dkaser · October 17, 2025 02:27
diff --git a/searxng-tailscale-compose.yaml b/searxng-tailscale-compose.yaml
 volumes:
  data:
  etc:
  tailscale:
  valkey-data2:

 services:
  searxng:
    restart: always
    image: docker.io/searxng/searxng:latest
    environment:
      USER_UID: 1000
      USER_GID: 1000
      SEARXNG_BASE_URL: https://${SEARXNG_HOSTNAME:-localhost}/
      SEARXNG_IMAGE_PROXY: true
    network_mode: "service:tailscale"
    volumes:
      - etc:/etc/searxng:rw
      - data:/var/cache/searxng:rw

  redis:
    container_name: redis
    image: docker.io/valkey/valkey:8-alpine
    command: valkey-server --save 30 1 --loglevel warning
    restart: unless-stopped
    volumes:
      - valkey-data2:/data

  tailscale:
    restart: always
    image: tailscale/tailscale@sha256:360e10ad95ad03950f66df03e0dab66287f9f89076ee4012d50bc6adceafcdf3
    privileged: true
    volumes:
      - tailscale:/var/lib/tailscale
      - /dev/net/tun:/dev/net/tun
    environment:
      TS_STATE_DIR: /var/lib/tailscale
      TS_ACCEPT_DNS: false
      TS_AUTH_ONCE: true
      TS_USERSPACE: false
      TS_AUTHKEY: $TS_AUTHKEY
      TS_HOSTNAME: search
      TS_EXTRA_ARGS: "--exit-node=$TS_EXIT_NODE --exit-node-allow-lan-access"
      TS_SERVE_CONFIG: /etc/tailscale/serve.json
    configs:
      - source: serve-config
        target: /etc/tailscale/serve.json

 configs:
  serve-config:
    content: |
      {
        "TCP": {
          "443": {
            "HTTPS": true
          }
        },
        "Web": {
          "$${TS_CERT_DOMAIN}:443": {
            "Handlers": {
              "/": {
                "Proxy": "http://127.0.0.1:8080"
              }
            }
          }
        }
      }
	volumes:
	data:
	etc:
	tailscale:
	valkey-data2:

	services:
	searxng:
	restart: always
	image: docker.io/searxng/searxng:latest
	environment:
	USER_UID: 1000
	USER_GID: 1000
	SEARXNG_BASE_URL: https://${SEARXNG_HOSTNAME:-localhost}/
	SEARXNG_IMAGE_PROXY: true
	network_mode: "service:tailscale"
	volumes:
	- etc:/etc/searxng:rw
	- data:/var/cache/searxng:rw

	redis:
	container_name: redis
	image: docker.io/valkey/valkey:8-alpine
	command: valkey-server --save 30 1 --loglevel warning
	restart: unless-stopped
	volumes:
	- valkey-data2:/data

	tailscale:
	restart: always
	image: tailscale/tailscale@sha256:360e10ad95ad03950f66df03e0dab66287f9f89076ee4012d50bc6adceafcdf3
	privileged: true
	volumes:
	- tailscale:/var/lib/tailscale
	- /dev/net/tun:/dev/net/tun
	environment:
	TS_STATE_DIR: /var/lib/tailscale
	TS_ACCEPT_DNS: false
	TS_AUTH_ONCE: true
	TS_USERSPACE: false
	TS_AUTHKEY: $TS_AUTHKEY
	TS_HOSTNAME: search
	TS_EXTRA_ARGS: "--exit-node=$TS_EXIT_NODE --exit-node-allow-lan-access"
	TS_SERVE_CONFIG: /etc/tailscale/serve.json
	configs:
	- source: serve-config
	target: /etc/tailscale/serve.json

	configs:
	serve-config:
	content: \|
	{
	"TCP": {
	"443": {
	"HTTPS": true
	}
	},
	"Web": {
	"$${TS_CERT_DOMAIN}:443": {
	"Handlers": {
	"/": {
	"Proxy": "http://127.0.0.1:8080"
	}
	}
	}
	}
	}