160 lines
4.5 KiB
YAML
160 lines
4.5 KiB
YAML
searxng:
|
|
controllers:
|
|
api:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: searxng/searxng
|
|
tag: latest@sha256:8354c2e3fdc4e400379c0fa906e42961dfc55a570d9769c70ab07e410dfb1468
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: SEARXNG_BASE_URL
|
|
value: http://searxng-api.searxng:8080
|
|
- name: SEARXNG_QUERY_URL
|
|
value: http://searxng-api.searxng:8080/search?q=<query>
|
|
- name: SEARXNG_HOSTNAME
|
|
value: searxng-api.searxng
|
|
- name: ENABLE_RAG_WEB_SEARCH
|
|
value: true
|
|
- name: RAG_WEB_SEARCH_ENGINE
|
|
value: searxng
|
|
- name: RAG_WEB_SEARCH_RESULT_COUNT
|
|
value: 3
|
|
- name: RAG_WEB_SEARCH_CONCURRENT_REQUESTS
|
|
value: 10
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
browser:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: searxng/searxng
|
|
tag: latest@sha256:8354c2e3fdc4e400379c0fa906e42961dfc55a570d9769c70ab07e410dfb1468
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: SEARXNG_BASE_URL
|
|
value: https://searxng.alexlebens.net/
|
|
- name: SEARXNG_QUERY_URL
|
|
value: https://searxng.alexlebens.net/search?q=<query>
|
|
- name: SEARXNG_HOSTNAME
|
|
value: searxng.alexlebens.net
|
|
- name: SEARXNG_VALKEY_URL
|
|
value: valkey://127.0.0.1:6379/0
|
|
- name: GRANIAN_HOST
|
|
value: 0.0.0.0
|
|
- name: GRANIAN_PORT
|
|
value: 8080
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
valkey:
|
|
image:
|
|
repository: valkey/valkey
|
|
tag: 9.0.0-alpine3.22
|
|
pullPolicy: IfNotPresent
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
gluetun:
|
|
image:
|
|
repository: ghcr.io/qdm12/gluetun
|
|
tag: v3.40.3@sha256:ef4a44819a60469682c7b5e69183e6401171891feaa60186652d292c59e41b30
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: VPN_SERVICE_PROVIDER
|
|
value: protonvpn
|
|
- name: VPN_TYPE
|
|
value: wireguard
|
|
- name: WIREGUARD_PRIVATE_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: searxng-wireguard-conf
|
|
key: private-key
|
|
- name: FIREWALL_OUTBOUND_SUBNETS
|
|
value: 192.168.1.0/24,10.244.0.0/16
|
|
- name: FIREWALL_INPUT_PORTS
|
|
value: 8080
|
|
securityContext:
|
|
privileged: True
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
resources:
|
|
limits:
|
|
devic.es/tun: "1"
|
|
requests:
|
|
devic.es/tun: "1"
|
|
cpu: 10m
|
|
memory: 64Mi
|
|
service:
|
|
api:
|
|
controller: api
|
|
ports:
|
|
mail:
|
|
port: 8080
|
|
targetPort: 8080
|
|
protocol: HTTP
|
|
browser:
|
|
controller: browser
|
|
ports:
|
|
mail:
|
|
port: 80
|
|
targetPort: 8080
|
|
protocol: HTTP
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
type: secret
|
|
name: searxng-api-config-secret
|
|
advancedMounts:
|
|
api:
|
|
main:
|
|
- path: /etc/searxng/settings.yml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: settings.yml
|
|
- path: /etc/searxng/limiter.toml
|
|
readOnly: true
|
|
mountPropagation: None
|
|
subPath: limiter.toml
|
|
api-data:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
advancedMounts:
|
|
api:
|
|
main:
|
|
- path: /etc/searxng
|
|
readOnly: false
|
|
browser-data:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
advancedMounts:
|
|
browser:
|
|
main:
|
|
- path: /etc/searxng
|
|
readOnly: false
|
|
valkey-data:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
advancedMounts:
|
|
browser:
|
|
valkey:
|
|
- path: /data
|
|
readOnly: false
|