[fix] container: setup minimal (#6268)

Start minimal, use defaults, and extend later on. The templates are no longer
checked for changes, which was confusing and annoying after a while.

See: https://github.com/searxng/searxng/issues/6261#issuecomment-4716008282

.dockerignore

@@ -1,5 +1,6 @@
 *
 
+!container/*.template.*
 !container/entrypoint.sh
 !searx/**
 !requirements*.txt

container/builder.dockerfile

@@ -21,8 +21,6 @@ RUN --mount=type=cache,id=uv,target=/root/.cache/uv set -eux -o pipefail; \
 
 COPY --exclude=./searx/version_frozen.py ./searx/ ./searx/
 
-ARG TIMESTAMP_SETTINGS="0"
-
 RUN set -eux -o pipefail; \
     python -m compileall -q -f -j 0 --invalidation-mode=unchecked-hash ./searx/; \
     find ./searx/static/ -type f \
@@ -30,5 +28,4 @@ RUN set -eux -o pipefail; \
     -exec gzip -9 -k {} + \
     -exec brotli -9 -k {} + \
     -exec gzip --test {}.gz + \
-    -exec brotli --test {}.br +; \
+    -exec brotli --test {}.br +
-    touch -c --date="@$TIMESTAMP_SETTINGS" ./searx/settings.yml

container/entrypoint.sh

@@ -77,43 +77,23 @@ volume_handler() {
     setup_ownership "$target" "directory"
 }
 
-# Handle configuration file updates
+setup() {
-config_handler() {
+    local template_settings="/usr/local/searxng/settings.template.yml"
-    local target="$1"
+    local target_settings="$__SEARXNG_CONFIG_PATH/settings.yml"
-    local template="$2"
-    local new_template_target="$target.new"
-
-    # Create/Update the configuration file
-    if [ -f "$target" ]; then
-        setup_ownership "$target" "file"
-
-        if [ "$template" -nt "$target" ]; then
-            cp -pfT "$template" "$new_template_target"
 
+    if [ ! -f "$target_settings" ]; then
         cat <<EOF
 ...
 ... INFORMATION
-... Update available for "$target"
+... "$target_settings" does not exist, creating from template...
-... It is recommended to update the configuration file to ensure proper functionality
-...
-... New version placed at "$new_template_target"
-... Please review and merge changes
 ...
 EOF
-        fi
+        cp -pfT "$template_settings" "$target_settings"
-    else
-        cat <<EOF
-...
-... INFORMATION
-... "$target" does not exist, creating from template...
-...
-EOF
-        cp -pfT "$template" "$target"
 
-        sed -i "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" "$target"
+        sed -i "s/ultrasecretkey/$(head -c 24 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9')/g" "$target_settings"
     fi
 
-    check_file "$target"
+    check_file "$target_settings"
 }
 
 cat <<EOF
@@ -124,8 +104,7 @@ EOF
 volume_handler "$__SEARXNG_CONFIG_PATH"
 volume_handler "$__SEARXNG_DATA_PATH"
 
-# Check for files
+setup
-config_handler "$__SEARXNG_SETTINGS_PATH" "/usr/local/searxng/searx/settings.yml"
 
 # root only features
 if [ "$(id -u)" -eq 0 ]; then

container/settings.template.yml

@@ -0,0 +1,8 @@
+# Read the documentation before extending the defaults:
+# https://docs.searxng.org/admin/settings/
+
+use_default_settings: true
+
+server:
+  secret_key: "ultrasecretkey"
+  image_proxy: true

utils/lib_sxng_container.sh

@@ -99,8 +99,6 @@ container.build() {
             timestamp_venv="$timestamp_requirements_server"
         fi
 
-        timestamp_searx_settings=$(git log -1 --format='%ct' ./searx/settings.yml)
-
         if [ "$container_engine" = "podman" ]; then
             params_build_builder="build --format=oci --platform=$platform --layers --identity-label=false --timestamp=$timestamp_venv"
             params_build="build --format=oci --platform=$platform --layers --identity-label=false"
@@ -119,7 +117,6 @@ container.build() {
         # shellcheck disable=SC2086
         "$container_engine" $params_build_builder \
             --build-arg="TIMESTAMP_VENV=$timestamp_venv" \
-            --build-arg="TIMESTAMP_SETTINGS=$timestamp_searx_settings" \
             --tag="localhost/$CONTAINER_IMAGE_ORGANIZATION/$CONTAINER_IMAGE_NAME:builder" \
             --file="./container/builder.dockerfile" \
             .