The following explains how to set up the SearX metasearch engine on a ARM device. For this setup I'm going to be using an Odroid C2, but you can use pretty much any Linux device, including a Raspberry Pi. This tutorial assumes you understand how to flash the operating system, log into your device via SSH and operate the terminal, as well as having already reset the default devices password with the passwd command.
First we have to flash our operating system image onto an SD card; for this I'm using etcher.
Heading over to the SearX metasearch engine page we can see and follow the instructions. First off we should make sure that our system is up to date, so go ahead and run the following commands:
sudo apt-get update
sudo apt-get upgrade
If there are any updates, go ahead and proceed to update your OS, and restart the Putty client.
Once the device has restarted, go ahead and run the following command to install the dependancies:
sudo apt install git build-essential libxslt-dev python-dev python-virtualenv python-babel zlib1g-dev libffi-dev libssl-dev python-pip virtualenv
Once we have these installed, we can start with the installation. We first need to clone the Github repository and create a user for the application:
cd /usr/local
sudo git clone https://github.com/asciimoo/searx.git
sudo useradd searx -d /usr/local/searx
sudo chown searx:searx -R /usr/local/searx
Now that we have cloned the repository we can go ahead and create the virtual environment that will run the search engine:
sudo -u searx -i
cd /usr/local/searx
virtualenv searx-ve
. ./searx-ve/bin/activate
This final installation command will take a little while, so go ahead and make some tea and wait for it to finish:
./manage.sh update_packages
Now that the installation is complete, go ahead and restart the Putty client.
We now need to move back into the searx folder and generate a secret key, thankfully this is easy to do with the following commands:
cd /usr/local/searx
sudo sed -i -e "s/ultrasecretkey/`openssl rand -hex 16`/g" searx/settings.yml
Now we can go ahead and set the port; This is entirely optional, but if you want to have your SearX instance running without the port shown, we need to change the port number to 80. We also need to change the "bind_address" value to our local port to ensure connection. Let's go ahead and edit the ip address and port number with the command below:
sudo nano /usr/local/searx/searx/settings.yml
Find the port and change it to 80, and then save the file (press control+x and then y).
Now we're pretty much done, and can test the search engine with the following command:
cd /usr/local/searx && . ./searx-ve/bin/activate && python searx/webapp.py &
Editing the /etc/rc.local file will allow us to have the search engine launch on boot, without us needing to run the above command each time we restart the device. Add the above command to the /etc/rc.local file like so:
if [ -f /aafirstboot ]; then /aafirstboot start ; fi
cd /usr/local/searx && . ./searx-ve/bin/activate && python searx/webapp.py &
exit 0
Go ahead and reboot your device and test the local ip address; you should be able to access the search engine without specifying the local 80 port. If the search engine works, hurray! You can now ensure that the debugging is turned off with:
sed -i -e "s/debug : True/debug : False/g" searx/settings.yml
You now have your very own private instance of SearX running!
Now that we have the instance up and running, we need to configure our chosen VPN, in this case Private Internet Access, using the OpenVPN client.
First we need to install OpenVPN: and download and install the configuration files that Private Internet Access provides:
sudo apt-get install openvpn unzip -y
cd /etc/openvpn
sudo wget --no-check-certificate https://www.privateinternetaccess.com/openvpn/openvpn.zip
sudo unzip openvpn.zip
With the configuration files downloaded and unzipped, we can take a quick look at them with the ls command, feel free to pick whatever country suits your needs.
Our next step is to create a login file so that the VPN is logged into automatically at launch:
sudo nano /etc/openvpn/login.txt
Here we simply put our username and password; username on the first line, password on the second line, and then save the file as login.txt
Next is to set our DNS's to Googles, although you could use any DNS service that you want:
echo "nameserver 8.8.8.8" | sudo tee -a /etc/resolv.conf
echo "nameserver 8.8.4.4" | sudo tee -a /etc/resolv.conf
sudo chattr +i /etc/resolv.conf
Next we add our VPN to our /etc/rc.local file so that it launches alongside our SearX instance, as you can see below I chose the France.ovpn configuration file, feel free to replace that part of the line with whatever country file you chose, it should now look like this:
if [ -f /aafirstboot ]; then /aafirstboot start ; fi
cd /etc/openvpn && openvpn --config France.ovpn --auth-user-pass login.txt &
cd -
cd /usr/local/searx && . ./searx-ve/bin/activate && python searx/webapp.py &
exit 0
As you can see from the above, we start the VPN first before the SearX instance starts, move back into the root folder and then start the SearX instance.
Go ahead and reboot the device, and run the below command to ensure that your VPN is connected, you should see an ip address that isn't your own:
printf " * Your VPN IP Address - " && wget -qO- http://ipecho.net/plain ; echo
And that pretty much wraps up how to install both SearX metasearch engine as well as Private Internet Access for a more secure, anonymous browsing experience.