I hosted searxng on portainer and receive PermissionError and no python application found error
Log:
PermissionError: [Errno 13] Permission denied: '/etc/searxng/settings.yml'
unable to load app 0 (mountpoint='') (callable not found or import error)
*** no app loaded. going in full dynamic mode ***
--- no python application found, check your startup logs for errors ---
[pid: 19|app: -1|req: -1/1] 127.0.0.1 () {28 vars in 330 bytes} [Sat May 17 05:06:00 2025] HEAD /healthz => generated 21 bytes in 0 msecs (HTTP/1.1 500) 3 headers in 102 bytes (0 switches on core 0)
I tried removing cap_drop (as instructed on https://github.com/searxng/searxng-docker/issues/115) but no luck
version: "3.7"
services:
# caddy:
# container_name: caddy
# image: docker.io/library/caddy:2-alpine
# network_mode: host
# restart: unless-stopped
# volumes:
# - ./Caddyfile:/etc/caddy/Caddyfile:ro
# - caddy-data:/data:rw
# - caddy-config:/config:rw
# environment:
# # - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost/}
# - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
# cap_drop:
# - ALL
# cap_add:
# - NET_BIND_SERVICE
# logging:
# driver: "json-file"
# options:
# max-size: "1m"
# max-file: "1"
redis:
container_name: redis
image: docker.io/valkey/valkey:8-alpine
command: valkey-server --save 30 1 --loglevel warning
restart: unless-stopped
networks:
- searxng
volumes:
- valkey-data2:/data
# cap_drop:
# - ALL
cap_add:
- SETGID
- SETUID
- DAC_OVERRIDE
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
searxng:
container_name: searxng
image: docker.io/searxng/searxng:latest
restart: unless-stopped
networks:
- searxng
ports:
# - "127.0.0.1:8080:8080"
- "20054:8080"
volumes:
- ./searxng:/etc/searxng:rw
environment:
# - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
- SEARXNG_BASE_URL="http://mydomain:20054/"
- UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4}
- UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4}
# cap_drop:
# - ALL
cap_add:
- CHOWN
- SETGID
- SETUID
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
networks:
searxng:
volumes:
# caddy-data:
# caddy-config:
valkey-data2:
thx a lot!
I think I do have permission to the directory?
~ # ls -la /etc/searxng total 72 drwx------ 1 1026 100 42 May 17 04:49 . drwxr-xr-x 1 root root 494 May 17 05:24 .. ---------- 1 root root 68667 May 17 04:49 settings.yml ---------- 1 root root 1223 May 17 04:49 uwsgi.ini___
Taking a look at your
docker-compose.ymlI see this volume mount:Whereas
/volume1/SN/Docker/searxng-stack/searxngis the directory on your system docker is attempting to use to store the files inside the container from/etc/searxng.Example of a volume mount that’ll likely work better for you;
The tilde (~) acts as your current users home directorynot owned by root and where docker persistent volumes should be stored.(aka: /home/YourUser)Edit: I feel like I was wrong here, given that your run
sudoindocker compose up -dthe tilde will likely not work here and instead point to the/rootdirectory instead. I’ve updated the above to reflect the appropriate directory for your volume mount.After making the change over to that directory and configuring SearXNG how you like re-create your docker container with
sudo docker compose up -d —force-recreateApologies for the poor formatting, typing this on mobile.
Edit:
Note: if you want to expose the port do not add the
127.0.0.1like how I have in mydocker-compose.yml.Edit 2: Corrected some things…
Thank you so much, sorry it’s taken so long to reply. I still haven’t had the time, but I will take a closer look when I get the chance.