private-engines.rst.txt 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. ==================================
  2. Limit access to your searx engines
  3. ==================================
  4. Administrators might find themselves wanting to limit access to some of the
  5. enabled engines on their instances. It might be because they do not want to
  6. expose some private information through an offline engine. Or they
  7. would rather share engines only with their trusted friends or colleagues.
  8. .. _private engines:
  9. Private engines
  10. ===============
  11. To solve this issue private engines were introduced in :pull:`1823`.
  12. A new option was added to engines named `tokens`. It expects a list
  13. of strings. If the user making a request presents one of the tokens
  14. of an engine, they can access information about the engine
  15. and make search requests.
  16. Example configuration to restrict access to the Arch Linux Wiki engine:
  17. .. code:: yaml
  18. - name : arch linux wiki
  19. engine : archlinux
  20. shortcut : al
  21. tokens : [ 'my-secret-token' ]
  22. Unless a user has configured the right token, the engine is going
  23. to be hidden from him/her. It is not going to be included in the
  24. list of engines on the Preferences page and in the output of
  25. `/config` REST API call.
  26. Tokens can be added to one's configuration on the Preferences page
  27. under "Engine tokens". The input expects a comma separated list of
  28. strings.
  29. The distribution of the tokens from the administrator to the users
  30. is not carved in stone. As providing access to such engines
  31. implies that the admin knows and trusts the user, we do not see
  32. necessary to come up with a strict process. Instead,
  33. we would like to add guidelines to the documentation of the feature.
  34. Next steps
  35. ==========
  36. Now that searx has support for both offline engines and private engines,
  37. it is possible to add concrete engines which benefit from these features.
  38. For example engines which search on the local host running the instance.
  39. Be it searching your file system or querying a private database. Be creative
  40. and come up with new solutions which fit your use case.
  41. Acknowledgement
  42. ===============
  43. This development was sponsored by `Search and Discovery Fund`_ of `NLnet Foundation`_ .
  44. .. _Search and Discovery Fund: https://nlnet.nl/discovery
  45. .. _NLnet Foundation: https://nlnet.nl/
  46. | Happy hacking.
  47. | kvch // 2020.02.28 22:26