searxng: controllers: api: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: searxng/searxng tag: latest@sha256:8354c2e3fdc4e400379c0fa906e42961dfc55a570d9769c70ab07e410dfb1468 pullPolicy: IfNotPresent env: - name: SEARXNG_BASE_URL value: http://searxng-api.searxng:8080 - name: SEARXNG_QUERY_URL value: http://searxng-api.searxng:8080/search?q= - name: SEARXNG_HOSTNAME value: searxng-api.searxng - name: UWSGI_WORKERS value: 4 - name: UWSGI_THREADS value: 4 - name: ENABLE_RAG_WEB_SEARCH value: true - name: RAG_WEB_SEARCH_ENGINE value: searxng - name: RAG_WEB_SEARCH_RESULT_COUNT value: 3 - name: RAG_WEB_SEARCH_CONCURRENT_REQUESTS value: 10 resources: requests: cpu: 10m memory: 256Mi browser: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: searxng/searxng tag: latest@sha256:8354c2e3fdc4e400379c0fa906e42961dfc55a570d9769c70ab07e410dfb1468 pullPolicy: IfNotPresent env: - name: SEARXNG_BASE_URL value: https://searxng.alexlebens.net/ - name: SEARXNG_QUERY_URL value: https://searxng.alexlebens.net/search?q= - name: SEARXNG_HOSTNAME value: searxng.alexlebens.net - name: SEARXNG_REDIS_URL value: redis://redis-replication-searxng-master.searxng:6379/0 - name: UWSGI_WORKERS value: 4 - name: UWSGI_THREADS value: 4 resources: requests: cpu: 10m memory: 256Mi gluetun: image: repository: ghcr.io/qdm12/gluetun tag: v3.40.3@sha256:ef4a44819a60469682c7b5e69183e6401171891feaa60186652d292c59e41b30 pullPolicy: IfNotPresent env: - name: VPN_SERVICE_PROVIDER value: protonvpn - name: VPN_TYPE value: wireguard - name: WIREGUARD_PRIVATE_KEY valueFrom: secretKeyRef: name: searxng-wireguard-conf key: private-key - name: VPN_PORT_FORWARDING value: "on" - name: VPN_PORT_FORWARDING_UP_COMMAND value: '/bin/sh -c "/gluetun/update.sh {{ printf "{{PORTS}}" }}"' - name: PORT_FORWARD_ONLY value: "on" - name: FIREWALL_OUTBOUND_SUBNETS value: 192.168.1.0/24,10.244.0.0/16 - name: FIREWALL_INPUT_PORTS value: 8080 - name: DOT value: "off" securityContext: privileged: True capabilities: add: - NET_ADMIN - SYS_MODULE resources: limits: devic.es/tun: "1" requests: devic.es/tun: "1" cpu: 10m memory: 64Mi service: api: controller: api ports: mail: port: 8080 targetPort: 8080 protocol: HTTP browser: controller: browser ports: mail: port: 80 targetPort: 8080 protocol: HTTP persistence: config: enabled: true type: secret name: searxng-api-config-secret advancedMounts: api: main: - path: /etc/searxng/settings.yml readOnly: true mountPropagation: None subPath: settings.yml - path: /etc/searxng/limiter.toml readOnly: true mountPropagation: None subPath: limiter.toml api-data: storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi advancedMounts: api: main: - path: /etc/searxng readOnly: false browser-data: storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi advancedMounts: browser: main: - path: /etc/searxng readOnly: false