> For the complete documentation index, see [llms.txt](https://docs.cherry-ai.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.cherry-ai.com/docs/en-us/pre-basic/websearch/searxng.md). # Local Deployment and Configuration of SearXNG CherryStudio supports web search through SearXNG. SearXNG is an open-source project that can be deployed locally or on a server, so it is slightly different from other configuration methods that require an API provider. **SearXNG project link**:[SearXNG](https://github.com/searxng/searxng) ## Advantages of SearXNG * Open source and free, no API required * Relatively high privacy * Highly customizable ## Local deployment ### 1. Direct Docker deployment Since SearXNG does not require a complex environment setup, you do not need docker compose. You only need to provide an available port to deploy it, so the fastest way is to use Docker to pull the image directly and deploy it. #### 1. Download, install, and configure [docker](https://www.docker.com/)

After installation, choose an image storage path:

#### 2. Search for and pull the SearXNG image Enter in the search bar **searxng** :

Pull the image:

#### 3. Run the image After the pull succeeds, go to the **images** page:

Select the pulled image and click Run:

Open the settings item to configure:

Using `8085` port as an example:

After it runs successfully, click the link to open the SearXNG frontend:

If this page appears, deployment was successful:

## Server deployment Given that installing Docker on Windows is rather troublesome, users can deploy SearXNG on a server and share it with others as well. Unfortunately, SearXNG itself does not currently support authentication, which allows others to scan and abuse your deployed instance through technical means. For this reason, Cherry Studio now supports configuring [HTTP Basic Authentication (RFC7617)](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Guides/Authentication), if you want to expose your self-hosted SearXNG to the public network, please**be sure to**configure HTTP Basic Authentication through a reverse proxy such as Nginx. A brief tutorial is provided below; you need basic Linux operations and maintenance knowledge. ### Deploy SearXNG Similarly, Docker is still used for deployment. Assuming you have already followed the[official tutorial](https://docs.docker.com/engine/install)to install the latest Docker CE on the server, here is a one-stop command for a fresh installation on Debian systems: ```bash sudo apt update sudo apt install git -y # Pull the official repository cd /opt git clone https://github.com/searxng/searxng-docker.git cd /opt/searxng-docker # If your server has very limited bandwidth, you can set this to false export IMAGE_PROXY=true # Modify the configuration file cat < /opt/searxng-docker/searxng/settings.yml # see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings use_default_settings: true server: # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml secret_key: $(openssl rand -hex 32) limiter: false # can be disabled for a private instance image_proxy: $IMAGE_PROXY ui: static_use_hash: true redis: url: redis://redis:6379/0 search: formats: - html - json EOF ``` If you need to change the local listening port or reuse an existing local nginx, you can edit `docker-compose.yaml` file, see the following example: ```yaml version: "3.7" services: # If you do not need Caddy and want to reuse an existing local Nginx, remove the following part. By default, we do not need Caddy. caddy: container_name: caddy image: docker.io/library/caddy:2-alpine network_mode: host restart: unless-stopped volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro - caddy-data:/data:rw - caddy-config:/config:rw environment: - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost} - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal} cap_drop: - ALL cap_add: - NET_BIND_SERVICE logging: driver: "json-file" options: max-size: "1m" max-file: "1" # If you do not need Caddy and want to reuse an existing local Nginx, remove the above part. By default, we do not need Caddy. redis: container_name: redis image: docker.io/valkey/valkey:8-alpine command: valkey-server --save 30 1 --loglevel warning restart: unless-stopped networks: - searxng volumes: - valkey-data2:/data cap_drop: - ALL cap_add: - SETGID - SETUID - DAC_OVERRIDE logging: driver: "json-file" options: max-size: "1m" max-file: "1" searxng: container_name: searxng image: docker.io/searxng/searxng:latest restart: unless-stopped networks: - searxng # By default it maps to port 8080 on the host machine. If you want to listen on 8000, change it to "127.0.0.1:8000:8080" ports: - "127.0.0.1:8080:8080" volumes: - ./searxng:/etc/searxng:rw environment: - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/ - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4} - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4} cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID logging: driver: "json-file" options: max-size: "1m" max-file: "1" networks: searxng: volumes: # If you do not need Caddy and want to reuse an existing local Nginx, remove the following part caddy-data: caddy-config: # If you do not need Caddy and want to reuse an existing local Nginx, remove the above part valkey-data2: ``` Run `docker compose up -d` to start. Run `docker compose logs -f searxng` to view the logs. ### Deploy Nginx reverse proxy and HTTP Basic Authentication If you are using a server panel program, such as BaoTa Panel or 1Panel, please refer to its documentation to add a website and configure an nginx reverse proxy. Then find where you can modify the nginx configuration file and make changes according to the example below: ```conf server { listen 443 ssl; # This line is your hostname server_name search.example.com; # index index.html; # root /data/www/default; # If SSL is configured, these two lines should be present ssl_certificate /path/to/your/cert/fullchain.pem; ssl_certificate_key /path/to/your/cert/privkey.pem; # HSTS # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; # By default, when configuring a reverse proxy through the panel, the default location block is like this location / { # Just add the following two lines to the location block; keep the rest unchanged. # This example assumes your configuration file is saved in the /etc/nginx/conf.d/ directory. # If it is BaoTa, it may be saved in a directory such as /www; note that. auth_basic "Please enter your username and password"; auth_basic_user_file /etc/nginx/conf.d/search.htpasswd; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_protocol_addr; proxy_pass http://127.0.0.1:8000; client_max_body_size 0; } # access_log ...; # error_log ...; } ``` Assuming the Nginx configuration file is saved under `/etc/nginx/conf.d` we will save the password file in the same directory. Run the command (replace `example_name`、`example_password` with the username and password you want to set): ```bash echo "example_name:$(openssl passwd -5 'example_password')" > /etc/nginx/conf.d/search.htpasswd ``` Restart Nginx (reloading the configuration is also fine). At this point, you can open the webpage. It should prompt you to enter a username and password. Enter the username and password you set earlier to see whether you can successfully enter the SearXNG search page, thereby checking whether the configuration is correct.

## Cherry Studio related configuration After SearXNG has been successfully deployed locally or on a server, the next step is the related Cherry Studio configuration. Go to the web search settings page and select Searxng:

If you enter the locally deployed link directly, validation will fail. Do not worry at this point:

Because after direct deployment, the json return type is not configured by default, so data cannot be obtained; you need to modify the configuration file. Go back to Docker, go to the Files tab, and find the labeled folder in the image:

After expanding it, continue scrolling down, and you will find another labeled folder:

Continue expanding and find **settings.yml** configuration file:

Click to open the file editor:

Find line 78; you can see that the only type is html

Add the json type, save it, and rerun the image

Go back to Cherry Studio to verify again; verification succeeded:

The address can be local: : port number\ It can also be a docker address: : port number If the user follows the previous example to deploy on a server and configures the reverse proxy correctly, json return type has already been enabled. After entering the address and verifying, because HTTP Basic Authentication has been configured for the reverse proxy, verification should now return error code 401:

Configure HTTP Basic Authentication on the client side and enter the username and password you just set:

Verify, and it should succeed. ### Other configurations At this point, SearXNG already has the ability to search the web by default. If you need to customize the search engines, you need to configure them yourself Note that the preferences here do not affect the configuration used when calling the large model

If you need to configure the search engines used by large model calls, set the following in the configuration file:

Configuration language reference:

If the content is too long and inconvenient to edit directly, you can copy it into a local IDE, modify it, and then paste it back into the configuration file. ## Common causes of verification failure ### The return format does not include json Add json to the return format in the configuration file:

### Search engine not configured correctly Cherry Studio will, by default, select engines whose categories include both web and general for search. Under normal circumstances, engines such as Google will be selected, but because mainland China cannot directly access sites such as Google, this leads to failure. Add the following configuration to force searxng to use the baidu engine, and the problem can be solved: ``` use_default_settings: engines: keep_only: - baidu engines: - name: baidu engine: baidu categories: - web - general disabled: false ``` ### Access rate too fast The limiter configuration in searxng is blocking API access. Please try setting it to false in the settings:

*** ### 💡 Get help and submit feedback If you encounter any questions, bugs, or have suggestions for feature improvements during configuration or use, please refer to [Feedback and Suggestions](/docs/en-us/question-contact/suggestions.md) the official channels provided there. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.cherry-ai.com/docs/en-us/pre-basic/websearch/searxng.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.