fix(searxng): provide hardcoded default SEARXNG_SECRET for zero-config startup

`${SEARXNG_SECRET:?...}` made the variable mandatory at compose parse time, which forced *any* compose command (default profile included) to fail when SEARXNG_SECRET was unset, with a message confusingly claiming the searxng profile was being started. Switch to `${SEARXNG_SECRET:-weknora-default-searxng-secret-...}` so the searxng profile starts zero-config. Default deployments bind searxng to 127.0.0.1 only, so a shared default secret is acceptable; .env.example now explicitly warns to rotate it before flipping SEARXNG_BIND=0.0.0.0, since secret_key signs image-proxy URLs.
2026-06-04 13:30:32 +08:00 · 2026-05-11 16:50:07 +08:00
parent 5fb7e692e5
commit 6b812a54d2
3 changed files with 12 additions and 5 deletions
--- a/.env.example
+++ b/.env.example
@@ -204,9 +204,11 @@ SYSTEM_AES_KEY=weknora-system-aes-key-32bytes!!
 # SSRF_WHITELIST=internal.service,*.corp.example,172.16.0.0/12,2001:db8::1,fd00::/8

 # ===== SearXNG（可选自建网络搜索）=====
-# 启用：先生成强随机 SEARXNG_SECRET，再 `docker compose --profile searxng up -d`。
-#   openssl rand -hex 32
-# 没有 SEARXNG_SECRET 时 docker compose 会主动报错，避免使用公开默认值。
+# 启用：`docker compose --profile searxng up -d`。
+# SEARXNG_SECRET 不设时使用 docker-compose 中的写死默认值，足够本机/loopback
+# 部署使用；如果改 SEARXNG_BIND=0.0.0.0 把实例暴露到 LAN/公网，请务必用
+# `openssl rand -hex 32` 生成并显式设置 SEARXNG_SECRET，否则默认值会被任何人
+# 用于签名 image-proxy URL。
 #
 # 后端访问方式（容器化部署）：控制台中 Provider 类型选 "SearXNG"，
 # Instance URL 填 http://searxng:8080 ；docker compose 已默认把 `searxng` 主机名
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -63,7 +63,8 @@ services:
    environment:
      - SEARXNG_BASE_URL=http://localhost:${SEARXNG_PORT:-8888}/
      - INSTANCE_NAME=weknora-searxng-dev
-      - SEARXNG_SECRET=${SEARXNG_SECRET:?SEARXNG_SECRET must be set (e.g. openssl rand -hex 32) before starting the searxng profile}
+      # See docker-compose.yml for rationale on the default secret.
+      - SEARXNG_SECRET=${SEARXNG_SECRET:-weknora-default-searxng-secret-rotate-before-exposing-publicly}
    cap_drop:
      - ALL
    cap_add:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -272,7 +272,11 @@ services:
    environment:
      - SEARXNG_BASE_URL=http://localhost:${SEARXNG_PORT:-8888}/
      - INSTANCE_NAME=weknora-searxng
-      - SEARXNG_SECRET=${SEARXNG_SECRET:?SEARXNG_SECRET must be set (e.g. openssl rand -hex 32) before starting the searxng profile}
+      # Default value lets `docker compose --profile searxng up` work zero-config.
+      # Override via .env (e.g. `openssl rand -hex 32`) before exposing the
+      # instance beyond the default 127.0.0.1 bind, since secret_key signs
+      # image-proxy URLs and a shared default would be guessable by anyone.
+      - SEARXNG_SECRET=${SEARXNG_SECRET:-weknora-default-searxng-secret-rotate-before-exposing-publicly}
    cap_drop:
      - ALL
    cap_add: