diff --git a/.gitignore b/.gitignore index c2658d7d..504afef8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ node_modules/ +package-lock.json diff --git a/README.md b/README.md index 920ec906..75c25c49 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,21 @@ # Tipi App Store ⛺️ + This is the official repository for the Tipi App Store. It contains all the apps that are available for download on [Tipi](https://github.com/meienberger/runtipi). ## Apps available + - [Adguard Home](https://github.com/AdguardTeam/AdGuardHome) - Adguard Home DNS adblocker - [Booksonic](https://github.com/popeen) - A server for streaming your audiobooks - [Bookstack](https://github.com/BookStackApp/BookStack) - Simple, easy-to-use platform for organising and storing information. - [Calibre-Web](https://github.com/janeczku/calibre-web) - Web Ebook Reader - [Code-Server](https://github.com/coder/code-server) - Web VS Code +- [Cryptpad](https://github.com/xwiki-labs/cryptpad) - Collaboration suite, end-to-end encrypted and open-source - [Filebrowser](https://github.com/filebrowser/filebrowser) - Web File Browser - [Firefly III](https://github.com/firefly-iii/firefly-iii) - A personal finances manager - [Freshrss](https://github.com/FreshRSS/FreshRSS) - A free, self-hostable RSS aggregator -- [Gitea](https://github.com/go-gitea/gitea) - Gitea - A painless self-hosted Git service - [Ghost](https://github.com/TryGhost/Ghost) - Ghost - Turn your audience into a business +- [Gitea](https://github.com/go-gitea/gitea) - Gitea - A painless self-hosted Git service +- [Headscale](https://github.com/juanfont/headscale) - An open source, self-hosted implementation of the Tailscale control server - [Homarr](https://github.com/ajnart/homarr) - A homepage for your server - [Home Assistant](https://github.com/home-assistant/core) - Open source home automation that puts local control and privacy first - [Invidious](https://github.com/iv-org/invidious) - An alternative front-end to YouTube @@ -19,7 +23,10 @@ This is the official repository for the Tipi App Store. It contains all the apps - [Jellyfin](https://github.com/jellyfin/jellyfin) - A media server for your home collection - [Joplin](https://github.com/laurent22/joplin) - Privacy focused note-taking app - [Libreddit](https://github.com/spikecodes/libreddit) - Private front-end for Reddit +- [LibreTranslate](https://github.com/LibreTranslate/LibreTranslate) - Free and Open Source Machine Translation API. 100% self-hosted, offline capable and easy to setup - [Mealie](https://github.com/hay-kot/mealie) - Self-hosted recipe manager and meal planner. +- [Monero Daemon](https://github.com/monero-project/monero/) - A network daemon for Monero: the secure, private, untraceable cryptocurrency +- [Monero p2pool Daemon](https://github.com/SChernykh/p2pool) - Decentralized pool for Monero mining - [n8n](https://github.com/n8n-io/n8n) - Workflow Automation Tool - [Nextcloud](https://github.com/nextcloud/server) - A safe home for all your data - [Nitter](https://github.com/zedeus/nitter) - Alternative Twitter front-end @@ -29,20 +36,29 @@ This is the official repository for the Tipi App Store. It contains all the apps - [Pihole](https://github.com/pi-hole/pi-hole) - A black hole for Internet advertisements - [Plex](https://github.com/plexinc/pms-docker) - Stream Movies & TV Shows - [Portainer](https://github.com/portainer/portainer) - Making Docker and Kubernetes management easy. +- [PrivateBin](https://github.com/PrivateBin/PrivateBin) - A minimalist, open source online pastebin where the server has zero knowledge of pasted data - [Prowlarr](https://github.com/Prowlarr/Prowlarr/) - A torrent/usenet indexer manager/proxy - [Proxitok](https://github.com/pablouser1/ProxiTok) - Open source alternative frontend for TikTok made using PHP - [Radarr](https://github.com/Radarr/Radarr) - Movie collection manager for Usenet and BitTorrent users - [Readarr](https://github.com/Readarr/Readarr) - Book Manager and Automation (Sonarr for Ebooks) - [Resilio Sync](https://github.com/bt-sync) - Fast, reliable, and simple file sync and share solution +- [SearXNG](https://github.com/searxng/searxng) - SearXNG is a free internet metasearch engine which aggregates results from various search services and databases. Users are neither tracked nor profiled +- [Send](https://gitlab.com/timvisee/send) - Simple, private file sharing - [Sonarr](https://github.com/Sonarr/Sonarr) - TV show manager for Usenet and BitTorrent - [Syncthing](https://github.com/syncthing/syncthing) - Continuous File Synchronization - [Tailscale](https://github.com/tailscale/tailscale) - The easiest, most secure way to use WireGuard and 2FA - [Tautulli](https://github.com/Tautulli/Tautulli) - A Python based monitoring and tracking tool for Plex Media Server +- [Teddit](https://codeberg.org/teddit/teddit) - Alternative Reddit front-end focused on privacy https://teddit.net - [Transmission](https://github.com/transmission/transmission) - Fast, easy, and free BitTorrent client -- [Wireguard Easy](https://github.com/WeeJeWel/wg-easy) - WireGuard VPN + Web-based Admin UI +- [Tube Archivist](https://github.com/tubearchivist/tubearchivist) - Your self-hosted YouTube media server +- [Uptime Kuma](https://github.com/louislam/uptime-kuma) - A fancy self-hosted monitoring tool - [Vaultwarden](https://github.com/dani-garcia/vaultwarden) - Unofficial Bitwarden compatible server +- [Wireguard Easy](https://github.com/WeeJeWel/wg-easy) - WireGuard VPN + Web-based Admin UI +- [ZeroTier](https://github.com/zerotier/ZeroTierOne) - Easy to use zero configuration VPN. ## How to sumbit an app -If you want to see new apps on Tipi you can either : -- [Open an issue]() on this repository and some members of the community will add it + +If you want to see new apps on Tipi you can either: + +- [Open an issue](https://github.com/meienberger/runtipi-appstore/issues) on this repository and members of the community will add it - Fork this repo and create the necessary files for a Tipi app. Follow this [guide](https://github.com/meienberger/runtipi/wiki/Adding-your-own-app) diff --git a/apps/__tests__/apps.test.ts b/apps/__tests__/apps.test.ts index e3141baa..f6eced8c 100644 --- a/apps/__tests__/apps.test.ts +++ b/apps/__tests__/apps.test.ts @@ -18,7 +18,13 @@ interface AppConfig { available: boolean; } -const networkExceptions = ["pihole", "tailscale", "homeassistant", "plex"]; +const networkExceptions = [ + "pihole", + "tailscale", + "homeassistant", + "plex", + "zerotier", +]; const getAppConfigs = (): AppConfig[] => { const apps: AppConfig[] = []; diff --git a/apps/adguard/config.json b/apps/adguard/config.json index 943a9eb9..c7b1e9d6 100644 --- a/apps/adguard/config.json +++ b/apps/adguard/config.json @@ -2,8 +2,8 @@ "$schema": "../schema.json", "name": "Adguard", "available": true, - "tipi_version": 1, - "version": "0.107.7", + "tipi_version": 2, + "version": "0.107.13", "port": 8104, "id": "adguard", "categories": ["network", "security"], @@ -14,5 +14,12 @@ "requirements": { "ports": [53] }, - "form_fields": [] + "form_fields": [ + { + "type": "ip", + "label": "Network Interface (default: 0.0.0.0)", + "required": false, + "env_variable": "NETWORK_INTERFACE" + } + ] } diff --git a/apps/adguard/docker-compose.yml b/apps/adguard/docker-compose.yml index f5aeb613..bfcd7331 100644 --- a/apps/adguard/docker-compose.yml +++ b/apps/adguard/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: adguard: - image: adguard/adguardhome:v0.107.7 + image: adguard/adguardhome:v0.107.13 container_name: adguard volumes: - "${APP_DATA_DIR}/data/work:/opt/adguardhome/work" @@ -11,6 +11,6 @@ services: networks: - tipi_main_network ports: - - 53:53/tcp - - 53:53/udp + - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/tcp + - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/udp - ${APP_PORT}:80 diff --git a/apps/jellyfin/config.json b/apps/jellyfin/config.json index 31069f74..14383337 100644 --- a/apps/jellyfin/config.json +++ b/apps/jellyfin/config.json @@ -2,10 +2,11 @@ "$schema": "../schema.json", "name": "Jellyfin", "available": true, + "exposable": true, "port": 8091, "id": "jellyfin", - "tipi_version": 1, - "version": "10.8.1", + "tipi_version": 2, + "version": "10.8.4", "categories": ["media"], "description": "Jellyfin is a Free Software Media System that puts you in control of managing and streaming your media. It is an alternative to the proprietary Emby and Plex, to provide media from a dedicated server to end-user devices via multiple apps. Jellyfin is descended from Emby's 3.5.2 release and ported to the .NET Core framework to enable full cross-platform support. There are no strings attached, no premium licenses or features, and no hidden agendas: just a team who want to build something better and work together to achieve it. We welcome anyone who is interested in joining us in our quest!", "short_desc": "A media server for your home collection", diff --git a/apps/jellyfin/docker-compose.yml b/apps/jellyfin/docker-compose.yml index 535736e3..1642e0c1 100644 --- a/apps/jellyfin/docker-compose.yml +++ b/apps/jellyfin/docker-compose.yml @@ -1,8 +1,7 @@ version: "3.7" - services: jellyfin: - image: lscr.io/linuxserver/jellyfin:10.8.1 + image: lscr.io/linuxserver/jellyfin:10.8.4 container_name: jellyfin volumes: - ${APP_DATA_DIR}/data/config:/config @@ -11,8 +10,32 @@ services: - PUID=1000 - PGID=1000 - TZ=${TZ} + - JELLYFIN_PublishedServerUrl=${APP_PROTOCOL:-http}://${APP_DOMAIN}/ restart: "unless-stopped" ports: - ${APP_PORT}:8096 networks: - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.middlewares.jellyfin-mw.headers.SSLForceHost: true + traefik.http.middlewares.jellyfin-mw.headers.SSLHost: ${APP_DOMAIN} + traefik.http.middlewares.jellyfin-mw.headers.SSLRedirect: true + traefik.http.middlewares.jellyfin-mw.headers.STSIncludeSubdomains: true + traefik.http.middlewares.jellyfin-mw.headers.STSPreload: true + traefik.http.middlewares.jellyfin-mw.headers.STSSeconds: 315360000 + traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter: true + traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff: true + traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue: 'allow-from https://${DOMAIN}' + traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag: noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex + traefik.http.middlewares.jellyfin-mw.headers.forceSTSHeader: true + traefik.http.middlewares.jellyfin-mw.headers.frameDeny: true + traefik.http.routers.jellyfin.entryPoints: websecure + traefik.http.routers.jellyfin.middlewares: jellyfin-mw + traefik.http.routers.jellyfin.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.jellyfin.service: jellyfin-svc + traefik.http.routers.jellyfin.tls: true + traefik.http.routers.jellyfin.tls.certresolver: myresolver + traefik.http.routers.jellyfin.tls.domains: ${APP_DOMAIN} + traefik.http.services.jellyfin-svc.loadBalancer.passHostHeader: true + traefik.http.services.jellyfin-svc.loadBalancer.server.port: 8096 diff --git a/apps/joplin/config.json b/apps/joplin/config.json index 84089428..3de317a6 100644 --- a/apps/joplin/config.json +++ b/apps/joplin/config.json @@ -2,9 +2,10 @@ "$schema": "../schema.json", "name": "Joplin Server", "available": true, + "exposable": true, "port": 8099, "id": "joplin", - "tipi_version": 1, + "tipi_version": 2, "version": "2.7.4", "categories": ["utilities"], "description": "Default credentials: admin@localhost / admin", @@ -12,5 +13,13 @@ "author": "https://github.com/laurent22", "source": "https://github.com/laurent22/joplin", "website": "https://joplinapp.org", - "form_fields": [] + "form_fields": [ + { + "type": "random", + "label": "Joplin DB password", + "max": 50, + "min": 8, + "env_variable": "JOPLIN_DB_PASSWORD" + } + ] } diff --git a/apps/joplin/docker-compose.yml b/apps/joplin/docker-compose.yml index 9f1a4997..ede61cfd 100644 --- a/apps/joplin/docker-compose.yml +++ b/apps/joplin/docker-compose.yml @@ -8,7 +8,7 @@ services: - ${APP_DATA_DIR}/data/postgres:/var/lib/postgresql/data restart: unless-stopped environment: - - POSTGRES_PASSWORD=tipi + - POSTGRES_PASSWORD=${JOPLIN_DB_PASSWORD} - POSTGRES_USER=tipi - POSTGRES_DB=joplin networks: @@ -26,9 +26,9 @@ services: - ${DNS_IP} environment: - APP_PORT=22300 - - APP_BASE_URL=http://${INTERNAL_IP}:${APP_PORT} + - APP_BASE_URL=${APP_PROTOCOL:-http}://${APP_DOMAIN}/ - DB_CLIENT=pg - - POSTGRES_PASSWORD=tipi + - POSTGRES_PASSWORD=${JOPLIN_DB_PASSWORD} - POSTGRES_USER=tipi - POSTGRES_DATABASE=joplin - POSTGRES_PORT=5432 @@ -36,3 +36,13 @@ services: - MAX_TIME_DRIFT=0 networks: - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.joplin.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.joplin.entrypoints: websecure + traefik.http.routers.joplin.service: joplin + traefik.http.routers.joplin.tls.certresolver: myresolver + traefik.http.services.joplin.loadbalancer.server.port: 22300 + traefik.http.services.joplin.loadbalancer.passhostheader: true + traefik.http.middlewares.joplin-sslheader.headers.customrequestheaders.X-Forwarded-Proto: http + traefik.http.routers.joplin-sslheader.middlewares: joplin-sslheader@docker diff --git a/apps/libretranslate/config.json b/apps/libretranslate/config.json new file mode 100644 index 00000000..a6a7b18b --- /dev/null +++ b/apps/libretranslate/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "LibreTranslate", + "available": true, + "exposable": true, + "port": 8121, + "id": "libretranslate", + "tipi_version": 1, + "version": "v1.2.9", + "categories": ["utilities"], + "description": "Free and Open Source Machine Translation API, entirely self-hosted. Unlike other APIs, it doesn't rely on proprietary providers such as Google or Azure to perform translations. Instead, its translation engine is powered by the open source Argos Translate library.", + "short_desc": "Free and Open Source Machine Translation API. 100% self-hosted, offline capable and easy to setup.", + "author": "LibreTranslate", + "source": "https://github.com/LibreTranslate/LibreTranslate", + "form_fields": [] +} diff --git a/apps/libretranslate/docker-compose.yml b/apps/libretranslate/docker-compose.yml new file mode 100644 index 00000000..b8e05cc4 --- /dev/null +++ b/apps/libretranslate/docker-compose.yml @@ -0,0 +1,20 @@ +version: "3.7" +services: + libretranslate: + container_name: libretranslate + image: libretranslate/libretranslate:v1.2.9 + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:5000 + restart: unless-stopped + networks: + - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.libretranslate.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.libretranslate.entrypoints: websecure + traefik.http.routers.libretranslate.service: libretranslate + traefik.http.routers.libretranslate.tls.certresolver: myresolver + traefik.http.services.libretranslate.loadbalancer.server.port: 5000 + diff --git a/apps/libretranslate/metadata/description.md b/apps/libretranslate/metadata/description.md new file mode 100644 index 00000000..c5354d85 --- /dev/null +++ b/apps/libretranslate/metadata/description.md @@ -0,0 +1,7 @@ +# LibreTranslate + +[Try it online!](https://libretranslate.com) | [API Docs](https://libretranslate.com/docs) | [Community Forum](https://community.libretranslate.com/) + +Free and Open Source Machine Translation API, entirely self-hosted. Unlike other APIs, it doesn't rely on proprietary providers such as Google or Azure to perform translations. Instead, its translation engine is powered by the open source [Argos Translate](https://github.com/argosopentech/argos-translate) library. + +![image](https://user-images.githubusercontent.com/64697405/139015751-279f31ac-36f1-4950-9ea7-87e76bf65f51.png) \ No newline at end of file diff --git a/apps/libretranslate/metadata/logo.jpg b/apps/libretranslate/metadata/logo.jpg new file mode 100644 index 00000000..9eb63999 Binary files /dev/null and b/apps/libretranslate/metadata/logo.jpg differ diff --git a/apps/moneroblock/config.json b/apps/moneroblock/config.json new file mode 100644 index 00000000..d11d8764 --- /dev/null +++ b/apps/moneroblock/config.json @@ -0,0 +1,25 @@ +{ + "$schema": "../schema.json", + "name": "Moneroblock", + "available": true, + "exposable": true, + "port": 31312, + "id": "moneroblock", + "tipi_version": 1, + "version": "v0.1.1", + "categories": ["utilities"], + "description": "MoneroBlock is a trustless block explorer for the Monero payment network.", + "short_desc": "Decentralized and trustless Monero block explorer", + "author": "duggavo", + "source": "https://github.com/duggavo/MoneroBlock", + "form_fields": [ + { + "type": "text", + "label": "Monero Daemon Address in format node.host.name:port, i.e. node.sethforprivacy.com:18089", + "max": 100, + "min": 10, + "required": false, + "env_variable": "DAEMON_ADDRESS" + } + ] +} diff --git a/apps/moneroblock/docker-compose.yml b/apps/moneroblock/docker-compose.yml new file mode 100644 index 00000000..a0879cf1 --- /dev/null +++ b/apps/moneroblock/docker-compose.yml @@ -0,0 +1,20 @@ +version: "3.7" +services: + moneroblock: + image: sethsimmons/moneroblock:v0.1.1 + restart: unless-stopped + container_name: moneroblock + ports: + - ${APP_PORT}:31312 + command: + - "--daemon" + - "${DAEMON_ADDRESS:-node.sethforprivacy.com:18089}" + networks: + - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.moneroblock.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.moneroblock.entrypoints: websecure + traefik.http.routers.moneroblock.service: moneroblock + traefik.http.routers.moneroblock.tls.certresolver: myresolver + traefik.http.services.moneroblock.loadbalancer.server.port: 31312 diff --git a/apps/moneroblock/metadata/description.md b/apps/moneroblock/metadata/description.md new file mode 100644 index 00000000..c9c8153b --- /dev/null +++ b/apps/moneroblock/metadata/description.md @@ -0,0 +1,24 @@ +# MoneroBlock + +MoneroBlock is a trustless block explorer for the Monero payment network. + +## Running MoneroBlock + +Once MoneroBlock is started open [127.0.0.1:31312](http://127.0.0.1:31312/) with your browser. + +### Running with a remote daemon + +Specify your own node when installing MoneroBlock using the format `node.host.name:port`, i.e. `node.sethforprivacy.com:18089`. + +## Troubleshooting + +If you have issues running this, please open an issue against the following repository: + +https://github.com/sethforprivacy/moneroblock-docker/issues + +## Donate + +If you wish to support the MoneroBlock development please donate any amount: + +Monero: `892HHTyDg5mJm5eWJWZ8L1ZMYnnWExciQFFkpsgLh1DfVUXfUFj6z1X2jDD2ZRQLiwWYskeyNkrtpAHse4M3G29uBfiYgVL` +Wownero: `WW439rW1B6p4pA9oca1Aip6h2dneUCHTL9qdn5fstfkB1DzokvrU2hYGASDUcyfaa9gv5kXS82TUhRALMGJGFmBA26jAz3qM5ss` diff --git a/apps/moneroblock/metadata/logo.jpg b/apps/moneroblock/metadata/logo.jpg new file mode 100644 index 00000000..75b02711 Binary files /dev/null and b/apps/moneroblock/metadata/logo.jpg differ diff --git a/apps/monerod/config.json b/apps/monerod/config.json new file mode 100644 index 00000000..ffc0b42d --- /dev/null +++ b/apps/monerod/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "Monero Daemon", + "available": true, + "exposable": true, + "port": 18080, + "id": "monerod", + "tipi_version": 1, + "version": "latest", + "categories": ["finance"], + "description": "A device on the Internet running the Monero software, with a full copy of the Monero blockchain, actively assisting the Monero network. This is a simple and straightforward Dockerized monerod built from source and exposing standard ports. Please note that running this requires >50GB of free disk space and is best run on solid-state (SSD) storage.", + "short_desc": "Monero is a private, decentralized cryptocurrency that keeps your finances confidential and secure.", + "author": "sethforprivacy", + "source": "https://github.com/sethforprivacy/simple-monerod-docker", + "form_fields": [] +} diff --git a/apps/monerod/docker-compose.yml b/apps/monerod/docker-compose.yml new file mode 100644 index 00000000..91246f48 --- /dev/null +++ b/apps/monerod/docker-compose.yml @@ -0,0 +1,29 @@ +version: "3.7" +services: + monerod: + image: sethsimmons/simple-monerod:latest + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:18080 + restart: unless-stopped + networks: + - tipi_main_network + container_name: monerod + volumes: + - ${APP_DATA_DIR}/data:/home/monero/.bitmonero + command: >- + --rpc-restricted-bind-ip=0.0.0.0 + --rpc-restricted-bind-port=18089 + --public-node + --no-igd + --enable-dns-blocklist + --prune-blockchain + --zmq-pub=tcp://0.0.0.0:18083 + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.monerod.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.monerod.entrypoints: websecure + traefik.http.routers.monerod.service: monerod + traefik.http.routers.monerod.tls.certresolver: myresolver + traefik.http.services.monerod.loadbalancer.server.port: 18089 diff --git a/apps/monerod/metadata/description.md b/apps/monerod/metadata/description.md new file mode 100644 index 00000000..b45267f4 --- /dev/null +++ b/apps/monerod/metadata/description.md @@ -0,0 +1,20 @@ +# The Monero network daemon + +Monero is a private, decentralized cryptocurrency that keeps your finances confidential and secure. + +## Required hardware + +- 2+ vCPUs/cores +- 4GB+ RAM +- 75GB+ SSD + +## Why run your own Monero node? + +The Monero network relies on a distributed web of Monero nodes, each of which validate transactions, propagate transactions to the rest of the network, and helps new nodes easily and quickly synchronize to the current state of the network. + +Running a Monero node for yourself not only helps to give you the stronger network-level privacy guarantees, but also helps to increase the decentralization, stability, and speed of the Monero network. + +Each node can expose two different services, each of which has a positive impact on the network in a unique way: + +- Peer-to-Peer (p2p) port (default 18080): this port allows other nodes on the network to connect to your node to download the blockchain and to send you any transactions they validate that you do not yet have. It also increases overall network privacy, as your node participates in the [Dandelion++](https://www.monerooutreach.org/stories/dandelion.html) propagation of transactions. +- Remote Procedure Call (RPC) port (default 18089 for restricted): Exposing this port (especially with the `public-node` arg) allows other users on the network, especially those using mobile wallets or the GUI wallet in "Simple" mode, to connect to your node to sync their wallets, without needing to run their own full node locally. diff --git a/apps/monerod/metadata/logo.jpg b/apps/monerod/metadata/logo.jpg new file mode 100644 index 00000000..32799460 Binary files /dev/null and b/apps/monerod/metadata/logo.jpg differ diff --git a/apps/n8n/config.json b/apps/n8n/config.json index 5fa04fe7..ed9f4549 100644 --- a/apps/n8n/config.json +++ b/apps/n8n/config.json @@ -4,13 +4,21 @@ "available": true, "port": 8094, "id": "n8n", - "tipi_version": 1, - "version": "0.186.1", + "tipi_version": 2, + "version": "0.195.5", "categories": ["automation"], "description": "n8n is an extendable workflow automation tool. With a fair-code distribution model, n8n will always have visible source code, be available to self-host, and allow you to add your own custom functions, logic and apps. n8n's node-based approach makes it highly versatile, enabling you to connect anything to everything.", "short_desc": "Workflow Automation Tool. Alternative to Zapier", "author": "n8n.io", "source": "https://github.com/n8n-io/n8n", "website": "https://n8n.io/", - "form_fields": [] + "form_fields": [ + { + "type": "random", + "label": "Database password", + "min": 30, + "max": 30, + "env_variable": "DB_PASSWORD" + } + ] } diff --git a/apps/n8n/docker-compose.yml b/apps/n8n/docker-compose.yml index 86743c25..efb85ae8 100644 --- a/apps/n8n/docker-compose.yml +++ b/apps/n8n/docker-compose.yml @@ -8,7 +8,7 @@ services: volumes: - ${APP_DATA_DIR}/data/db:/var/lib/postgresql/data environment: - - POSTGRES_PASSWORD=tipi + - POSTGRES_PASSWORD=${DB_PASSWORD} - POSTGRES_USER=tipi - POSTGRES_DB=n8n networks: @@ -16,7 +16,7 @@ services: n8n: container_name: n8n - image: n8nio/n8n:0.186.1 + image: n8nio/n8n:0.195.5 restart: unless-stopped ports: - ${APP_PORT}:5678 diff --git a/apps/navidrome/config.json b/apps/navidrome/config.json new file mode 100644 index 00000000..c1988935 --- /dev/null +++ b/apps/navidrome/config.json @@ -0,0 +1,15 @@ +{ + "name": "Navidrome", + "available": true, + "port": 4533, + "exposable": true, + "id": "navidrome", + "description": "Modern Music Server and Streamer compatible with Subsonic/Airsonic", + "tipi_version": 1, + "version": "0.47.5", + "categories": ["media", "music"], + "short_desc": "A selfhosted music server", + "author": "https://github.com/Bvoxl", + "source": "https://github.com/navidrome/navidrome/", + "form_fields": [] +} diff --git a/apps/navidrome/docker-compose.yml b/apps/navidrome/docker-compose.yml new file mode 100644 index 00000000..3ab05e84 --- /dev/null +++ b/apps/navidrome/docker-compose.yml @@ -0,0 +1,25 @@ +version: "3" +services: + navidrome: + container_name: navidrome + image: deluan/navidrome:latest + ports: + - ${APP_PORT}:4533 + restart: unless-stopped + environment: + ND_SCANSCHEDULE: 1h + ND_LOGLEVEL: info + ND_SESSIONTIMEOUT: 24h + ND_BASEURL: "" + volumes: + - ${APP_DATA_DIR}/navidrome/data:/data + - ${ROOT_FOLDER_HOST}/media/data/music:/music:ro + networks: + - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.navidrome.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.navidrome.entrypoints: websecure + traefik.http.routers.navidrome.service: navidrome + traefik.http.routers.navidrome.tls.certresolver: myresolver + traefik.http.services.navidrome.loadbalancer.server.port: 4533 diff --git a/apps/navidrome/metadata/description.md b/apps/navidrome/metadata/description.md new file mode 100644 index 00000000..bd210135 --- /dev/null +++ b/apps/navidrome/metadata/description.md @@ -0,0 +1 @@ +Navidrome is an open source web-based music collection server and streamer. It gives you freedom to listen to your music collection from any browser or mobile device. It's like your personal Spotify! diff --git a/apps/navidrome/metadata/logo.jpg b/apps/navidrome/metadata/logo.jpg new file mode 100644 index 00000000..d2dfcabf Binary files /dev/null and b/apps/navidrome/metadata/logo.jpg differ diff --git a/apps/nextcloud/config.json b/apps/nextcloud/config.json index c7eae54c..f70d220b 100644 --- a/apps/nextcloud/config.json +++ b/apps/nextcloud/config.json @@ -5,7 +5,7 @@ "exposable": true, "port": 8083, "id": "nextcloud", - "tipi_version": 2, + "tipi_version": 4, "version": "24.0.4", "categories": ["data"], "description": "Nextcloud is a self-hosted, open source, and fully-featured cloud storage solution for your personal files, office documents, and photos.", @@ -25,7 +25,7 @@ "type": "password", "label": "Password", "max": 50, - "min": 3, + "min": 10, "required": true, "env_variable": "NEXTCLOUD_ADMIN_PASSWORD" } diff --git a/apps/nextcloud/docker-compose.yml b/apps/nextcloud/docker-compose.yml index 6168ec7c..afa11302 100644 --- a/apps/nextcloud/docker-compose.yml +++ b/apps/nextcloud/docker-compose.yml @@ -52,7 +52,10 @@ services: - POSTGRES_DB=nextcloud - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD} - - NEXTCLOUD_TRUSTED_DOMAINS=${INTERNAL_IP}:${APP_PORT} ${APP_DOMAIN} + - NEXTCLOUD_TRUSTED_DOMAINS=${APP_DOMAIN} + - TRUSTED_PROXIES=172.16.0.0/12 + - OVERWRITEHOST=${APP_DOMAIN} + - OVERWRITEPROTOCOL=${APP_PROTOCOL:-http} depends_on: - db-nextcloud - redis-nextcloud @@ -65,4 +68,15 @@ services: traefik.http.routers.nextcloud.service: nextcloud traefik.http.routers.nextcloud.tls.certresolver: myresolver traefik.http.services.nextcloud.loadbalancer.server.port: 80 - + traefik.http.middlewares.nextcloud.headers.browserXSSFilter: true + traefik.http.middlewares.nextcloud.headers.contentTypeNosniff: true + traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains: true + traefik.http.middlewares.nextcloud.headers.stsPreload: true + traefik.http.middlewares.nextcloud.headers.stsSeconds: 155520011 + traefik.http.middlewares.nextcloud_redirect.redirectregex.permanent: true + traefik.http.middlewares.nextcloud_redirect.redirectregex.regex: https://(.*)/.well-known/(card|cal)dav + traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement: https://$${1}/remote.php/dav/ + traefik.http.routers.nextcloud.middlewares: nextcloud,nextcloud_redirect,nextcloud-https + traefik.http.middlewares.nextcloud.headers.customRequestHeaders.X-Forwarded-Proto: https + traefik.http.middlewares.nextcloud-https.redirectscheme.scheme: https + traefik.http.routers.nextcloud-http.middlewares: nextcloud-https@docker diff --git a/apps/nextcloud/metadata/description.md b/apps/nextcloud/metadata/description.md index c8da741a..475e1c15 100644 --- a/apps/nextcloud/metadata/description.md +++ b/apps/nextcloud/metadata/description.md @@ -26,4 +26,12 @@ Enterprise? Public Sector or Education user? You may want to have a look into [* You can also [get support for Nextcloud](https://nextcloud.com/support)! +## Reset password +Nextcloud does not support password resets from environment variables. If you want to change your password run the following commands in your terminal: + +```bash +sudo docker exec -u www-data -it nextcloud /bin/bash +php occ user:resetpassword username +``` + ![](https://raw.githubusercontent.com/nextcloud/screenshots/master/files/Files%20Sharing.png) \ No newline at end of file diff --git a/apps/nitter/config.json b/apps/nitter/config.json index 4e1543d7..fa0f8f7b 100644 --- a/apps/nitter/config.json +++ b/apps/nitter/config.json @@ -2,9 +2,10 @@ "$schema": "../schema.json", "name": "Nitter", "available": true, + "exposable": true, "port": 8106, "id": "nitter", - "tipi_version": 1, + "tipi_version": 2, "version": "latest", "categories": ["social"], "description": "A free and open source alternative Twitter front-end focused on privacy and performance.", diff --git a/apps/nitter/docker-compose.yml b/apps/nitter/docker-compose.yml index 479cc285..f5a0fe7f 100644 --- a/apps/nitter/docker-compose.yml +++ b/apps/nitter/docker-compose.yml @@ -13,8 +13,20 @@ services: depends_on: - nitter-redis restart: unless-stopped + healthcheck: + test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080"] + interval: 1m + timeout: 3s + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.nitter.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.nitter.entrypoints: websecure + traefik.http.routers.nitter.service: nitter + traefik.http.routers.nitter.tls.certresolver: myresolver + traefik.http.services.nitter.loadbalancer.server.port: 8080 + nitter-redis: - image: redis:6-alpine + image: redis:alpine container_name: nitter-redis networks: - tipi_main_network diff --git a/apps/photoprism/config.json b/apps/photoprism/config.json index 972e43c9..e432da82 100644 --- a/apps/photoprism/config.json +++ b/apps/photoprism/config.json @@ -3,8 +3,9 @@ "name": "PhotoPrism", "port": 8110, "available": true, + "exposable": true, "id": "photoprism", - "tipi_version": 1, + "tipi_version": 2, "version": "latest", "categories": ["photography"], "description": "PhotoPrism® is an AI-Powered Photos App for the Decentralized Web. It makes use of the latest technologies to tag and find pictures automatically without getting in your way. You can run it at home, on a private server, or in the cloud. Default username: admin", @@ -19,6 +20,16 @@ "min": 8, "required": true, "env_variable": "PHOTOPRISM_ADMIN_PASSWORD" + }, + { + "type": "random", + "label": "Photoprism DB password", + "env_variable": "DB_PASSWORD" + }, + { + "type": "random", + "label": "Photoprism root DB password", + "env_variable": "DB_ROOT_PASSWORD" } ] } diff --git a/apps/photoprism/docker-compose.yml b/apps/photoprism/docker-compose.yml index 1ffa33bc..4c615400 100644 --- a/apps/photoprism/docker-compose.yml +++ b/apps/photoprism/docker-compose.yml @@ -1,5 +1,4 @@ version: "3.7" - services: photoprism: # TODO: Special image for arm/v7 is available @@ -12,7 +11,7 @@ services: - "${APP_PORT}:2342" environment: PHOTOPRISM_ADMIN_PASSWORD: ${PHOTOPRISM_ADMIN_PASSWORD} - PHOTOPRISM_SITE_URL: "http://localhost:2342/" + PHOTOPRISM_SITE_URL: "${APP_PROTOCOL:-http}://${APP_DOMAIN}/" PHOTOPRISM_ORIGINALS_LIMIT: 5000 PHOTOPRISM_HTTP_COMPRESSION: "gzip" PHOTOPRISM_LOG_LEVEL: "info" @@ -34,7 +33,7 @@ services: PHOTOPRISM_DATABASE_SERVER: "photoprism-db:3306" PHOTOPRISM_DATABASE_NAME: "photoprism" PHOTOPRISM_DATABASE_USER: "photoprism" - PHOTOPRISM_DATABASE_PASSWORD: "photoprism" + PHOTOPRISM_DATABASE_PASSWORD: "${DB_PASSWORD}" PHOTOPRISM_SITE_CAPTION: "AI-Powered Photos App" working_dir: "/photoprism" volumes: @@ -42,10 +41,17 @@ services: - "${APP_DATA_DIR}/data/photoprism/storage:/photoprism/storage" networks: - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.photoprism.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.photoprism.entrypoints: websecure + traefik.http.routers.photoprism.service: photoprism + traefik.http.routers.photoprism.tls.certresolver: myresolver + traefik.http.services.photoprism.loadbalancer.server.port: 2342 photoprism-db: restart: unless-stopped - image: mariadb:10.8.3 + image: mariadb:10.8 container_name: photoprism-db command: mysqld --innodb-buffer-pool-size=128M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120 volumes: @@ -53,7 +59,7 @@ services: environment: MARIADB_DATABASE: "photoprism" MARIADB_USER: "photoprism" - MARIADB_PASSWORD: "photoprism" - MARIADB_ROOT_PASSWORD: "photoprism" + MARIADB_PASSWORD: "${DB_PASSWORD}" + MARIADB_ROOT_PASSWORD: "${DB_ROOT_PASSWORD}" networks: - tipi_main_network diff --git a/apps/pihole/config.json b/apps/pihole/config.json index 1441e402..d8eb7b5a 100644 --- a/apps/pihole/config.json +++ b/apps/pihole/config.json @@ -7,8 +7,8 @@ "ports": [53] }, "id": "pihole", - "tipi_version": 1, - "version": "2022.07.1", + "tipi_version": 2, + "version": "2022.09.4", "categories": ["network", "security"], "description": "The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software.", "short_desc": "A black hole for Internet advertisements", @@ -22,6 +22,12 @@ "min": 3, "required": true, "env_variable": "APP_PASSWORD" + }, + { + "type": "ip", + "label": "Network Interface (default: 0.0.0.0)", + "required": false, + "env_variable": "NETWORK_INTERFACE" } ] } diff --git a/apps/pihole/docker-compose.yml b/apps/pihole/docker-compose.yml index e3d47d26..d0bd5550 100644 --- a/apps/pihole/docker-compose.yml +++ b/apps/pihole/docker-compose.yml @@ -14,15 +14,15 @@ services: pihole: # depends_on: [unbound] container_name: pihole - image: pihole/pihole:2022.07.1 + image: pihole/pihole:2022.09.4 restart: unless-stopped hostname: pihole dns: - 127.0.0.1 # - 10.21.21.200 # Points to unbound ports: - - 53:53/tcp - - 53:53/udp + - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/tcp + - ${NETWORK_INTERFACE:-0.0.0.0}:53:53/udp - ${APP_PORT}:80 volumes: - ${APP_DATA_DIR}/data/pihole:/etc/pihole diff --git a/apps/plex/config.json b/apps/plex/config.json index 353c94fc..273c62a1 100644 --- a/apps/plex/config.json +++ b/apps/plex/config.json @@ -5,8 +5,8 @@ "exposable": true, "port": 32400, "id": "plex", - "tipi_version": 4, - "version": "1.28.1", + "tipi_version": 5, + "version": "1.28.2", "url_suffix": "/web", "categories": ["media"], "description": "", diff --git a/apps/plex/docker-compose.yml b/apps/plex/docker-compose.yml index f1158fd4..5ec3bf7e 100644 --- a/apps/plex/docker-compose.yml +++ b/apps/plex/docker-compose.yml @@ -2,15 +2,17 @@ version: "3.7" services: plex: - image: lscr.io/linuxserver/plex:1.28.1 + image: lscr.io/linuxserver/plex:1.28.2 container_name: plex network_mode: host environment: - PUID=1000 - PGID=1000 - VERSION=docker + - ADVERTISE_IP=${APP_PROTOCOL:-http}://${APP_DOMAIN}/ volumes: - ${APP_DATA_DIR}/data/config:/config + - ${APP_DATA_DIR}/data/transcode:/transcode - ${ROOT_FOLDER_HOST}/media/data:/media restart: unless-stopped labels: diff --git a/apps/portainer/config.json b/apps/portainer/config.json index 62f36461..344e499a 100644 --- a/apps/portainer/config.json +++ b/apps/portainer/config.json @@ -5,8 +5,8 @@ "available": true, "https": true, "id": "portainer", - "tipi_version": 3, - "version": "2.14.2", + "tipi_version": 4, + "version": "2.15.1", "categories": ["utilities"], "description": "", "short_desc": "Making Docker and Kubernetes management easy.", diff --git a/apps/portainer/docker-compose.yml b/apps/portainer/docker-compose.yml index 76a4a2f7..eaa2cf8a 100644 --- a/apps/portainer/docker-compose.yml +++ b/apps/portainer/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: portainer: - image: portainer/portainer-ce:2.14.2-alpine + image: portainer/portainer-ce:2.15.1-alpine container_name: portainer restart: unless-stopped ports: diff --git a/apps/privatebin/config.json b/apps/privatebin/config.json new file mode 100644 index 00000000..71297e1d --- /dev/null +++ b/apps/privatebin/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "PrivateBin", + "available": true, + "exposable": true, + "port": 8122, + "id": "privatebin", + "tipi_version": 1, + "version": "1.4.0", + "categories": ["utilities"], + "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser using 256bit AES in Galois Counter mode.", + "short_desc": "A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.", + "author": "PrivateBin", + "source": "https://github.com/PrivateBin/PrivateBin", + "form_fields": [] +} diff --git a/apps/privatebin/docker-compose.yml b/apps/privatebin/docker-compose.yml new file mode 100644 index 00000000..b75ae38c --- /dev/null +++ b/apps/privatebin/docker-compose.yml @@ -0,0 +1,21 @@ +version: "3.7" +services: + privatebin: + image: privatebin/nginx-fpm-alpine:1.4.0 + container_name: privatebin + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:8080 + restart: unless-stopped + networks: + - tipi_main_network + volumes: + - ${APP_DATA_DIR}/data:/srv/data + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.privatebin.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.privatebin.entrypoints: websecure + traefik.http.routers.privatebin.service: privatebin + traefik.http.routers.privatebin.tls.certresolver: myresolver + traefik.http.services.privatebin.loadbalancer.server.port: 8080 diff --git a/apps/privatebin/metadata/description.md b/apps/privatebin/metadata/description.md new file mode 100644 index 00000000..7d90ef14 --- /dev/null +++ b/apps/privatebin/metadata/description.md @@ -0,0 +1,61 @@ +# [![PrivateBin](https://cdn.rawgit.com/PrivateBin/assets/master/images/preview/logoSmall.png)](https://privatebin.info/) + +**PrivateBin** is a minimalist, open source online +[pastebin](https://en.wikipedia.org/wiki/Pastebin) +where the server has zero knowledge of pasted data. + +Data is encrypted and decrypted in the browser using 256bit AES in +[Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode). + +This is a fork of ZeroBin, originally developed by +[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). PrivateBin was +refactored to allow easier and cleaner extensions and has many additional +features. It is, however, still fully compatible to the original ZeroBin 0.19 +data storage scheme. Therefore, such installations can be upgraded to PrivateBin +without losing any data. + +## What PrivateBin provides + ++ As a server administrator you don't have to worry if your users post content + that is considered illegal in your country. You have plausible deniability of + any of the pastes content. If requested or enforced, you can delete any paste + from your system. + ++ Pastebin-like system to store text documents, code samples, etc. + ++ Encryption of data sent to server. + ++ Possibility to set a password which is required to read the paste. It further + protects a paste and prevents people stumbling upon your paste's link + from being able to read it without the password. + +## What it doesn't provide + +- As a user you have to trust the server administrator not to inject any + malicious code. For security, a PrivateBin installation *has to be used over* + *HTTPS*! Otherwise you would also have to trust your internet provider, and + any jurisdiction the traffic passes through. Additionally the instance should + be secured by + [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). It can + use traditional certificate authorities and/or use a + [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) + protected + [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) + record. + +- The "key" used to encrypt the paste is part of the URL. If you publicly post + the URL of a paste that is not password-protected, anyone can read it. + Use a password if you want your paste to remain private. In that case, make + sure to use a strong password and share it privately and end-to-end-encrypted. + +- A server admin can be forced to hand over access logs to the authorities. + PrivateBin encrypts your text and the discussion contents, but who accessed a + paste (first) might still be disclosed via access logs. + +- In case of a server breach your data is secure as it is only stored encrypted + on the server. However, the server could be absused or the server admin could + be legally forced into sending malicious code to their users, which logs + the decryption key and sends it to a server when a user accesses a paste. + Therefore, do not access any PrivateBin instance if you think it has been + compromised. As long as no user accesses this instance with a previously + generated URL, the content can't be decrypted. diff --git a/apps/privatebin/metadata/logo.jpg b/apps/privatebin/metadata/logo.jpg new file mode 100644 index 00000000..baa135a0 Binary files /dev/null and b/apps/privatebin/metadata/logo.jpg differ diff --git a/apps/searxng/config.json b/apps/searxng/config.json new file mode 100644 index 00000000..d0ffafb8 --- /dev/null +++ b/apps/searxng/config.json @@ -0,0 +1,23 @@ +{ + "$schema": "../schema.json", + "name": "SearXNG", + "available": true, + "exposable": true, + "port": 8127, + "id": "searxng", + "tipi_version": 1, + "version": "latest", + "categories": ["social"], + "description": "SearXNG is a free internet metasearch engine which aggregates results from various search services and databases. Users are neither tracked nor profiled.", + "short_desc": "Privacy-respecting, hackable metasearch engine", + "author": "searxng", + "source": "https://github.com/searxng/searxng", + "form_fields": [ + { + "type": "random", + "label": "SearXNG Secret Key", + "min": 32, + "env_variable": "SEARXNG_SECRET_KEY" + } + ] +} diff --git a/apps/searxng/data/settings.yml b/apps/searxng/data/settings.yml new file mode 100644 index 00000000..7d5bdb35 --- /dev/null +++ b/apps/searxng/data/settings.yml @@ -0,0 +1,2046 @@ +general: + # Debug mode, only for development + debug: false + # displayed name + instance_name: "SearXNG" + # For example: https://example.com/privacy + privacypolicy_url: false + # use true to use your own donation page written in searx/info/en/donate.md + # use false to disable the donation link + donation_url: https://docs.searxng.org/donate.html + # mailto:contact@example.com + contact_url: false + # record stats + enable_metrics: true + +brand: + new_issue_url: https://github.com/searxng/searxng/issues/new + docs_url: https://docs.searxng.org/ + public_instances: https://searx.space + wiki_url: https://github.com/searxng/searxng/wiki + issue_url: https://github.com/searxng/searxng/issues + +search: + # Filter results. 0: None, 1: Moderate, 2: Strict + safe_search: 0 + # Existing autocomplete backends: "dbpedia", "duckduckgo", "google", + # "seznam", "startpage", "swisscows", "qwant", "wikipedia" - leave blank to turn it off + # by default. + autocomplete: "" + # minimun characters to type before autocompleter starts + autocomplete_min: 4 + # Default search language - leave blank to detect from browser information or + # use codes from 'languages.py' + default_lang: "" + # Available languages + # languages: + # - all + # - en + # - en-US + # - de + # - it-IT + # - fr + # - fr-BE + # ban time in seconds after engine errors + ban_time_on_fail: 5 + # max ban time in seconds after engine errors + max_ban_time_on_fail: 120 + # remove format to deny access, use lower case. + # formats: [html, csv, json, rss] + formats: + - html + +server: + # If you change port, bind_address or base_url don't forget to rebuild + # instance's enviroment (make buildenv) + port: 8888 + bind_address: "127.0.0.1" + base_url: false # Possible values: false or "https://example.org/location". + limiter: false # rate limit the number of request on the instance, block some bots + + # If your instance owns a /etc/searxng/settings.yml file, then set the following + # values there. + + secret_key: "a0c99456df45df9faa1d1c60b64c307d" # change this! + # Proxying image results through searx + image_proxy: false + # 1.0 and 1.1 are supported + http_protocol_version: "1.0" + # POST queries are more secure as they don't show up in history but may cause + # problems when using Firefox containers + method: "POST" + default_http_headers: + X-Content-Type-Options: nosniff + X-XSS-Protection: 1; mode=block + X-Download-Options: noopen + X-Robots-Tag: noindex, nofollow + Referrer-Policy: no-referrer + +redis: + # https://redis-py.readthedocs.io/en/stable/connections.html#redis.client.Redis.from_url + url: unix:///usr/local/searxng-redis/run/redis.sock?db=0 + +ui: + # Custom static path - leave it blank if you didn't change + static_path: "" + static_use_hash: false + # Custom templates path - leave it blank if you didn't change + templates_path: "" + # query_in_title: When true, the result page's titles contains the query + # it decreases the privacy, since the browser can records the page titles. + query_in_title: false + # infinite_scroll: When true, automatically loads the next page when scrolling to bottom of the current page. + infinite_scroll: false + # ui theme + default_theme: simple + # center the results ? + center_alignment: false + # URL prefix of the internet archive, don't forgett trailing slash (if needed). + # cache_url: "https://webcache.googleusercontent.com/search?q=cache:" + # Default interface locale - leave blank to detect from browser information or + # use codes from the 'locales' config section + default_locale: "" + # Open result links in a new tab by default + # results_on_new_tab: false + theme_args: + # style of simple theme: auto, light, dark + simple_style: auto + +# Lock arbitrary settings on the preferences page. To find the ID of the user +# setting you want to lock, check the ID of the form on the page "preferences". +# +# preferences: +# lock: +# - language +# - autocomplete +# - method +# - query_in_title + +# searx supports result proxification using an external service: +# https://github.com/asciimoo/morty uncomment below section if you have running +# morty proxy the key is base64 encoded (keep the !!binary notation) +# Note: since commit af77ec3, morty accepts a base64 encoded key. +# +# result_proxy: +# url: http://127.0.0.1:3000/ +# # the key is a base64 encoded string, the YAML !!binary prefix is optional +# key: !!binary "your_morty_proxy_key" +# # [true|false] enable the "proxy" button next to each result +# proxify_results: true + +# communication with search engines +# +outgoing: + # default timeout in seconds, can be override by engine + request_timeout: 3.0 + # the maximum timeout in seconds + # max_request_timeout: 10.0 + # suffix of searx_useragent, could contain informations like an email address + # to the administrator + useragent_suffix: "" + # The maximum number of concurrent connections that may be established. + pool_connections: 100 + # Allow the connection pool to maintain keep-alive connections below this + # point. + pool_maxsize: 20 + # See https://www.python-httpx.org/http2/ + enable_http2: true + # uncomment below section if you want to use a proxyq see: SOCKS proxies + # https://2.python-requests.org/en/latest/user/advanced/#proxies + # are also supported: see + # https://2.python-requests.org/en/latest/user/advanced/#socks + # + # proxies: + # all://: + # - http://proxy1:8080 + # - http://proxy2:8080 + # + # using_tor_proxy: true + # + # Extra seconds to add in order to account for the time taken by the proxy + # + # extra_proxy_timeout: 10.0 + # + # uncomment below section only if you have more than one network interface + # which can be the source of outgoing search requests + # + # source_ips: + # - 1.1.1.1 + # - 1.1.1.2 + # - fe80::/126 + +# External plugin configuration, for more details see +# https://docs.searxng.org/dev/plugins.html +# +# plugins: +# - plugin1 +# - plugin2 +# - ... + +# Comment or un-comment plugin to activate / deactivate by default. +# +# enabled_plugins: +# # these plugins are enabled if nothing is configured .. +# - 'Hash plugin' +# - 'Search on category select' +# - 'Self Informations' +# - 'Tracker URL remover' +# - 'Ahmia blacklist' # activation depends on outgoing.using_tor_proxy +# # these plugins are disabled if nothing is configured .. +# - 'Hostname replace' # see hostname_replace configuration below +# - 'Open Access DOI rewrite' +# - 'Vim-like hotkeys' +# - 'Tor check plugin' + +# Configuration of the "Hostname replace" plugin: +# +# hostname_replace: +# '(.*\.)?youtube\.com$': 'invidious.example.com' +# '(.*\.)?youtu\.be$': 'invidious.example.com' +# '(.*\.)?youtube-noocookie\.com$': 'yotter.example.com' +# '(.*\.)?reddit\.com$': 'teddit.example.com' +# '(.*\.)?redd\.it$': 'teddit.example.com' +# '(www\.)?twitter\.com$': 'nitter.example.com' +# # to remove matching host names from result list, set value to false +# 'spam\.example\.com': false + +checker: + # disable checker when in debug mode + off_when_debug: true + + # use "scheduling: false" to disable scheduling + # scheduling: interval or int + + # to activate the scheduler: + # * uncomment "scheduling" section + # * add "cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1" + # to your uwsgi.ini + + # scheduling: + # start_after: [300, 1800] # delay to start the first run of the checker + # every: [86400, 90000] # how often the checker runs + + # additional tests: only for the YAML anchors (see the engines section) + # + additional_tests: + rosebud: &test_rosebud + matrix: + query: rosebud + lang: en + result_container: + - not_empty + - ['one_title_contains', 'citizen kane'] + test: + - unique_results + + android: &test_android + matrix: + query: ['android'] + lang: ['en', 'de', 'fr', 'zh-CN'] + result_container: + - not_empty + - ['one_title_contains', 'google'] + test: + - unique_results + + # tests: only for the YAML anchors (see the engines section) + tests: + infobox: &tests_infobox + infobox: + matrix: + query: ["linux", "new york", "bbc"] + result_container: + - has_infobox + +categories_as_tabs: + general: + images: + videos: + news: + map: + music: + it: + science: + files: + social media: + +engines: + - name: 9gag + engine: 9gag + shortcut: 9g + disabled: true + + - name: apk mirror + engine: apkmirror + timeout: 4.0 + shortcut: apkm + disabled: true + + - name: apple app store + engine: apple_app_store + shortcut: aps + disabled: true + + # Requires Tor + - name: ahmia + engine: ahmia + categories: onions + enable_http: true + shortcut: ah + + - name: arch linux wiki + engine: archlinux + shortcut: al + + - name: archive is + engine: xpath + search_url: https://archive.is/search/?q={query} + url_xpath: (//div[@class="TEXT-BLOCK"]/a)/@href + title_xpath: (//div[@class="TEXT-BLOCK"]/a) + content_xpath: //div[@class="TEXT-BLOCK"]/ul/li + categories: general + timeout: 7.0 + disabled: true + shortcut: ai + soft_max_redirects: 1 + about: + website: https://archive.is/ + wikidata_id: Q13515725 + official_api_documentation: https://mementoweb.org/depot/native/archiveis/ + use_official_api: false + require_api_key: false + results: HTML + + - name: artic + engine: artic + shortcut: arc + timeout: 4.0 + + - name: arxiv + engine: arxiv + shortcut: arx + categories: science + timeout: 4.0 + + # tmp suspended: dh key too small + # - name: base + # engine: base + # shortcut: bs + + - name: bandcamp + engine: bandcamp + shortcut: bc + categories: music + + - name: wikipedia + engine: wikipedia + shortcut: wp + base_url: 'https://{language}.wikipedia.org/' + + - name: bing + engine: bing + shortcut: bi + disabled: true + + - name: bing images + engine: bing_images + shortcut: bii + + - name: bing news + engine: bing_news + shortcut: bin + + - name: bing videos + engine: bing_videos + shortcut: biv + + - name: bitbucket + engine: xpath + paging: true + search_url: https://bitbucket.org/repo/all/{pageno}?name={query} + url_xpath: //article[@class="repo-summary"]//a[@class="repo-link"]/@href + title_xpath: //article[@class="repo-summary"]//a[@class="repo-link"] + content_xpath: //article[@class="repo-summary"]/p + categories: [it, repos] + timeout: 4.0 + disabled: true + shortcut: bb + about: + website: https://bitbucket.org/ + wikidata_id: Q2493781 + official_api_documentation: https://developer.atlassian.com/bitbucket + use_official_api: false + require_api_key: false + results: HTML + + - name: btdigg + engine: btdigg + shortcut: bt + + - name: ccc-tv + engine: xpath + paging: false + search_url: https://media.ccc.de/search/?q={query} + url_xpath: //div[@class="caption"]/h3/a/@href + title_xpath: //div[@class="caption"]/h3/a/text() + content_xpath: //div[@class="caption"]/h4/@title + categories: videos + disabled: true + shortcut: c3tv + about: + website: https://media.ccc.de/ + wikidata_id: Q80729951 + official_api_documentation: https://github.com/voc/voctoweb + use_official_api: false + require_api_key: false + results: HTML + # We don't set language: de here because media.ccc.de is not just + # for a German audience. It contains many English videos and many + # German videos have English subtitles. + + - name: openverse + engine: openverse + categories: images + shortcut: opv + + # - name: core.ac.uk + # engine: core + # categories: science + # shortcut: cor + # # get your API key from: https://core.ac.uk/api-keys/register/ + # api_key: 'unset' + + - name: crossref + engine: json_engine + paging: true + search_url: https://search.crossref.org/dois?q={query}&page={pageno} + url_query: doi + title_query: title + title_html_to_text: true + content_query: fullCitation + content_html_to_text: true + categories: science + shortcut: cr + about: + website: https://www.crossref.org/ + wikidata_id: Q5188229 + official_api_documentation: https://github.com/CrossRef/rest-api-doc + use_official_api: false + require_api_key: false + results: JSON + + - name: yep + engine: json_engine + shortcut: yep + categories: general + disabled: true + paging: false + content_html_to_text: true + title_html_to_text: true + search_url: https://api.yep.com/fs/1/?type=web&q={query}&no_correct=false&limit=100 + results_query: 1/results + title_query: title + url_query: url + content_query: snippet + about: + website: https://yep.com + use_official_api: false + require_api_key: false + results: JSON + + - name: curlie + engine: xpath + shortcut: cl + categories: general + disabled: true + paging: true + lang_all: '' + search_url: https://curlie.org/search?q={query}&lang={lang}&start={pageno}&stime=92452189 + page_size: 20 + results_xpath: //div[@id="site-list-content"]/div[@class="site-item"] + url_xpath: ./div[@class="title-and-desc"]/a/@href + title_xpath: ./div[@class="title-and-desc"]/a/div + content_xpath: ./div[@class="title-and-desc"]/div[@class="site-descr"] + about: + website: https://curlie.org/ + wikidata_id: Q60715723 + use_official_api: false + require_api_key: false + results: HTML + + - name: currency + engine: currency_convert + categories: general + shortcut: cc + + - name: deezer + engine: deezer + shortcut: dz + disabled: true + + - name: deviantart + engine: deviantart + shortcut: da + timeout: 3.0 + + - name: ddg definitions + engine: duckduckgo_definitions + shortcut: ddd + weight: 2 + disabled: true + tests: *tests_infobox + + # cloudflare protected + # - name: digbt + # engine: digbt + # shortcut: dbt + # timeout: 6.0 + # disabled: true + + - name: docker hub + engine: docker_hub + shortcut: dh + categories: [it, packages] + + - name: erowid + engine: xpath + paging: true + first_page_num: 0 + page_size: 30 + search_url: https://www.erowid.org/search.php?q={query}&s={pageno} + url_xpath: //dl[@class="results-list"]/dt[@class="result-title"]/a/@href + title_xpath: //dl[@class="results-list"]/dt[@class="result-title"]/a/text() + content_xpath: //dl[@class="results-list"]/dd[@class="result-details"] + categories: [] + shortcut: ew + disabled: true + about: + website: https://www.erowid.org/ + wikidata_id: Q1430691 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + # - name: elasticsearch + # shortcut: es + # engine: elasticsearch + # base_url: http://localhost:9200 + # username: elastic + # password: changeme + # index: my-index + # # available options: match, simple_query_string, term, terms, custom + # query_type: match + # # if query_type is set to custom, provide your query here + # #custom_query_json: {"query":{"match_all": {}}} + # #show_metadata: false + # disabled: true + + - name: wikidata + engine: wikidata + shortcut: wd + timeout: 3.0 + weight: 2 + tests: *tests_infobox + + - name: duckduckgo + engine: duckduckgo + shortcut: ddg + + - name: duckduckgo images + engine: duckduckgo_images + shortcut: ddi + timeout: 3.0 + disabled: true + + - name: apple maps + engine: apple_maps + shortcut: apm + disabled: true + timeout: 5.0 + + - name: emojipedia + engine: emojipedia + timeout: 4.0 + shortcut: em + disabled: true + + - name: tineye + engine: tineye + shortcut: tin + timeout: 9.0 + + - name: etymonline + engine: xpath + paging: true + search_url: https://etymonline.com/search?page={pageno}&q={query} + url_xpath: //a[contains(@class, "word__name--")]/@href + title_xpath: //a[contains(@class, "word__name--")] + content_xpath: //section[contains(@class, "word__defination")] + first_page_num: 1 + shortcut: et + categories: [dictionaries] + disabled: false + about: + website: https://www.etymonline.com/ + wikidata_id: Q1188617 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + # - name: ebay + # engine: ebay + # shortcut: eb + # base_url: 'https://www.ebay.com' + # disabled: true + # timeout: 5 + + - name: 1x + engine: www1x + shortcut: 1x + timeout: 3.0 + disabled: true + + - name: fdroid + engine: fdroid + shortcut: fd + disabled: true + + - name: flickr + categories: images + shortcut: fl + # You can use the engine using the official stable API, but you need an API + # key, see: https://www.flickr.com/services/apps/create/ + # engine: flickr + # api_key: 'apikey' # required! + # Or you can use the html non-stable engine, activated by default + engine: flickr_noapi + + - name: free software directory + engine: mediawiki + shortcut: fsd + categories: [it, software wikis] + base_url: https://directory.fsf.org/ + number_of_results: 5 + # what part of a page matches the query string: title, text, nearmatch + # * title - query matches title + # * text - query matches the text of page + # * nearmatch - nearmatch in title + search_type: title + timeout: 5.0 + disabled: true + about: + website: https://directory.fsf.org/ + wikidata_id: Q2470288 + + # - name: freesound + # engine: freesound + # shortcut: fnd + # disabled: true + # timeout: 15.0 + # API key required, see: https://freesound.org/docs/api/overview.html + # api_key: MyAPIkey + + - name: frinkiac + engine: frinkiac + shortcut: frk + disabled: true + + - name: genius + engine: genius + shortcut: gen + + - name: gigablast + engine: gigablast + shortcut: gb + timeout: 4.0 + disabled: true + additional_tests: + rosebud: *test_rosebud + + - name: gentoo + engine: gentoo + shortcut: ge + + - name: gitlab + engine: json_engine + paging: true + search_url: https://gitlab.com/api/v4/projects?search={query}&page={pageno} + url_query: web_url + title_query: name_with_namespace + content_query: description + page_size: 20 + categories: [it, repos] + shortcut: gl + timeout: 10.0 + disabled: true + about: + website: https://about.gitlab.com/ + wikidata_id: Q16639197 + official_api_documentation: https://docs.gitlab.com/ee/api/ + use_official_api: false + require_api_key: false + results: JSON + + - name: github + engine: github + shortcut: gh + + # This a Gitea service. If you would like to use a different instance, + # change codeberg.org to URL of the desired Gitea host. Or you can create a + # new engine by copying this and changing the name, shortcut and search_url. + + - name: codeberg + engine: json_engine + search_url: https://codeberg.org/api/v1/repos/search?q={query}&limit=10 + url_query: html_url + title_query: name + content_query: description + categories: [it, repos] + shortcut: cb + disabled: true + about: + website: https://codeberg.org/ + wikidata_id: + official_api_documentation: https://try.gitea.io/api/swagger + use_official_api: false + require_api_key: false + results: JSON + + - name: google + engine: google + shortcut: go + # see https://docs.searxng.org/src/searx.engines.google.html#module-searx.engines.google + use_mobile_ui: false + # additional_tests: + # android: *test_android + + # - name: google italian + # engine: google + # shortcut: goit + # use_mobile_ui: false + # language: it + + # - name: google mobile ui + # engine: google + # shortcut: gomui + # use_mobile_ui: true + + - name: google images + engine: google_images + shortcut: goi + # additional_tests: + # android: *test_android + # dali: + # matrix: + # query: ['Dali Christ'] + # lang: ['en', 'de', 'fr', 'zh-CN'] + # result_container: + # - ['one_title_contains', 'Salvador'] + + - name: google news + engine: google_news + shortcut: gon + # additional_tests: + # android: *test_android + + - name: google videos + engine: google_videos + shortcut: gov + # additional_tests: + # android: *test_android + + - name: google scholar + engine: google_scholar + shortcut: gos + + - name: google play apps + engine: google_play_apps + shortcut: gpa + disabled: true + + - name: google play movies + engine: xpath + send_accept_language_header: true + search_url: https://play.google.com/store/search?q={query}&c=movies + results_xpath: '//div[@class="ImZGtf mpg5gc"]' + title_xpath: './/div[@class="RZEgze"]//div[@class="kCSSQe"]//a' + url_xpath: './/div[@class="RZEgze"]//div[@class="kCSSQe"]//a/@href' + content_xpath: './/div[@class="kCSSQe"]' + thumbnail_xpath: './/div[@class="uzcko"]/div/span[1]//img/@data-src' + categories: videos + shortcut: gpm + disabled: true + about: + website: https://play.google.com/ + wikidata_id: Q79576 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + - name: gpodder + engine: json_engine + shortcut: gpod + timeout: 4.0 + paging: false + search_url: https://gpodder.net/search.json?q={query} + url_query: url + title_query: title + content_query: description + page_size: 19 + categories: music + disabled: true + about: + website: https://gpodder.net + wikidata_id: Q3093354 + official_api_documentation: https://gpoddernet.readthedocs.io/en/latest/api/ + use_official_api: false + requires_api_key: false + results: JSON + + - name: habrahabr + engine: xpath + paging: true + search_url: https://habrahabr.ru/search/page{pageno}/?q={query} + url_xpath: //article[contains(@class, "post")]//a[@class="post__title_link"]/@href + title_xpath: //article[contains(@class, "post")]//a[@class="post__title_link"] + content_xpath: //article[contains(@class, "post")]//div[contains(@class, "post__text")] + categories: it + timeout: 4.0 + disabled: true + shortcut: habr + about: + website: https://habr.com/ + wikidata_id: Q4494434 + official_api_documentation: https://habr.com/en/docs/help/api/ + use_official_api: false + require_api_key: false + results: HTML + + - name: hoogle + engine: xpath + paging: true + search_url: https://hoogle.haskell.org/?hoogle={query}&start={pageno} + results_xpath: '//div[@class="result"]' + title_xpath: './/div[@class="ans"]//a' + url_xpath: './/div[@class="ans"]//a/@href' + content_xpath: './/div[@class="from"]' + page_size: 20 + categories: [it, packages] + shortcut: ho + about: + website: https://hoogle.haskell.org/ + wikidata_id: Q34010 + official_api_documentation: https://hackage.haskell.org/api + use_official_api: false + require_api_key: false + results: JSON + + - name: imdb + engine: imdb + shortcut: imdb + timeout: 6.0 + disabled: true + + - name: ina + engine: ina + shortcut: in + timeout: 6.0 + disabled: true + + - name: invidious + engine: invidious + # Instanes will be selected randomly, see https://api.invidious.io/ for + # instances that are stable (good uptime) and close to you. + base_url: + - https://invidious.snopyta.org + - https://vid.puffyan.us + # - https://invidious.kavin.rocks # Error 1020 // Access denied by Cloudflare + - https://invidio.xamh.de + - https://inv.riverside.rocks + shortcut: iv + timeout: 3.0 + disabled: true + + - name: jisho + engine: jisho + shortcut: js + timeout: 3.0 + disabled: true + + - name: kickass + engine: kickass + shortcut: kc + timeout: 4.0 + disabled: true + + - name: library genesis + engine: xpath + search_url: https://libgen.fun/search.php?req={query} + url_xpath: //a[contains(@href,"get.php?md5")]/@href + title_xpath: //a[contains(@href,"book/")]/text()[1] + content_xpath: //td/a[1][contains(@href,"=author")]/text() + categories: files + timeout: 7.0 + disabled: true + shortcut: lg + about: + website: https://libgen.fun/ + wikidata_id: Q22017206 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + - name: z-library + engine: zlibrary + shortcut: zlib + categories: files + timeout: 3.0 + # choose base_url, otherwise engine will do it at initialization time + # base_url: https://b-ok.cc + # base_url: https://de1lib.org + # base_url: https://booksc.eu # does not have cover preview + # base_url: https://booksc.org # does not have cover preview + + - name: library of congress + engine: loc + shortcut: loc + categories: images + + - name: lingva + engine: lingva + shortcut: lv + # set lingva instance in url, by default it will use the official instance + # url: https://lingva.ml + + - name: lobste.rs + engine: xpath + search_url: https://lobste.rs/search?utf8=%E2%9C%93&q={query}&what=stories&order=relevance + results_xpath: //li[contains(@class, "story")] + url_xpath: .//a[@class="u-url"]/@href + title_xpath: .//a[@class="u-url"] + content_xpath: .//a[@class="domain"] + categories: it + shortcut: lo + timeout: 5.0 + disabled: true + about: + website: https://lobste.rs/ + wikidata_id: Q60762874 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + - name: azlyrics + shortcut: lyrics + engine: xpath + timeout: 4.0 + disabled: true + categories: [music, lyrics] + paging: true + search_url: https://search.azlyrics.com/search.php?q={query}&w=lyrics&p={pageno} + url_xpath: //td[@class="text-left visitedlyr"]/a/@href + title_xpath: //span/b/text() + content_xpath: //td[@class="text-left visitedlyr"]/a/small + about: + website: https://azlyrics.com + wikidata_id: Q66372542 + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + # - name: meilisearch + # engine: meilisearch + # shortcut: mes + # enable_http: true + # base_url: http://localhost:7700 + # index: my-index + + - name: mixcloud + engine: mixcloud + shortcut: mc + + # MongoDB engine + # Required dependency: pymongo + # - name: mymongo + # engine: mongodb + # shortcut: md + # exact_match_only: false + # host: '127.0.0.1' + # port: 27017 + # enable_http: true + # results_per_page: 20 + # database: 'business' + # collection: 'reviews' # name of the db collection + # key: 'name' # key in the collection to search for + + - name: neeva + engine: xpath + shortcut: nv + time_range_support: true + time_range_url: '&alf%5Bfreshness%5D={time_range_val}' + time_range_map: + day: 'Day' + week: 'Week' + month: 'Month' + year: 'Year' + search_url: https://neeva.com/search?q={query}&c=All&src=Pagination&page={pageno}{time_range} + results_xpath: //div[@class="web-index__component-2rKiM"] | //li[@class="web-rich-deep-links__deepLink-SIbD4"] + url_xpath: .//a[@class="lib-doc-title__link-1b9rC"]/@href | ./h2/a/@href + title_xpath: .//a[@class="lib-doc-title__link-1b9rC"] | ./h2/a + content_xpath: > + .//div[@class="lib-doc-snippet__component-3ewW6"]/text() | + .//div[@class="lib-doc-snippet__component-3ewW6"]/*[not(self::a)] | + ./p + content_html_to_text: true + suggestion_xpath: //span[@class="result-related-searches__link-2ho_u"] + paging: true + disabled: true + categories: [general, web] + timeout: 5.0 + soft_max_redirects: 2 + about: + website: https://neeva.com + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + - name: npm + engine: json_engine + paging: true + first_page_num: 0 + search_url: https://api.npms.io/v2/search?q={query}&size=25&from={pageno} + results_query: results + url_query: package/links/npm + title_query: package/name + content_query: package/description + page_size: 25 + categories: [it, packages] + disabled: true + timeout: 5.0 + shortcut: npm + about: + website: https://npms.io/ + wikidata_id: Q7067518 + official_api_documentation: https://api-docs.npms.io/ + use_official_api: false + require_api_key: false + results: JSON + + - name: nyaa + engine: nyaa + shortcut: nt + disabled: true + + - name: mankier + engine: json_engine + search_url: https://www.mankier.com/api/v2/mans/?q={query} + results_query: results + url_query: url + title_query: name + content_query: description + categories: it + shortcut: man + about: + website: https://www.mankier.com/ + official_api_documentation: https://www.mankier.com/api + use_official_api: true + require_api_key: false + results: JSON + + - name: openairedatasets + engine: json_engine + paging: true + search_url: https://api.openaire.eu/search/datasets?format=json&page={pageno}&size=10&title={query} + results_query: response/results/result + url_query: metadata/oaf:entity/oaf:result/children/instance/webresource/url/$ + title_query: metadata/oaf:entity/oaf:result/title/$ + content_query: metadata/oaf:entity/oaf:result/description/$ + content_html_to_text: true + categories: science + shortcut: oad + timeout: 5.0 + about: + website: https://www.openaire.eu/ + wikidata_id: Q25106053 + official_api_documentation: https://api.openaire.eu/ + use_official_api: false + require_api_key: false + results: JSON + + - name: openairepublications + engine: json_engine + paging: true + search_url: https://api.openaire.eu/search/publications?format=json&page={pageno}&size=10&title={query} + results_query: response/results/result + url_query: metadata/oaf:entity/oaf:result/children/instance/webresource/url/$ + title_query: metadata/oaf:entity/oaf:result/title/$ + content_query: metadata/oaf:entity/oaf:result/description/$ + content_html_to_text: true + categories: science + shortcut: oap + timeout: 5.0 + about: + website: https://www.openaire.eu/ + wikidata_id: Q25106053 + official_api_documentation: https://api.openaire.eu/ + use_official_api: false + require_api_key: false + results: JSON + + # - name: opensemanticsearch + # engine: opensemantic + # shortcut: oss + # base_url: 'http://localhost:8983/solr/opensemanticsearch/' + + - name: openstreetmap + engine: openstreetmap + shortcut: osm + + - name: openrepos + engine: xpath + paging: true + search_url: https://openrepos.net/search/node/{query}?page={pageno} + url_xpath: //li[@class="search-result"]//h3[@class="title"]/a/@href + title_xpath: //li[@class="search-result"]//h3[@class="title"]/a + content_xpath: //li[@class="search-result"]//div[@class="search-snippet-info"]//p[@class="search-snippet"] + categories: files + timeout: 4.0 + disabled: true + shortcut: or + about: + website: https://openrepos.net/ + wikidata_id: + official_api_documentation: + use_official_api: false + require_api_key: false + results: HTML + + - name: packagist + engine: json_engine + paging: true + search_url: https://packagist.org/search.json?q={query}&page={pageno} + results_query: results + url_query: url + title_query: name + content_query: description + categories: [it, packages] + disabled: true + timeout: 5.0 + shortcut: pack + about: + website: https://packagist.org + wikidata_id: Q108311377 + official_api_documentation: https://packagist.org/apidoc + use_official_api: true + require_api_key: false + results: JSON + + - name: pdbe + engine: pdbe + shortcut: pdb + # Hide obsolete PDB entries. Default is not to hide obsolete structures + # hide_obsolete: false + + - name: photon + engine: photon + shortcut: ph + + - name: piratebay + engine: piratebay + shortcut: tpb + # You may need to change this URL to a proxy if piratebay is blocked in your + # country + url: https://thepiratebay.org/ + timeout: 3.0 + + # Required dependency: psychopg2 + # - name: postgresql + # engine: postgresql + # database: postgres + # username: postgres + # password: postgres + # limit: 10 + # query_str: 'SELECT * from my_table WHERE my_column = %(query)s' + # shortcut : psql + + - name: pub.dev + engine: xpath + shortcut: pd + search_url: https://pub.dev/packages?q={query}&page={pageno} + paging: true + results_xpath: /html/body/main/div/div[@class="search-results"]/div[@class="packages"]/div + url_xpath: ./div/h3/a/@href + title_xpath: ./div/h3/a + content_xpath: ./p[@class="packages-description"] + categories: [packages, it] + timeout: 3.0 + disabled: true + first_page_num: 1 + about: + website: https://pub.dev/ + official_api_documentation: https://pub.dev/help/api + use_official_api: false + require_api_key: false + results: HTML + + - name: pubmed + engine: pubmed + shortcut: pub + categories: science + timeout: 3.0 + + - name: pypi + shortcut: pypi + engine: xpath + paging: true + search_url: https://pypi.org/search?q={query}&page={pageno} + results_xpath: /html/body/main/div/div/div/form/div/ul/li/a[@class="package-snippet"] + url_xpath: ./@href + title_xpath: ./h3/span[@class="package-snippet__name"] + content_xpath: ./p + suggestion_xpath: /html/body/main/div/div/div/form/div/div[@class="callout-block"]/p/span/a[@class="link"] + first_page_num: 1 + categories: [it, packages] + about: + website: https://pypi.org + wikidata_id: Q2984686 + official_api_documentation: https://warehouse.readthedocs.io/api-reference/index.html + use_official_api: false + require_api_key: false + results: HTML + + - name: qwant + qwant_categ: web + engine: qwant + shortcut: qw + categories: [general, web] + disabled: false + additional_tests: + rosebud: *test_rosebud + + - name: qwant news + qwant_categ: news + engine: qwant + shortcut: qwn + categories: news + disabled: false + network: qwant + + - name: qwant images + qwant_categ: images + engine: qwant + shortcut: qwi + categories: [images, web] + disabled: false + network: qwant + + - name: qwant videos + qwant_categ: videos + engine: qwant + shortcut: qwv + categories: [videos, web] + disabled: false + network: qwant + + # - name: library + # engine: recoll + # shortcut: lib + # base_url: 'https://recoll.example.org/' + # search_dir: '' + # mount_prefix: /export + # dl_prefix: 'https://download.example.org' + # timeout: 30.0 + # categories: files + # disabled: true + + # - name: recoll library reference + # engine: recoll + # base_url: 'https://recoll.example.org/' + # search_dir: reference + # mount_prefix: /export + # dl_prefix: 'https://download.example.org' + # shortcut: libr + # timeout: 30.0 + # categories: files + # disabled: true + + - name: reddit + engine: reddit + shortcut: re + page_size: 25 + + # Required dependency: redis + # - name: myredis + # shortcut : rds + # engine: redis_server + # exact_match_only: false + # host: '127.0.0.1' + # port: 6379 + # enable_http: true + # password: '' + # db: 0 + + # tmp suspended: bad certificate + # - name: scanr structures + # shortcut: scs + # engine: scanr_structures + # disabled: true + + - name: sepiasearch + engine: sepiasearch + shortcut: sep + + - name: soundcloud + engine: soundcloud + shortcut: sc + + - name: stackoverflow + engine: stackexchange + shortcut: st + api_site: 'stackoverflow' + categories: [it, q&a] + + - name: askubuntu + engine: stackexchange + shortcut: ubuntu + api_site: 'askubuntu' + categories: [it, q&a] + + - name: superuser + engine: stackexchange + shortcut: su + api_site: 'superuser' + categories: [it, q&a] + + - name: searchcode code + engine: searchcode_code + shortcut: scc + disabled: true + + - name: framalibre + engine: framalibre + shortcut: frl + disabled: true + + # - name: searx + # engine: searx_engine + # shortcut: se + # instance_urls : + # - http://127.0.0.1:8888/ + # - ... + # disabled: true + + - name: semantic scholar + engine: semantic_scholar + disabled: true + shortcut: se + categories: science + + # Spotify needs API credentials + # - name: spotify + # engine: spotify + # shortcut: stf + # api_client_id: ******* + # api_client_secret: ******* + + # - name: solr + # engine: solr + # shortcut: slr + # base_url: http://localhost:8983 + # collection: collection_name + # sort: '' # sorting: asc or desc + # field_list: '' # comma separated list of field names to display on the UI + # default_fields: '' # default field to query + # query_fields: '' # query fields + # enable_http: true + + # - name: springer nature + # engine: springer + # # get your API key from: https://dev.springernature.com/signup + # # working API key, for test & debug: "a69685087d07eca9f13db62f65b8f601" + # api_key: 'unset' + # shortcut: springer + # categories: science + # timeout: 6.0 + + - name: startpage + engine: startpage + shortcut: sp + timeout: 6.0 + disabled: true + additional_tests: + rosebud: *test_rosebud + + - name: tokyotoshokan + engine: tokyotoshokan + shortcut: tt + timeout: 6.0 + disabled: true + + - name: solidtorrents + engine: solidtorrents + shortcut: solid + timeout: 4.0 + disabled: false + base_url: + - https://solidtorrents.net + - https://solidtorrents.eu + - https://solidtorrents.to + - https://bitsearch.to + + # For this demo of the sqlite engine download: + # https://liste.mediathekview.de/filmliste-v2.db.bz2 + # and unpack into searx/data/filmliste-v2.db + # Query to test: "!demo concert" + # + # - name: demo + # engine: sqlite + # shortcut: demo + # categories: general + # result_template: default.html + # database: searx/data/filmliste-v2.db + # query_str: >- + # SELECT title || ' (' || time(duration, 'unixepoch') || ')' AS title, + # COALESCE( NULLIF(url_video_hd,''), NULLIF(url_video_sd,''), url_video) AS url, + # description AS content + # FROM film + # WHERE title LIKE :wildcard OR description LIKE :wildcard + # ORDER BY duration DESC + # disabled: false + + # Requires Tor + - name: torch + engine: xpath + paging: true + search_url: + http://xmh57jrknzkhv6y3ls3ubitzfqnkrwxhopf5aygthi7d6rplyvk3noyd.onion/cgi-bin/omega/omega?P={query}&DEFAULTOP=and + results_xpath: //table//tr + url_xpath: ./td[2]/a + title_xpath: ./td[2]/b + content_xpath: ./td[2]/small + categories: onions + enable_http: true + shortcut: tch + + # torznab engine lets you query any torznab compatible indexer. Using this + # engine in combination with Jackett (https://github.com/Jackett/Jackett) + # opens the possibility to query a lot of public and private indexers directly + # from SearXNG. + # - name: torznab + # engine: torznab + # shortcut: trz + # base_url: http://localhost:9117/api/v2.0/indexers/all/results/torznab + # enable_http: true # if using localhost + # api_key: xxxxxxxxxxxxxxx + # # https://github.com/Jackett/Jackett/wiki/Jackett-Categories + # torznab_categories: # optional + # - 2000 + # - 5000 + + - name: twitter + shortcut: tw + engine: twitter + disabled: true + + # maybe in a fun category + # - name: uncyclopedia + # engine: mediawiki + # shortcut: unc + # base_url: https://uncyclopedia.wikia.com/ + # number_of_results: 5 + + # tmp suspended - too slow, too many errors + # - name: urbandictionary + # engine : xpath + # search_url : https://www.urbandictionary.com/define.php?term={query} + # url_xpath : //*[@class="word"]/@href + # title_xpath : //*[@class="def-header"] + # content_xpath: //*[@class="meaning"] + # shortcut: ud + + - name: unsplash + engine: unsplash + shortcut: us + + - name: yahoo + engine: yahoo + shortcut: yh + disabled: true + + - name: yahoo news + engine: yahoo_news + shortcut: yhn + + - name: youtube + shortcut: yt + # You can use the engine using the official stable API, but you need an API + # key See: https://console.developers.google.com/project + # + # engine: youtube_api + # api_key: 'apikey' # required! + # + # Or you can use the html non-stable engine, activated by default + engine: youtube_noapi + + - name: dailymotion + engine: dailymotion + shortcut: dm + + - name: vimeo + engine: vimeo + shortcut: vm + + - name: wiby + engine: json_engine + search_url: https://wiby.me/json/?q={query} + url_query: URL + title_query: Title + content_query: Snippet + categories: [general, web] + shortcut: wib + disabled: true + about: + website: https://wiby.me/ + + - name: marginalia + engine: json_engine + shortcut: mar + categories: general + paging: false + # index: {"0": "popular", "1": "blogs", "2": "big_sites", + # "3": "default", "4": experimental"} + search_url: https://api.marginalia.nu/public/search/{query}?index=4&count=20 + results_query: results + url_query: url + title_query: title + content_query: description + timeout: 1.5 + disabled: true + about: + website: https://www.marginalia.nu/ + official_api_documentation: https://api.marginalia.nu/ + use_official_api: true + require_api_key: true + results: JSON + + - name: alexandria + engine: json_engine + shortcut: alx + categories: general + paging: true + search_url: https://api.alexandria.org/?a=1&q={query}&p={pageno} + results_query: results + title_query: title + url_query: url + content_query: snippet + timeout: 1.5 + disabled: true + about: + website: https://alexandria.org/ + official_api_documentation: https://github.com/alexandria-org/alexandria-api/raw/master/README.md + use_official_api: true + require_api_key: false + results: JSON + + - name: wikibooks + engine: mediawiki + shortcut: wb + categories: general + base_url: "https://{language}.wikibooks.org/" + number_of_results: 5 + search_type: text + disabled: true + about: + website: https://www.wikibooks.org/ + wikidata_id: Q367 + + - name: wikinews + engine: mediawiki + shortcut: wn + categories: news + base_url: "https://{language}.wikinews.org/" + number_of_results: 5 + search_type: text + disabled: true + about: + website: https://www.wikinews.org/ + wikidata_id: Q964 + + - name: wikiquote + engine: mediawiki + shortcut: wq + categories: general + base_url: "https://{language}.wikiquote.org/" + number_of_results: 5 + search_type: text + disabled: true + additional_tests: + rosebud: *test_rosebud + about: + website: https://www.wikiquote.org/ + wikidata_id: Q369 + + - name: wikisource + engine: mediawiki + shortcut: ws + categories: general + base_url: "https://{language}.wikisource.org/" + number_of_results: 5 + search_type: text + disabled: true + about: + website: https://www.wikisource.org/ + wikidata_id: Q263 + + - name: wiktionary + engine: mediawiki + shortcut: wt + categories: [dictionaries] + base_url: "https://{language}.wiktionary.org/" + number_of_results: 5 + search_type: text + disabled: false + about: + website: https://www.wiktionary.org/ + wikidata_id: Q151 + + - name: wikiversity + engine: mediawiki + shortcut: wv + categories: general + base_url: "https://{language}.wikiversity.org/" + number_of_results: 5 + search_type: text + disabled: true + about: + website: https://www.wikiversity.org/ + wikidata_id: Q370 + + - name: wikivoyage + engine: mediawiki + shortcut: wy + categories: general + base_url: "https://{language}.wikivoyage.org/" + number_of_results: 5 + search_type: text + disabled: true + about: + website: https://www.wikivoyage.org/ + wikidata_id: Q373 + + - name: wolframalpha + shortcut: wa + # You can use the engine using the official stable API, but you need an API + # key. See: https://products.wolframalpha.com/api/ + # + # engine: wolframalpha_api + # api_key: '' + # + # Or you can use the html non-stable engine, activated by default + engine: wolframalpha_noapi + timeout: 6.0 + categories: [] + + - name: dictzone + engine: dictzone + shortcut: dc + + - name: mymemory translated + engine: translated + shortcut: tl + timeout: 5.0 + disabled: false + # You can use without an API key, but you are limited to 1000 words/day + # See: https://mymemory.translated.net/doc/usagelimits.php + # api_key: '' + + # Required dependency: mysql-connector-python + # - name: mysql + # engine: mysql_server + # database: mydatabase + # username: user + # password: pass + # limit: 10 + # query_str: 'SELECT * from mytable WHERE fieldname=%(query)s' + # shortcut: mysql + + - name: 1337x + engine: 1337x + shortcut: 1337x + disabled: true + + - name: duden + engine: duden + shortcut: du + disabled: true + + - name: seznam + shortcut: szn + engine: seznam + disabled: true + + # - name: deepl + # engine: deepl + # shortcut: dpl + # # You can use the engine using the official stable API, but you need an API key + # # See: https://www.deepl.com/pro-api?cta=header-pro-api + # api_key: '' # required! + # timeout: 5.0 + # disabled: true + + - name: mojeek + shortcut: mjk + engine: xpath + paging: true + categories: [general, web] + search_url: https://www.mojeek.com/search?q={query}&s={pageno} + results_xpath: //a[@class="ob"] + url_xpath: ./@href + title_xpath: ./h2 + content_xpath: ../p[@class="s"] + suggestion_xpath: /html/body//div[@class="top-info"]/p[@class="top-info spell"]/a + first_page_num: 0 + page_size: 10 + disabled: true + about: + website: https://www.mojeek.com/ + wikidata_id: Q60747299 + official_api_documentation: https://www.mojeek.com/services/api.html/ + use_official_api: false + require_api_key: false + results: HTML + + - name: naver + shortcut: nvr + categories: [general, web] + engine: xpath + paging: true + search_url: https://search.naver.com/search.naver?where=webkr&sm=osp_hty&ie=UTF-8&query={query}&start={pageno} + url_xpath: //a[@class="link_tit"]/@href + title_xpath: //a[@class="link_tit"] + content_xpath: //a[@class="total_dsc"]/div + first_page_num: 1 + page_size: 10 + disabled: true + about: + website: https://www.naver.com/ + wikidata_id: Q485639 + official_api_documentation: https://developers.naver.com/docs/nmt/examples/ + use_official_api: false + require_api_key: false + results: HTML + language: ko + + - name: rubygems + shortcut: rbg + engine: xpath + paging: true + search_url: https://rubygems.org/search?page={pageno}&query={query} + results_xpath: /html/body/main/div/a[@class="gems__gem"] + url_xpath: ./@href + title_xpath: ./span/h2 + content_xpath: ./span/p + suggestion_xpath: /html/body/main/div/div[@class="search__suggestions"]/p/a + first_page_num: 1 + categories: [it, packages] + disabled: true + about: + website: https://rubygems.org/ + wikidata_id: Q1853420 + official_api_documentation: https://guides.rubygems.org/rubygems-org-api/ + use_official_api: false + require_api_key: false + results: HTML + + - name: peertube + engine: peertube + shortcut: ptb + paging: true + # https://instances.joinpeertube.org/instances + base_url: https://peertube.biz/ + # base_url: https://tube.tardis.world/ + categories: videos + disabled: true + timeout: 6.0 + + - name: mediathekviewweb + engine: mediathekviewweb + shortcut: mvw + disabled: true + + # - name: yacy + # engine: yacy + # shortcut: ya + # base_url: http://localhost:8090 + # required if you aren't using HTTPS for your local yacy instance' + # enable_http: true + # number_of_results: 5 + # timeout: 3.0 + + - name: rumble + engine: rumble + shortcut: ru + base_url: https://rumble.com/ + paging: true + categories: videos + disabled: true + + - name: wordnik + engine: wordnik + shortcut: def + base_url: https://www.wordnik.com/ + categories: [dictionaries] + timeout: 5.0 + disabled: false + + - name: woxikon.de synonyme + engine: xpath + shortcut: woxi + categories: [dictionaries] + timeout: 5.0 + disabled: true + search_url: https://synonyme.woxikon.de/synonyme/{query}.php + url_xpath: //div[@class="upper-synonyms"]/a/@href + content_xpath: //div[@class="synonyms-list-group"] + title_xpath: //div[@class="upper-synonyms"]/a + no_result_for_http_status: [404] + about: + website: https://www.woxikon.de/ + wikidata_id: # No Wikidata ID + use_official_api: false + require_api_key: false + results: HTML + language: de + + - name: sjp.pwn + engine: sjp + shortcut: sjp + base_url: https://sjp.pwn.pl/ + timeout: 5.0 + disabled: true + + # wikimini: online encyclopedia for children + # The fulltext and title parameter is necessary for Wikimini because + # sometimes it will not show the results and redirect instead + - name: wikimini + engine: xpath + shortcut: wkmn + search_url: https://fr.wikimini.org/w/index.php?search={query}&title=Sp%C3%A9cial%3ASearch&fulltext=Search + url_xpath: //li/div[@class="mw-search-result-heading"]/a/@href + title_xpath: //li//div[@class="mw-search-result-heading"]/a + content_xpath: //li/div[@class="searchresult"] + categories: general + disabled: true + about: + website: https://wikimini.org/ + wikidata_id: Q3568032 + use_official_api: false + require_api_key: false + results: HTML + language: fr + + - name: brave + shortcut: brave + engine: xpath + paging: true + time_range_support: true + first_page_num: 0 + time_range_url: "&tf={time_range_val}" + search_url: https://search.brave.com/search?q={query}&offset={pageno}&spellcheck=1{time_range} + url_xpath: //a[@class="result-header"]/@href + title_xpath: //span[@class="snippet-title"] + content_xpath: //p[1][@class="snippet-description"] + suggestion_xpath: //div[@class="text-gray h6"]/a + time_range_map: + day: 'pd' + week: 'pw' + month: 'pm' + year: 'py' + categories: [general, web] + disabled: true + about: + website: https://brave.com/search/ + wikidata_id: Q107355971 + use_official_api: false + require_api_key: false + results: HTML + + - name: petalsearch + shortcut: pts + engine: xpath + paging: true + search_url: https://petalsearch.com/search?query={query}&pn={pageno} + results_xpath: //div[@class="webpage-content"]/div[@class="title-cont"]/a + url_xpath: ./@href + title_xpath: . + content_xpath: ../../div[@class="webpage-text"] + suggestion_xpath: //div[@class="related-search-items"]/a + first_page_num: 1 + disabled: true + about: + website: https://petalsearch.com/ + wikidata_id: Q104399280 + use_official_api: false + require_api_key: false + results: HTML + + - name: petalsearch images + engine: petal_images + shortcut: ptsi + disabled: true + timeout: 3.0 + + - name: petalsearch news + shortcut: ptsn + categories: news + engine: xpath + paging: true + search_url: https://petalsearch.com/search?channel=news&query={query}&pn={pageno} + results_xpath: //div[@class="news-container"]/div/div/div/a + url_xpath: ./@href + title_xpath: ./div + content_xpath: ../div[@class="news-text"] + thumbnail_xpath: ../../../../img/@src + first_page_num: 1 + disabled: true + about: + website: https://petalsearch.com/ + wikidata_id: Q104399280 + use_official_api: false + require_api_key: false + results: HTML + + - name: lib.rs + shortcut: lrs + engine: xpath + search_url: https://lib.rs/search?q={query} + results_xpath: /html/body/main/div/ol/li/a + url_xpath: ./@href + title_xpath: ./div[@class="h"]/h4 + content_xpath: ./div[@class="h"]/p + categories: [it, packages] + disabled: true + about: + website: https://lib.rs + wikidata_id: Q113486010 + use_official_api: false + require_api_key: false + results: HTML + + - name: sourcehut + shortcut: srht + engine: xpath + paging: true + search_url: https://sr.ht/projects?page={pageno}&search={query} + results_xpath: (//div[@class="event-list"])[1]/div[@class="event"] + url_xpath: ./h4/a[2]/@href + title_xpath: ./h4/a[2] + content_xpath: ./p + first_page_num: 1 + categories: [it, repos] + disabled: true + about: + website: https://sr.ht + wikidata_id: Q78514485 + official_api_documentation: https://man.sr.ht/ + use_official_api: false + require_api_key: false + results: HTML + +# Doku engine lets you access to any Doku wiki instance: +# A public one or a privete/corporate one. +# - name: ubuntuwiki +# engine: doku +# shortcut: uw +# base_url: 'https://doc.ubuntu-fr.org' + +# Be careful when enabling this engine if you are +# running a public instance. Do not expose any sensitive +# information. You can restrict access by configuring a list +# of access tokens under tokens. +# - name: git grep +# engine: command +# command: ['git', 'grep', '{{QUERY}}'] +# shortcut: gg +# tokens: [] +# disabled: true +# delimiter: +# chars: ':' +# keys: ['filepath', 'code'] + +# Be careful when enabling this engine if you are +# running a public instance. Do not expose any sensitive +# information. You can restrict access by configuring a list +# of access tokens under tokens. +# - name: locate +# engine: command +# command: ['locate', '{{QUERY}}'] +# shortcut: loc +# tokens: [] +# disabled: true +# delimiter: +# chars: ' ' +# keys: ['line'] + +# Be careful when enabling this engine if you are +# running a public instance. Do not expose any sensitive +# information. You can restrict access by configuring a list +# of access tokens under tokens. +# - name: find +# engine: command +# command: ['find', '.', '-name', '{{QUERY}}'] +# query_type: path +# shortcut: fnd +# tokens: [] +# disabled: true +# delimiter: +# chars: ' ' +# keys: ['line'] + +# Be careful when enabling this engine if you are +# running a public instance. Do not expose any sensitive +# information. You can restrict access by configuring a list +# of access tokens under tokens. +# - name: pattern search in files +# engine: command +# command: ['fgrep', '{{QUERY}}'] +# shortcut: fgr +# tokens: [] +# disabled: true +# delimiter: +# chars: ' ' +# keys: ['line'] + +# Be careful when enabling this engine if you are +# running a public instance. Do not expose any sensitive +# information. You can restrict access by configuring a list +# of access tokens under tokens. +# - name: regex search in files +# engine: command +# command: ['grep', '{{QUERY}}'] +# shortcut: gr +# tokens: [] +# disabled: true +# delimiter: +# chars: ' ' +# keys: ['line'] + +doi_resolvers: + oadoi.org: 'https://oadoi.org/' + doi.org: 'https://doi.org/' + doai.io: 'https://dissem.in/' + sci-hub.se: 'https://sci-hub.se/' + sci-hub.do: 'https://sci-hub.do/' + scihubtw.tw: 'https://scihubtw.tw/' + sci-hub.st: 'https://sci-hub.st/' + sci-hub.bar: 'https://sci-hub.bar/' + sci-hub.it.nf: 'https://sci-hub.it.nf/' + +default_doi_resolver: 'oadoi.org' \ No newline at end of file diff --git a/apps/searxng/docker-compose.yml b/apps/searxng/docker-compose.yml new file mode 100644 index 00000000..6a261867 --- /dev/null +++ b/apps/searxng/docker-compose.yml @@ -0,0 +1,24 @@ +version: "3.7" + +services: + searxng: + container_name: searxng + image: searxng/searxng:latest + restart: unless-stopped + networks: + - tipi_main_network + volumes: + - "${APP_DATA_DIR}/data:/etc/searxng" + ports: + - ${APP_PORT}:8080 + environment: + - BIND_ADDRESS=0.0.0.0:8080 + - BASE_URL=${APP_PROTOCOL:-http}://${APP_DOMAIN}/ + - SECRET_KEY=${SEARXNG_SECRET_KEY} + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.searxng.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.searxng.entrypoints: websecure + traefik.http.routers.searxng.service: searxng + traefik.http.routers.searxng.tls.certresolver: myresolver + traefik.http.services.searxng.loadbalancer.server.port: 8080 diff --git a/apps/searxng/metadata/description.md b/apps/searxng/metadata/description.md new file mode 100644 index 00000000..b84f087d --- /dev/null +++ b/apps/searxng/metadata/description.md @@ -0,0 +1,21 @@ +## Privacy-respecting, hackable metasearch engine + +SearXNG is a free internet metasearch engine which aggregates results from more than 70 search services. Users are neither tracked nor profiled. Additionally, SearXNG can be used over Tor for online anonymity. + +### Differences to searx + +SearXNG is a fork of searx. Here are some of the changes: + +- User experience +- Huge update of the simple theme: + - usable on desktop, tablet and mobile + - light and dark versions (you can choose in the preferences) + - support right-to-left languages +- the translations are up to date, you can contribute on Weblate +- the preferences page has been updated: + - you can see which engines are reliable or not + - engines are grouped inside each tab + - each engine has a description +- thanks to the anonymous metrics, it is easier to report a bug of an engine and thus engines get fixed more quickly + - if you don't want any metrics to be recorded, you can disable them on the server +- administrator can block and/or replace the URLs in the search results diff --git a/apps/searxng/metadata/logo.jpg b/apps/searxng/metadata/logo.jpg new file mode 100644 index 00000000..9a1380d6 Binary files /dev/null and b/apps/searxng/metadata/logo.jpg differ diff --git a/apps/send/config.json b/apps/send/config.json new file mode 100644 index 00000000..b3a23e38 --- /dev/null +++ b/apps/send/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "Send", + "available": true, + "exposable": true, + "port": 8126, + "id": "send", + "tipi_version": 1, + "version": "latest", + "categories": ["utilities"], + "description": "A file sharing experiment which allows you to send encrypted files to other users.", + "short_desc": "Simple, private file sharing. https://send.vis.ee/", + "author": "timvisee", + "source": "https://gitlab.com/timvisee/send", + "form_fields": [] +} diff --git a/apps/send/docker-compose.yml b/apps/send/docker-compose.yml new file mode 100644 index 00000000..05727af4 --- /dev/null +++ b/apps/send/docker-compose.yml @@ -0,0 +1,46 @@ +version: "3.7" +services: + send: + image: registry.gitlab.com/timvisee/send:latest + container_name: send + restart: unless-stopped + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:1443 + networks: + - tipi_main_network + volumes: + - ${APP_DATA_DIR}/data/uploads:/uploads + environment: + - NODE_ENV=production + # Networking + - BASE_URL=${APP_PROTOCOL:-http}://${APP_DOMAIN} + # Redis + - REDIS_HOST=send-redis + # Storage Limit + - MAX_FILE_SIZE=2147483648 + - DETECT_BASE_URL=true + depends_on: + - send-redis + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.send.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.send.entrypoints: websecure + traefik.http.routers.send.service: send + traefik.http.routers.send.tls.certresolver: myresolver + traefik.http.services.send.loadbalancer.server.port: 1443 + + send-redis: + image: redis:alpine + container_name: send-redis + restart: unless-stopped + volumes: + - ${APP_DATA_DIR}/data/redis:/data + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 1s + timeout: 3s + retries: 30 + networks: + - tipi_main_network diff --git a/apps/send/metadata/description.md b/apps/send/metadata/description.md new file mode 100644 index 00000000..b5876674 --- /dev/null +++ b/apps/send/metadata/description.md @@ -0,0 +1,29 @@ +A fork of Mozilla's [Firefox Send][mozilla-send]. +Mozilla discontinued Send, this fork is a community effort to keep the project +up-to-date and alive. + +- Forked [at][fork-commit] Mozilla's last publicly hosted version +- _Mozilla_ & _Firefox_ branding [is][remove-branding-pr] removed so you can legally self-host +- Kept compatible with [`ffsend`][ffsend] (CLI for Send) +- Dependencies have been updated +- Mozilla's [changes][mozilla-patches] since the fork have been selectively [merged][mozilla-patches-pr] +- Mozilla's experimental report feature, download tokens, trust warnings and FxA changes are not included + +Find an up-to-date Docker image here: [docs/docker.md](docs/docker.md) + +The original project by Mozilla can be found [here][mozilla-send]. +Please consider to [donate][donate] to allow me to keep working on this. + +Thanks [Mozilla][mozilla] for building this amazing tool! + +[branch-mozilla-master]: https://gitlab.com/timvisee/send/-/tree/mozilla-master +[branch-send-v3]: https://gitlab.com/timvisee/send/-/tree/send-v3 +[branch-send-v4]: https://gitlab.com/timvisee/send/-/tree/send-v4 +[donate]: https://timvisee.com/donate +[ffsend]: https://github.com/timvisee/ffsend +[fork-commit]: https://gitlab.com/timvisee/send/-/commit/3e9be676413a6e1baaf6a354c180e91899d10bec +[mozilla-patches-pr]: https://gitlab.com/timvisee/send/-/merge_requests/3 +[mozilla-patches]: https://gitlab.com/timvisee/send/-/compare/3e9be676413a6e1baaf6a354c180e91899d10bec...mozilla-master +[mozilla-send]: https://github.com/mozilla/send +[mozilla]: https://mozilla.org/ +[remove-branding-pr]: https://gitlab.com/timvisee/send/-/merge_requests/2 diff --git a/apps/send/metadata/logo.jpg b/apps/send/metadata/logo.jpg new file mode 100644 index 00000000..c2bc44a3 Binary files /dev/null and b/apps/send/metadata/logo.jpg differ diff --git a/apps/syncthing/config.json b/apps/syncthing/config.json index b475652d..0b201a3e 100644 --- a/apps/syncthing/config.json +++ b/apps/syncthing/config.json @@ -7,7 +7,7 @@ "tipi_version": 1, "version": "1.20", "categories": ["data", "utilities"], - "description": "Syncthing is a peer-to-peer continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it's transmitted over the internet.\n\nInstall the Syncthing app on your Umbrel and pair it with the Syncthing app on your phone or computer for a self hosted peer-to-peer backup solution.", + "description": "Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers. We strive to fulfill the goals below. The goals are listed in order of importance, the most important one being the first. This is the summary version of the goal list - for more commentary, see the full Goals document.", "short_desc": "Peer-to-peer file synchronization between your devices", "author": "The Syncthing Foundation", "source": "https://github.com/syncthing", diff --git a/apps/teddit/config.json b/apps/teddit/config.json new file mode 100644 index 00000000..37be2acb --- /dev/null +++ b/apps/teddit/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "teddit", + "available": true, + "exposable": true, + "port": 8124, + "id": "teddit", + "tipi_version": 1, + "version": "latest", + "categories": ["social"], + "description": "A free and open source alternative Reddit front-end focused on privacy. Inspired by the Nitter project.", + "short_desc": "Alternative Reddit front-end focused on privacy https://teddit.net", + "author": "teddit", + "source": "https://codeberg.org/teddit/teddit", + "form_fields": [] +} diff --git a/apps/teddit/docker-compose.yml b/apps/teddit/docker-compose.yml new file mode 100644 index 00000000..94c17719 --- /dev/null +++ b/apps/teddit/docker-compose.yml @@ -0,0 +1,45 @@ +version: "3.7" + +services: + teddit: + image: teddit/teddit:latest + container_name: teddit + networks: + - tipi_main_network + ports: + - ${APP_PORT}:8080 + depends_on: + - teddit-redis + restart: unless-stopped + environment: + - REDIS_HOST=teddit-redis + - DOMAIN=${APP_DOMAIN} + - THEME=dark + - HTTPS_ENABLED=false + - REDIRECT_HTTP_TO_HTTPS=false + - REDIRECT_WWW=false + healthcheck: + test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"] + interval: 1m + timeout: 3s + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.teddit.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.teddit.entrypoints: websecure + traefik.http.routers.teddit.service: teddit + traefik.http.routers.teddit.tls.certresolver: myresolver + traefik.http.services.teddit.loadbalancer.server.port: 8080 + + teddit-redis: + image: redis:alpine + container_name: teddit-redis + restart: unless-stopped + volumes: + - ${APP_DATA_DIR}/data/redis:/data + healthcheck: + test: ["CMD", "redis-cli", "ping"] + interval: 1s + timeout: 3s + retries: 30 + networks: + - tipi_main_network diff --git a/apps/teddit/metadata/description.md b/apps/teddit/metadata/description.md new file mode 100644 index 00000000..fbce2d3e --- /dev/null +++ b/apps/teddit/metadata/description.md @@ -0,0 +1,17 @@ +# teddit + +[teddit.net](https://teddit.net) + +A free and open source alternative Reddit front-end focused on privacy. +Inspired by the [Nitter](https://github.com/zedeus/nitter) project. + +* No JavaScript or ads +* All requests go through the backend, client never talks to Reddit +* Prevents Reddit from tracking your IP or JavaScript fingerprint +* [Unofficial API](https://codeberg.org/teddit/teddit/wiki#teddit-api) (RSS & JSON support, no rate limits or Reddit account required) +* Lightweight (teddit frontpage: ~30 HTTP requests with ~270 KB of data downloaded vs. Reddit frontpage: ~190 requests with ~24 MB) +* Self-hostable. Anyone can setup an instance. An instance can either use Reddit's API with or without OAuth (so Reddit API key is not necessarily needed). + +Join the teddit discussion room on Matrix: [#teddit:matrix.org](https://matrix.to/#/#teddit:matrix.org) + +XMR: 832ogRwuoSs2JGYg7wJTqshidK7dErgNdfpenQ9dzMghNXQTJRby1xGbqC3gW3GAifRM9E84J91VdMZRjoSJ32nkAZnaCEj diff --git a/apps/teddit/metadata/logo.jpg b/apps/teddit/metadata/logo.jpg new file mode 100644 index 00000000..18a66a2b Binary files /dev/null and b/apps/teddit/metadata/logo.jpg differ diff --git a/apps/tubearchivist/config.json b/apps/tubearchivist/config.json new file mode 100644 index 00000000..575430e0 --- /dev/null +++ b/apps/tubearchivist/config.json @@ -0,0 +1,41 @@ +{ + "$schema": "../schema.json", + "name": "Tube Archivist", + "available": true, + "exposable": true, + "port": 8120, + "id": "tubearchivist", + "tipi_version": 1, + "version": "latest", + "categories": ["media"], + "description": "Once your YouTube video collection grows, it becomes hard to search and find a specific video. That's where Tube Archivist comes in: By indexing your video collection with metadata from YouTube, you can organize, search and enjoy your archived YouTube videos without hassle offline through a convenient web interface.", + "short_desc": "Your self-hosted YouTube media server", + "author": "bbilly1", + "source": "https://github.com/tubearchivist/tubearchivist", + "form_fields": [ + { + "type": "text", + "label": "Tube Archivist Username", + "max": 50, + "min": 3, + "required": true, + "env_variable": "TA_USER" + }, + { + "type": "password", + "label": "Tube Archivist Password", + "max": 50, + "min": 3, + "required": true, + "env_variable": "TA_PASSWORD" + }, + { + "type": "random", + "label": "Elasticsearch Password", + "max": 50, + "min": 3, + "required": true, + "env_variable": "ELASTIC_PASSWORD" + } + ] +} diff --git a/apps/tubearchivist/docker-compose.yml b/apps/tubearchivist/docker-compose.yml new file mode 100644 index 00000000..84771fa2 --- /dev/null +++ b/apps/tubearchivist/docker-compose.yml @@ -0,0 +1,66 @@ +version: "3.7" + +services: + tubearchivist: + container_name: tubearchivist + restart: unless-stopped + image: bbilly1/tubearchivist:latest + volumes: + - ${APP_DATA_DIR}/data/media:/youtube + - ${APP_DATA_DIR}/data/cache:/cache + environment: + - ES_URL=http://tubearchivist-es:9200 + - REDIS_HOST=tubearchivist-redis + - HOST_UID=${UID} + - HOST_GID=${GID} + - TA_USERNAME=${TA_USER} + - TA_PASSWORD=${TA_PASSWORD} + - TA_HOST=${APP_DOMAIN} + - ELASTIC_PASSWORD=${ELASTIC_PASSWORD} + depends_on: + - tubearchivist-es + - tubearchivist-redis + networks: + - tipi_main_network + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:8000 + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.tubearchivist.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.tubearchivist.entrypoints: websecure + traefik.http.routers.tubearchivist.service: tubearchivist + traefik.http.routers.tubearchivist.tls.certresolver: myresolver + traefik.http.services.tubearchivist.loadbalancer.server.port: 8000 + + tubearchivist-redis: + image: redislabs/rejson:latest + container_name: tubearchivist-redis + restart: always + networks: + - tipi_main_network + volumes: + - ${APP_DATA_DIR}/data/redis-data:/data + depends_on: + - tubearchivist-es + + tubearchivist-es: + image: bbilly1/tubearchivist-es:latest + container_name: tubearchivist-es + restart: always + environment: + - "xpack.security.enabled=true" + - "ELASTIC_PASSWORD=${ELASTIC_PASSWORD}" + - "discovery.type=single-node" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + networks: + - tipi_main_network + ulimits: + memlock: + soft: -1 + hard: -1 + volumes: + - ${APP_DATA_DIR}/data/es:/usr/share/elasticsearch/data + expose: + - "9200" diff --git a/apps/tubearchivist/metadata/description.md b/apps/tubearchivist/metadata/description.md new file mode 100644 index 00000000..77974fd6 --- /dev/null +++ b/apps/tubearchivist/metadata/description.md @@ -0,0 +1,21 @@ +# Your self-hosted YouTube media server + +![Tube Archivist](https://github.com/tubearchivist/tubearchivist/blob/master/assets/tube-archivist-banner.jpg?raw=true "Tube Archivist Banner") + +## Core functionality + +* Subscribe to your favorite YouTube channels +* Download Videos using **yt-dlp** +* Index and make videos searchable +* Play videos +* Keep track of viewed and unviewed videos + +## If you have issues running Tube Archivist + +Please visit the following URL and ensure neither of the tips resolve the issue: + +https://github.com/tubearchivist/tubearchivist#potential-pitfalls + +If they do not, please open an app here and tag @sethforprivacy: + +https://github.com/meienberger/runtipi-appstore/issues diff --git a/apps/tubearchivist/metadata/logo.jpg b/apps/tubearchivist/metadata/logo.jpg new file mode 100644 index 00000000..c167a36b Binary files /dev/null and b/apps/tubearchivist/metadata/logo.jpg differ diff --git a/apps/uptime-kuma/config.json b/apps/uptime-kuma/config.json new file mode 100644 index 00000000..1dacc455 --- /dev/null +++ b/apps/uptime-kuma/config.json @@ -0,0 +1,16 @@ +{ + "$schema": "../schema.json", + "name": "Uptime Kuma", + "available": true, + "exposable": true, + "port": 8125, + "id": "uptime-kuma", + "tipi_version": 1, + "version": "1", + "categories": ["utilities"], + "description": "It is a self-hosted monitoring tool like Uptime Robot.", + "short_desc": "A fancy self-hosted monitoring tool.", + "author": "louislam", + "source": "https://github.com/louislam/uptime-kuma", + "form_fields": [] +} diff --git a/apps/uptime-kuma/docker-compose.yml b/apps/uptime-kuma/docker-compose.yml new file mode 100644 index 00000000..1754e921 --- /dev/null +++ b/apps/uptime-kuma/docker-compose.yml @@ -0,0 +1,21 @@ +version: "3.7" +services: + uptime-kuma: + image: louislam/uptime-kuma:1 + container_name: uptime-kuma + volumes: + - ${APP_DATA_DIR}/data:/app/data + dns: + - ${DNS_IP} + ports: + - ${APP_PORT}:3001 + restart: unless-stopped + networks: + - tipi_main_network + labels: + traefik.enable: ${APP_EXPOSED} + traefik.http.routers.uptime-kuma.rule: Host(`${APP_DOMAIN}`) + traefik.http.routers.uptime-kuma.entrypoints: websecure + traefik.http.routers.uptime-kuma.service: uptime-kuma + traefik.http.routers.uptime-kuma.tls.certresolver: myresolver + traefik.http.services.uptime-kuma.loadbalancer.server.port: 3001 diff --git a/apps/uptime-kuma/metadata/description.md b/apps/uptime-kuma/metadata/description.md new file mode 100644 index 00000000..6c2a91a8 --- /dev/null +++ b/apps/uptime-kuma/metadata/description.md @@ -0,0 +1,33 @@ +# Uptime Kuma + +
+ +
+ +It is a self-hosted monitoring tool like "Uptime Robot". + + + +## 🥔 Live Demo + +Try it! + +https://demo.uptime.kuma.pet + +It is a temporary live demo, all data will be deleted after 10 minutes. The server is located in Tokyo, so if you live far from there, it may affect your experience. I suggest that you should install and try it out for the best demo experience. + +VPS is sponsored by Uptime Kuma sponsors on [Open Collective](https://opencollective.com/uptime-kuma)! Thank you so much! + +## ⭐ Features + +* Monitoring uptime for HTTP(s) / TCP / HTTP(s) Keyword / Ping / DNS Record / Push / Steam Game Server / Docker Containers. +* Fancy, Reactive, Fast UI/UX. +* Notifications via Telegram, Discord, Gotify, Slack, Pushover, Email (SMTP), and [90+ notification services, click here for the full list](https://github.com/louislam/uptime-kuma/tree/master/src/components/notifications). +* 20 second intervals. +* [Multi Languages](https://github.com/louislam/uptime-kuma/tree/master/src/languages) +* Multiple Status Pages +* Map Status Page to Domain +* Ping Chart +* Certificate Info +* Proxy Support +* 2FA available diff --git a/apps/uptime-kuma/metadata/logo.jpg b/apps/uptime-kuma/metadata/logo.jpg new file mode 100644 index 00000000..4c208f7b Binary files /dev/null and b/apps/uptime-kuma/metadata/logo.jpg differ diff --git a/apps/vaultwarden/docker-compose.yml b/apps/vaultwarden/docker-compose.yml index 7a355d6e..65d6ca4e 100644 --- a/apps/vaultwarden/docker-compose.yml +++ b/apps/vaultwarden/docker-compose.yml @@ -2,7 +2,7 @@ version: '3.7' services: vaultwarden: - image: vaultwarden/server:1.25.1 + image: vaultwarden/server:1.25.2 container_name: vaultwarden restart: unless-stopped ports: diff --git a/apps/zerotier/config.json b/apps/zerotier/config.json new file mode 100644 index 00000000..6ac8adb7 --- /dev/null +++ b/apps/zerotier/config.json @@ -0,0 +1,26 @@ +{ + "$schema": "../schema.json", + "name": "Zerotier", + "available": true, + "port": 9993, + "id": "zerotier", + "tipi_version": 1, + "version": "v1.10.1", + "categories": ["network", "security"], + "description": "ZeroTier combines the capabilities of VPN and SD-WAN, simplifying network management.", + "short_desc": "Easy to use zero configuration VPN.", + "author": "© ZeroTier Inc.", + "source": "https://github.com/zerotier/ZeroTierOne", + "website": "hhttps://www.zerotier.com", + "form_fields": [ + { + "type": "text", + "label": "Network ID", + "hint": "Create one at https://my.zerotier.com/", + "max": 16, + "min": 16, + "required": true, + "env_variable": "NETWORK_ID" + } + ] +} diff --git a/apps/zerotier/docker-compose.yml b/apps/zerotier/docker-compose.yml new file mode 100644 index 00000000..bfa1b4c1 --- /dev/null +++ b/apps/zerotier/docker-compose.yml @@ -0,0 +1,19 @@ +version: "3.7" +services: + zerotier: + container_name: zerotier + image: zerotier/zerotier:1.10.1 + restart: on-failure + command: "${NETWORK_ID}" + cap_add: + - NET_ADMIN + - SYS_ADMIN + devices: + - /dev/net/tun + healthcheck: + test: ['CMD','true'] + network_mode: host +# TO DO: Pass host data to retain zerotier id, or setup a volume. Prefer ~stateless. +# networks: +# - tipi_main_network +# mac_address: ${MAC_ADDRESS} \ No newline at end of file diff --git a/apps/zerotier/metadata/description.md b/apps/zerotier/metadata/description.md new file mode 100644 index 00000000..c88e8e99 --- /dev/null +++ b/apps/zerotier/metadata/description.md @@ -0,0 +1,10 @@ +## Securely Connect Any Device, Anywhere. + +ZeroTier combines the capabilities of VPN and SD-WAN, simplifying network management. +Connect team members from anywhere in the world on any device. ZeroTier creates secure networks between on-premise, cloud, desktop, and mobile devices. +Emulates Layer 2 Ethernet with multipath, multicast, and bridging capabilities. +ZeroTier’s zero-trust networking solution provides scalable security with 256-bit end-to-end encryption. + +Create a ZeroTier network at [https://my.zerotier.com/](https://my.zerotier.com/) and invite your team members to join. Once they accept the invitation, they will be able to access the network from any device, anywhere in the world. + +![zt](https://www.zerotier.com/wp-content/uploads/2020/08/ZT_NetworkGraphic_Homepage.png) diff --git a/apps/zerotier/metadata/logo.jpg b/apps/zerotier/metadata/logo.jpg new file mode 100644 index 00000000..d225c2e3 Binary files /dev/null and b/apps/zerotier/metadata/logo.jpg differ