I hostes searxng on portainer but I still can’t seem to access http://mydomainname/20054/
Also portainer doesn’t show any Published Ports (it shows 20054:8080 for a very short period when I start the stack and then disappeared)
version: "3.7"
services:
# caddy:
# container_name: caddy
# image: docker.io/library/caddy:2-alpine
# network_mode: host
# restart: unless-stopped
# volumes:
# - /volume1/SN/Docker/searxng-stack/Caddyfile:/etc/caddy/Caddyfile:ro
# - caddy-data:/data:rw
# - caddy-config:/config:rw
# environment:
# # - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost/}
# - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
# cap_drop:
# - ALL
# cap_add:
# - NET_BIND_SERVICE
# logging:
# driver: "json-file"
# options:
# max-size: "1m"
# max-file: "1"
redis:
container_name: redis
image: docker.io/valkey/valkey:8-alpine
command: valkey-server --save 30 1 --loglevel warning
restart: unless-stopped
networks:
- searxng
volumes:
- valkey-data2:/data
cap_drop:
- ALL
cap_add:
- SETGID
- SETUID
- DAC_OVERRIDE
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
searxng:
container_name: searxng
image: docker.io/searxng/searxng:latest
restart: unless-stopped
networks:
- searxng
ports:
# - "127.0.0.1:8080:8080"
- "20054:8080"
volumes:
- /volume1/SN/Docker/searxng-stack/searxng:/etc/searxng:rw
environment:
# - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
- SEARXNG_BASE_URL=http://mydomainname/20054/
- UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
- UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}
cap_drop:
- ALL
cap_add:
- CHOWN
- SETGID
- SETUID
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
networks:
searxng:
volumes:
# caddy-data:
# caddy-config:
valkey-data2:
thx a lot!
You must log in or # to comment.
Did you accidently typo the url? I see a ‘/’ instead of a ‘:’ before the port number.
try going to http://mydomainname:20054/
Might also need to fix the searchx_base_url env variable
sorry that is a typo in the post, I’m still not able to access http://domain:20054/
Might also need to fix the searchx_base_url env variable
How do I fix that?
Glad to see you got it working. One thing to add that you might find useful:
it shows 20054:8080 for a very short period when I start the stack and then disappeared
This is an indication that the container has stopped. Because you have
restart: unless-stoppedset, the container is stuck in a bootloop so portainer will always show a state of eitherstartingorrunning. Docker container automatically stop when the application inside the container has exited or completed… Often because the application has encountered an error.Some more information that may or may not be useful:
A good example of a container stopped because the application has finished is the Cross-seed container that people use to cross reference their torrents seeding in their bittorrent client with torrents available on other torrent trackers. In this case, the application runs a search on each tracker, downloads the files and once the search is done the application exits and then the docker container will stop.
You kind of need caddy to act as a reverse proxy for that. Or are you using a different reverse proxy?
have you checked the directory & file permissions with
ls -la /Your/SearXNG/WorkingDir?The error in your log is telling you that the container does not have permission to that directory/file, you can essentially bypass this with
sudo chmod 777 /Your/SearXNG/WorkingDir/*andsudo chown 1000:1000 /Your/SearXNG/WorkingDir/*However, if you’re looking for security best practices this is not advisable but if all you care about is that it works it should be fine.
I really do not like recommending people chmod 777 anything.
It encourages bad practices.
I think I do have permission to the directory?
~ # ls -la /etc/searxng total 72 drwx------ 1 1026 100 42 May 17 04:49 . drwxr-xr-x 1 root root 494 May 17 05:24 .. ---------- 1 root root 68667 May 17 04:49 settings.yml ---------- 1 root root 1223 May 17 04:49 uwsgi.ini___
Here is my searxng rocker compose:
services: redis: container_name: redis image: docker.io/valkey/valkey:7-alpine command: valkey-server --save 30 1 --loglevel warning restart: unless-stopped networks: - local_bridge volumes: - ./data/reddis:/data cap_drop: - ALL cap_add: - SETGID - SETUID - DAC_OVERRIDE logging: driver: "json-file" options: max-size: "1m" max-file: "1" searxng: container_name: searxng image: docker.io/searxng/searxng:latest restart: unless-stopped networks: - local_bridge - proxy volumes: - ./data/searxng:/etc/searxng environment: - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/ - SEARXNG_SECRET=${SEARXNG_SECRET} cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID logging: driver: "json-file" options: max-size: "1m" max-file: "1" networks: local_bridge: # local bridge with ipv6 internet access driver: bridge enable_ipv6: true proxy: external: trueAnd my searxng settings:
searxng/data/searxng/settings.yml # see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings use_default_settings: true server: # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml limiter: false # can be disabled for a private instance image_proxy: false ui: static_use_hash: true query_in_title: true infinite_scroll: true default_theme: simple theme_args: # style of simple theme: auto, light, dark simple_style: dark redis: url: redis://redis:6379/0 search: safe_search: 0 autocomplete: 'duckduckgo' default_lang: "en" formats: - html - json outgoing: # default timeout in seconds, can be override by engine request_timeout: 3.0 enabled_plugins: - 'Hash plugin' - 'Basic Calculator' - 'Self Informations' - 'Tracker URL remover' # - 'Ahmia blacklist' - 'Hostnames plugin' # see 'hostnames' configuration below - 'Open Access DOI rewrite'And the proxy network is just the docker network that nginx is connected to. Here is my nginx conf https://github.com/muntedcrocodile/nginxconf .
I’ve never used portainer sorry.
If you see the published port for a very short time then something might be crashing when it tries to start.
docker logs searxngfrom cli might be revealingedit: I do have a searxng container and my compose.yml is very similar to yours. I guess we both copied the example. The only difference I can see is that you still have the env variables for UWSGI_WORKERS and UWSGI_THREADS. I just set both of those to 4 instead of using the SEARXNG_ env vars
Listen on [::]:8080doesn’t give 20054, could this be the reason?Listen on [::]:8080 [uWSGI] getting INI configuration from /etc/searxng/uwsgi.ini open("/etc/searxng/uwsgi.ini"): Permission denied [core/io.c line 525] SearXNG version 2025.5.16+1b08324 Use existing /etc/searxng/uwsgi.ini Use existing /etc/searxng/settings.yml Listen on [::]:8080 [uWSGI] getting INI configuration from /etc/searxng/uwsgi.ini open("/etc/searxng/uwsgi.ini"): Permission denied [core/io.c line 525] SearXNG version 2025.5.16+1b08324 Use existing /etc/searxng/uwsgi.ini Use existing /etc/searxng/settings.yml Listen on [::]:8080 [uWSGI] getting INI configuration from /etc/searxng/uwsgi.ini open("/etc/searxng/uwsgi.ini"): Permission denied [core/io.c line 525]open(“/etc/searxng/uwsgi.ini”): Permission denied [core/io.c line 525]
I think here is your problem. Make sure that file exists and is readable from inside of the docker.
I tried removing cap_drop (as instructed on https://github.com/searxng/searxng-docker/issues/115) but no luck, the permission error still exists. And also there occurs a new error
no python application foundtry opening a shell with ’ docker exec -it searxng sh" and see if you can cat the file from inside docker, if yes then I’m not sure of a solution ,if no then the problem is with permissions on your filesystem outside of docker where you have " - ./data/searxng:/etc/searxng" You need to go to ./data/searxng and correct the permissions so they can be read inside the docker.
u are right its not writable, the files are read only, that is wierd
Yep Probably you need to change ownership and/or permissions of the files outside of docker.
I dont want to give the wrong suggestion from memory so hopefully thats enough info to get you going in the direction of a fix. Basically see what user id owns the files inside of docker, make it the same uid outside of docker in the folder you are bind mounting.
SN_FR_@SN:~$ sudo docker exec -it searxng sh -c "id" uid=0(root) gid=0(root) groups=0(root)container is running as root, so there shouldn’t be any permission error?
u are right its not writable, the files are read only, that is wierd
I’m opening those files with windows but the user permission inside docker shouldn’t cause that problem.
I’m scratching my head nw
~ # ls /etc/searxng settings.yml uwsgi.ini ~ # cat settings.yml cat: can't open 'settings.yml': No such file or directory ~ # cat /etc/searxng/settings.yml general: # Debug mode, only for development. Is overwritten by ${SEARXNG_DEBUG} debug: false # displayed name instance_name: "searxng" # For example: https://example.com/privacyI think I do have the permission?
