +99,6 @@ container.build() {
            timestamp_venv="$timestamp_requirements_server"
        fi

-        timestamp_searx_settings=$(git log -1 --format='%ct' ./searx/settings.yml)
-
        if [ "$container_engine" = "podman" ]; then
            params_build_builder="build --format=oci --platform=$platform --layers --identity-label=false --timestamp=$timestamp_venv"
            params_build="build --format=oci --platform=$platform --layers --identity-label=false"
@@ -119,7 +117,6 @@ container.build() {
        # shellcheck disable=SC2086
        "$container_engine" $params_build_builder \
            --build-arg="TIMESTAMP_VENV=$timestamp_venv" \
-            --build-arg="TIMESTAMP_SETTINGS=$timestamp_searx_settings" \
            --tag="localhost/$CONTAINER_IMAGE_ORGANIZATION/$CONTAINER_IMAGE_NAME:builder" \
            --file="./container/builder.dockerfile" \
            .