utils/filtron.sh

To simplify installation and maintenance of a filtron instance you can use the script git://utils/filtron.sh. In most cases you will install filtron simply by running the command:

sudo -H ./utils/filtron.sh install all

The script adds a ${SERVICE_USER} (default:filtron) and installs filtron into this user account:

  1. Create a separated user account (filtron).

  2. Download and install Go binary in user’s $HOME (~filtron).

  3. Install filtron with the package management from Go (go get -v -u github.com/asciimoo/filtron)

  4. Setup a proper rule configuration [ref] (/etc/filtron/rules.json).

  5. Setup a systemd service unit [ref] (/lib/systemd/system/filtron.service).

Create user

$ sudo -H useradd --shell /bin/bash --system \
    --home-dir "/usr/local/filtron" \
    --comment "Privacy-respecting metasearch engine" filtron

$ sudo -H mkdir "/usr/local/filtron"
$ sudo -H chown -R "filtron:filtron" "/usr/local/filtron"

Install go

$ cat > "/usr/local/filtron/.go_env" <<EOF
export GOPATH=/usr/local/filtron/go-apps
export PATH=$PATH:/usr/local/filtron/local/go/bin:$GOPATH/bin
EOF
$ sudo -i -u "filtron"
(filtron) $ echo 'source /usr/local/filtron/.go_env' >> ~/.profile
(filtron) $ mkdir /usr/local/filtron/local
(filtron) $ wget --progress=bar -O "go1.13.5.linux-amd64.tar.gz" \
            "https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz"
(filtron) $ tar -C /usr/local/filtron/local -xzf "go1.13.5.linux-amd64.tar.gz"
(filtron) $ which go
/usr/local/filtron/local/go/bin/go

Install filtron

Install rules.json at /etc/filtron/rules.json (see Sample configuration of filtron) and install filtron software and systemd unit:

$ sudo -i -u "filtron"
(filtron) $ go get -v -u github.com/asciimoo/filtron
[Unit]

Description=filtron
After=syslog.target
After=network.target

[Service]

Type=simple
User=filtron
Group=filtron
WorkingDirectory=/usr/local/filtron
ExecStart=/usr/local/filtron/go-apps/bin/filtron -api '127.0.0.1:4005' -listen '127.0.0.1:4004' -rules '/etc/filtron/rules.json' -target '127.0.0.1:8888'

Restart=always
Environment=USER=filtron HOME=/usr/local/filtron

# Some distributions may not support these hardening directives.  If you cannot
# start the service due to an unknown option, comment out the ones not supported
# by your version of systemd.

ProtectSystem=full
PrivateDevices=yes
PrivateTmp=yes
NoNewPrivileges=true

[Install]

WantedBy=multi-user.target

Overview

The --help output of the script is largely self-explanatory (Common commands & environment):

usage::
  filtron.sh shell
  filtron.sh install    [all|user|rules]
  filtron.sh update     [filtron]
  filtron.sh remove     [all]
  filtron.sh activate   [service]
  filtron.sh deactivate [service]
  filtron.sh inspect    [service]
  filtron.sh option     [debug-on|debug-off]
  filtron.sh apache     [install|remove]
  filtron.sh nginx      [install|remove]

shell
  start interactive shell from user filtron
install / remove
  :all:        complete setup of filtron service
  :user:       add/remove service user 'filtron' (/usr/local/filtron)
  :rules:      reinstall filtron rules /etc/filtron/rules.json
update filtron
  Update filtron installation (/usr/local/filtron)
activate service
  activate and start service daemon (systemd unit)
deactivate service
  stop and deactivate service daemon (systemd unit)
inspect service
  show service status and log
option
  set one of the available options
apache (http://fv-az178-680/searx)
  :install: apache site with a reverse proxy (ProxyPass)
  :remove:  apache site searx.conf
nginx (http://fv-az178-680/searx)
  :install: nginx site with a reverse proxy (ProxyPass)
  :remove:  nginx site searx.conf

filtron rules: /etc/filtron/rules.json

If needed, set PUBLIC_URL of your WEB service in the '.config.sh' file::
  PUBLIC_URL     : http://fv-az178-680/searx
  PUBLIC_HOST    : fv-az178-680
  SERVICE_USER   : filtron
  FILTRON_TARGET : 127.0.0.1:8888
  FILTRON_API    : 127.0.0.1:4005
  FILTRON_LISTEN : 127.0.0.1:4004