19. august 2023 by Eirik Rolland Enger5 minutes
For some time I have been hosting my own website and a few subdomains on a server I rent via Vultr, but all of it have been placed directly in directories on the server itself. It’s all just been built sites lying there, with access to the internet via the domain I own.
But that ends today, as I am now running my own version of the Whoogle search engine on my server via docker, that I can access from anywhere as the subdomain whoogle.eirik.re.
Whoogle is a nice open source project that is “a self-hosted, ad-free, privacy-respecting metasearch engine”. It can be installed in a number of ways: from source, via PyPI or via docker, to name a few.
Running it on my computers via docker and accessing it on
http://localhost:5000
has been my go-to way for a long time,
but that leaves my phone out of the fun, so this is the attempt to have a complete
set-up for all my devices at once.
Before setting up the docker image, let us first figure out how we can easily configure this via environment variables. Whoogle support many of them, so it’s good to know how to deal with that right away.
One issue is when setting the colour theme, which spans many lines, since docker cannot
pass newlines from variables in --env-file
files. We solve this with a handy little
script called dockerize-env. It’s
described how to use it in the script, but in short, you define all variables in .env
:
Then you run
So what is the container we are running? The image is called benbusby/whoogle-search
,
so we first pull it down with
before we fix our environment variables and start the container:
At this point, a whoogle search should be available at
http://localhost:5000
!
The tricky part for me was to understand how I would take this to my server where I am running Nginx as a reverse proxy server with https using certbot, when I am not just pointing to local files, but are running software in a container. Suddenly you have to deal with the IP address of the container and different ports that the image expects.
I first got started with my website by following along the guide at
landchad.net, which is why I’m using Vultr and Nginx (and
Epik) in the first place. This also means that my static site
at eirik.re is configured via a file in /etc/nginx/sites-available/
as
So, what do we need to adjust in this to have a new file for our whoogle subdomain?
From the domain registrars point of view, I didn’t need to do anything. Following the landchad.net guide will make us redirect all subdomains to nginx, and if they are not configured, show us the default error message:
You can see a live example by visiting any subdomain that is not yet configured, for example no-subdomain-here.eirik.re.
Therefore, after running the commands from before, but this time on my server
I checked which IP address the docker container was using:
The ip a
command gives a lot of output, but you can find docker listed there, and
after inet
on the second line of the docker block, we find the IP address as
172.17.0.1
! From the Whoogle README we actually do get an Nginx configuration
file that “works”, but having the
actual IP address was crucial to get certbot
to accept it. So we make a tiny change to
the config file, so that it now reads
The important change here is that instead of using localhost
, we use the IP of our
docker container. (I also tried to use both proxy_pass
variables, but that doesn’t
work. You can only have one proxy_pass
variable.) We then save this to
/etc/nginx/sites-available/whoogle
and symlink it to sites-enabled
with
Let us now restart Nginx so that it is aware of our new site
and then run certbot
to get our certificates and make the site use https
Let us spectate the greate success!
To get it all working, some guides were particularly useful, other than what I have linked to throughout the post so far. This guide on the nginx reverse proxy is super useful to understand what should go in the Nginx configuration file, and then the same site has a guide on how to set up whoogle search with docker. Still, the maybe most useful to me was to watch this guy do this exact thing, but using GUIs instead of the command line.