Merge branch 'stretch' of https://github.com/bashrc/freedombone

doc/EN/app_searx.org

@@ -25,6 +25,8 @@ In terms of security both the connection between you and the server, and the out
 [[file:images/searx.jpg]]
 #+END_CENTER
 
+* Installation
+
 ssh into the system with:
 
 #+BEGIN_SRC bash
@@ -33,6 +35,18 @@ ssh myusername@mydomain.com -p 2222
 
 Select *Administrator controls* then *Add/remove apps*. From there you can use cursor keys, space and enter keys to select *searx*.
 
-Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to *Passwords* on the *Administrator control panel* and select *searx*. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system.
+Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
+
+* Make it your default search
+
+If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "/Freedombone Metasearch/" and you can then right click on it and make it the default search.
+
+* Enabling password login
+
+It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
+
+To enable password login go to the *Administrator control panel* then *App settings* then select *searx* and *Enable login*. If you select "yes" then the password will be displayed.
+
+* Customization
 
 It's also possible to customise the background image if you go to *App settings* then select *searx*.

src/freedombone-app-searx

@@ -147,6 +147,33 @@ function searx_set_background_image {
     esac
 }
 
+function searx_enable_login {
+    dialog --title $"Enable Searx login" \
+           --backtitle $"Freedombone Control Panel" \
+           --defaultno \
+           --yesno $"\nDo you want to add a login so that random web users can't use your metasearch engine?" 10 60
+    sel=$?
+    case $sel in
+        0) if grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
+               sed -i 's|#auth_basic|auth_basic|g' /etc/nginx/sites-available/searx
+               systemctl restart nginx
+           fi
+           read_config_param $MY_USERNAME
+           SEARX_LOGIN_PASS=$(${PROJECT_NAME}-pass -u $MY_USERNAME -a searx)
+           dialog --title $"Enable Searx login" \
+                  --msgbox $"Searx logins are now enabled with the password $SEARX_LOGIN_PASS" 6 65
+           SEARX_LOGIN_PASS=
+           ;;
+        1) if ! grep -q '#auth_basic' /etc/nginx/sites-available/searx; then
+               sed -i 's|auth_basic|#auth_basic|g' /etc/nginx/sites-available/searx
+               systemctl restart nginx
+           fi
+           dialog --title $"Disable Searx login" \
+                  --msgbox $"Searx logins are now disabled. Anyone can access your metasearch engine." 6 65
+           ;;
+    esac
+}
+
 function configure_interactive_searx {
     while true
     do
@@ -154,9 +181,10 @@ function configure_interactive_searx {
         trap "rm -f $data" 0 1 2 5 15
         dialog --backtitle $"Freedombone Control Panel" \
                --title $"SearX Metasearch" \
-               --radiolist $"Choose an operation:" 11 70 2 \
+               --radiolist $"Choose an operation:" 12 70 3 \
                1 $"Set a background image" off \
-               2 $"Exit" on 2> $data
+               2 $"Enable login" off \
+               3 $"Exit" on 2> $data
         sel=$?
         case $sel in
             1) return;;
@@ -164,7 +192,8 @@ function configure_interactive_searx {
         esac
         case $(cat $data) in
             1) searx_set_background_image;;
-            2) break;;
+            2) searx_enable_login;;
+            3) break;;
         esac
     done
 }
@@ -942,8 +971,8 @@ function install_searx {
     function_check nginx_limits
     nginx_limits searx '1M'
     echo '        proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
-    echo "        auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
-    echo '        auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
+    echo "        #auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
+    echo '        #auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
     echo '    }' >> /etc/nginx/sites-available/searx
     echo '' >> /etc/nginx/sites-available/searx
     echo '    fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx

src/freedombone-usb-canary

@@ -5,8 +5,7 @@ PROJECT_NAME=freedombone
 UPTIME=$(cat /proc/uptime | awk -F '.' '{print $1}')
 if [ $UPTIME -gt 120 ]; then
     ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
-    #MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
-    MY_EMAIL_ADDRESS=root@$(cat /etc/hostname)
+    MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
     echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
     echo "${ACTION}" > /tmp/usb-canary
     echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary

website/EN/app_searx.html

@@ -3,10 +3,10 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-04-16 Sun 21:00 -->
+<!-- 2017-09-23 Sat 11:02 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
-<title></title>
+<title>&lrm;</title>
 <meta name="generator" content="Org mode" />
 <meta name="author" content="Bob Mottram" />
 <meta name="description" content="How to use SearX metasearch"
@@ -265,13 +265,16 @@ In terms of security both the connection between you and the server, and the out
 </div>
 </div>
 
+<div id="outline-container-org404708e" class="outline-2">
+<h2 id="org404708e">Installation</h2>
+<div class="outline-text-2" id="text-org404708e">
 <p>
 ssh into the system with:
 </p>
 
 <div class="org-src-container">
-<pre><code class="src src-bash">ssh myusername@mydomain.com -p 2222
-</code></pre>
+<pre class="src src-bash">ssh myusername@mydomain.com -p 2222
+</pre>
 </div>
 
 <p>
@@ -279,13 +282,42 @@ Select <b>Administrator controls</b> then <b>Add/remove apps</b>. From there you
 </p>
 
 <p>
-Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser. Go to <b>Passwords</b> on the <b>Administrator control panel</b> and select <b>searx</b>. This will give you the login password for your search site, and it prevents millions of random internet users from using your site as their default search engine and ruining the performance of your system.
+Once it has installed go to <b>About</b> on the <b>Administrator control panel</b> and look for <b>searx</b>. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
 </p>
+</div>
+</div>
 
+<div id="outline-container-org312dbda" class="outline-2">
+<h2 id="org312dbda">Make it your default search</h2>
+<div class="outline-text-2" id="text-org312dbda">
+<p>
+If you are using a Tor browser or Firefox then click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "<i>Freedombone Metasearch</i>" and you can then right click on it and make it the default search.
+</p>
+</div>
+</div>
+
+<div id="outline-container-org6b74e84" class="outline-2">
+<h2 id="org6b74e84">Enabling password login</h2>
+<div class="outline-text-2" id="text-org6b74e84">
+<p>
+It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
+</p>
+
+<p>
+To enable password login go to the <b>Administrator control panel</b> then <b>App settings</b> then select <b>searx</b> and <b>Enable login</b>. If you select "yes" then the password will be displayed.
+</p>
+</div>
+</div>
+
+<div id="outline-container-orgae556b2" class="outline-2">
+<h2 id="orgae556b2">Customization</h2>
+<div class="outline-text-2" id="text-orgae556b2">
 <p>
 It's also possible to customise the background image if you go to <b>App settings</b> then select <b>searx</b>.
 </p>
 </div>
+</div>
+</div>
 <div id="postamble" class="status">
 
 <style type="text/css">