utils/morty.sh: add script to install morty result proxy

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>

utils/dot_config

@@ -1,9 +1,17 @@
 # -*- coding: utf-8; mode: sh -*-
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
-# environment used by utils scripts like filtron.sh or searx.sh
-#
+# This environment is used by ./utils scripts like filtron.sh or searx.sh.  The
+# default values are *most flexible* and *best maintained*, you normally not
+# need to change them.  Before you change any value here you have to uninstall
+# any previous installation.  It is recommended to backup your changes simply by
+# adding them to you local brand (git branch).
 
-# the public URL of the searx instance
+# The public URL of the searx instance
 PUBLIC_URL="${PUBLIC_URL:-http://$(uname -n)/searx}"
 PUBLIC_HOST="${PUBLIC_HOST:-$(echo "$PUBLIC_URL" | sed -e 's/[^/]*\/\/\([^@]*@\)\?\([^:/]*\).*/\2/')}"
+
+# Run all services by one account, but be aware that removing discrete
+# components might conflict!   **experimental**
+#
+# SERVICE_USER=service_account42

utils/filtron.sh

@@ -24,9 +24,11 @@ FILTRON_LISTEN="127.0.0.1:4004"
 FILTRON_TARGET="127.0.0.1:8888"
 
 SERVICE_NAME="filtron"
-SERVICE_USER="${SERVICE_NAME}"
+SERVICE_USER="${SERVICE_USER:-${SERVICE_NAME}}"
 SERVICE_HOME="/home/${SERVICE_USER}"
 SERVICE_SYSTEMD_UNIT="${SYSTEMD_UNITS}/${SERVICE_NAME}.service"
+# shellcheck disable=SC2034
+SERVICE_GROUP="${SERVICE_USER}"
 
 # shellcheck disable=SC2034
 SERVICE_GROUP="${SERVICE_USER}"
@@ -52,7 +54,7 @@ usage() {
     # shellcheck disable=SC1117
     cat <<EOF
 
-usage:
+usage::
 
   $(basename "$0") shell
   $(basename "$0") install    [all|user]
@@ -64,12 +66,11 @@ usage:
   $(basename "$0") option     [debug-on|debug-off]
   $(basename "$0") apache     [install|remove]
 
-
 shell
   start interactive shell from user ${SERVICE_USER}
 install / remove
-  all:        complete setup of filtron service
-  user:       add/remove service user '$SERVICE_USER' at $SERVICE_HOME
+  :all:        complete setup of filtron service
+  :user:       add/remove service user '$SERVICE_USER' at $SERVICE_HOME
 update filtron
   Update filtron installation of user ${SERVICE_USER}
 activate service
@@ -80,12 +81,11 @@ inspect service
   show service status and log
 option
   set one of the available options
-apache
-  install: apache site with a reverse proxy (ProxyPass)
-  remove:  apache site ${APACHE_FILTRON_SITE}
+apache : ${PUBLIC_URL}
+  :install: apache site with a reverse proxy (ProxyPass)
+  :remove:  apache site ${APACHE_FILTRON_SITE}
 
-If needed change the environment variable PUBLIC_URL of your WEB service in the
-${DOT_CONFIG#"$REPO_ROOT/"} file:
+If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"}' file::
 
   PUBLIC_URL   : ${PUBLIC_URL}
   PUBLIC_HOST  : ${PUBLIC_HOST}
@@ -203,8 +203,9 @@ remove_all() {
 It goes without saying that this script can only be used to remove
 installations that were installed with this script."
 
-    systemd_remove_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"
-    wait_key
+    if ! systemd_remove_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"; then
+        return 42
+    fi
     drop_service_account "${SERVICE_USER}"
     rm -r "$FILTRON_ETC" 2>&1 | prefix_stdout
     if service_is_available "${PUBLIC_URL}"; then
@@ -231,7 +232,7 @@ export PATH=\$PATH:\$HOME/local/go/bin:\$GOPATH/bin
 EOF
     echo "Environment $GO_ENV has been setup."
 
-    tee_stderr <<EOF | sudo -i -u $SERVICE_USER
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER"
 grep -qFs -- 'source $GO_ENV' ~/.profile || echo 'source $GO_ENV' >> ~/.profile
 EOF
 }
@@ -241,10 +242,12 @@ filtron_is_installed() {
     [[ -f $SERVICE_HOME/go-apps/bin/filtron ]]
 }
 
+_svcpr="  |${SERVICE_USER}| "
+
 install_filtron() {
     rst_title "Install filtron in user's ~/go-apps" section
     echo
-    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_service_prefix"
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
 go get -v -u github.com/asciimoo/filtron
 EOF
     install_template --no-eval "$FILTRON_RULES" root root 644
@@ -253,7 +256,7 @@ EOF
 update_filtron() {
     rst_title "Update filtron" section
     echo
-    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_service_prefix"
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
 go get -v -u github.com/asciimoo/filtron
 EOF
 }
@@ -301,12 +304,14 @@ EOF
         err_msg "Filtron does not listening on: http://${FILTRON_LISTEN}"
     fi
 
-    if ! service_is_available ""http://${FILTRON_TARGET}"" ; then
+    if service_is_available ""http://${FILTRON_TARGET}"" ; then
         info_msg "Filtron's target is available at: http://${FILTRON_TARGET}"
     fi
 
     if ! service_is_available "${PUBLIC_URL}"; then
         err_msg "Public service at ${PUBLIC_URL} is not available!"
+        echo -e "${_Green}stop with [${_BCyan}CTRL-C${_Green}] or .."
+        wait_key
     fi
 
     local _debug_on
@@ -316,15 +321,17 @@ EOF
     fi
 
     echo
-    systemctl --no-pager -l status filtron.service
+    systemctl --no-pager -l status "${SERVICE_NAME}"
     echo
+
+    info_msg "public URL --> ${PUBLIC_URL}"
     # shellcheck disable=SC2059
     printf "// use ${_BCyan}CTRL-C${_creset} to stop monitoring the log"
     read -r -s -n1 -t 2
     echo
     while true;  do
         trap break 2
-        journalctl -f -u filtron
+        journalctl -f -u "${SERVICE_NAME}"
     done
 
     if [[ $_debug_on == 1 ]]; then

utils/lib.sh

@@ -112,9 +112,9 @@ rst_title() {
     # usage: rst_title <header-text> [part|chapter|section]
 
     case ${2-chapter} in
-        part)     printf "\n${_BGreen}${1//?/=}\n$1\n${1//?/=}${_creset}\n";;
-        chapter)  printf "\n${_BGreen}${1}\n${1//?/=}${_creset}\n";;
-        section)  printf "\n${_BGreen}${1}\n${1//?/-}${_creset}\n";;
+        part)     printf "\n${_BGreen}${1//?/=}\n${_BCyan}${1}${_BGreen}\n${1//?/=}${_creset}\n";;
+        chapter)  printf "\n${_BCyan}${1}\n${_BGreen}${1//?/=}${_creset}\n";;
+        section)  printf "\n${_BCyan}${1}\n${_BGreen}${1//?/-}${_creset}\n";;
         *)
             err_msg "invalid argument '${2}' in line $(caller)"
             return 42
@@ -169,7 +169,9 @@ ask_yn() {
     local _t=$3
     [[ ! -z $FORCE_TIMEOUT ]] && _t=$FORCE_TIMEOUT
     [[ ! -z $_t ]] && _t="-t $_t"
-    case "${2}" in
+    case "${FORCE_SELECTION:-${2}}" in
+        Y) return ${EXIT_YES} ;;
+        N) return ${EXIT_NO} ;;
         Yn)
             local exit_val=${EXIT_YES}
             local choice="[${_BGreen}YES${_creset}/no]"
@@ -229,7 +231,7 @@ tee_stderr () {
 prefix_stdout () {
     # usage: <cmd> | prefix_stdout [prefix]
 
-    local prefix="  | "
+    local prefix="${_BYellow}-->|${_creset}"
 
     if [[ ! -z $1 ]] ; then prefix="${_BYellow}$1${_creset}"; fi
 
@@ -433,7 +435,7 @@ install_template() {
                 ;;
             "interactiv shell")
                 echo "// edit ${dst} to your needs"
-                echo "// exit with ${_BCyan}CTRL-D${_creset}"
+                echo -e "// exit with [${_BCyan}CTRL-D${_creset}]"
                 sudo -H -u "${owner}" -i
                 $DIFF_CMD "${dst}" "${template_file}"
                 echo
@@ -487,14 +489,14 @@ install_go() {
 
     # usage:  install_go "${GO_PKG_URL}" "${GO_TAR}" "${SERVICE_USER}"
 
-    local _service_prefix="  |${3}| "
+    local _svcpr="  |${3}| "
 
     rst_title "Install Go in user's HOME" section
 
     rst_para "download and install go binary .."
     cache_download "${1}" "${2}"
 
-    tee_stderr 0.1 <<EOF | sudo -i -u "${3}" | prefix_stdout "$_service_prefix"
+    tee_stderr 0.1 <<EOF | sudo -i -u "${3}" | prefix_stdout "$_svcpr"
 echo \$PATH
 echo \$GOPATH
 mkdir -p \$HOME/local
@@ -533,7 +535,7 @@ interactive_shell(){
 
     # usage:  interactive_shell "${SERVICE_USER}"
 
-    echo "// exit with ${_BCyan}CTRL-D${_creset}"
+    echo -e "// exit with [${_BCyan}CTRL-D${_creset}]"
     sudo -H -u "${1}" -i
 }
 
@@ -558,8 +560,8 @@ systemd_remove_service() {
 
     # usage:  systemd_remove_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"
 
-    if ! ask_yn "Do you really want to deinstall ${1}?"; then
-        return
+    if ! ask_yn "Do you really want to deinstall systemd unit ${1}?"; then
+        return 42
     fi
     systemd_deactivate_service "${1}"
     rm "${2}"  2>&1 | prefix_stdout
@@ -845,14 +847,14 @@ git_clone() {
 
     if [[ -d "${dest}" ]] ; then
         info_msg "already cloned: $dest"
-	tee_stderr 0.1 <<EOF | $bash_cmd 2>&1 |  prefix_stdout "  |$user| "
+        tee_stderr 0.1 <<EOF | $bash_cmd 2>&1 |  prefix_stdout "  |$user| "
 cd "${dest}"
 git checkout -m -B "$branch" --track "$remote/$branch"
 git pull --all
 EOF
     else
         info_msg "clone into: $dest"
-	tee_stderr 0.1 <<EOF | $bash_cmd 2>&1 |  prefix_stdout "  |$user| "
+        tee_stderr 0.1 <<EOF | $bash_cmd 2>&1 |  prefix_stdout "  |$user| "
 mkdir -p "$(dirname "$dest")"
 cd "$(dirname "$dest")"
 git clone --branch "$branch" --origin "$remote" "$url" "$(basename "$dest")"

utils/morty.sh

@@ -0,0 +1,382 @@
+#!/usr/bin/env bash
+# -*- coding: utf-8; mode: sh indent-tabs-mode: nil -*-
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
+# shellcheck source=utils/lib.sh
+source "$(dirname "${BASH_SOURCE[0]}")/lib.sh"
+source_dot_config
+
+# ----------------------------------------------------------------------------
+# config
+# ----------------------------------------------------------------------------
+
+PUBLIC_URL_PATH_MORTY="/morty"
+PUBLIC_URL_MORTY="$(dirname ${PUBLIC_URL})${PUBLIC_URL_PATH_MORTY}"
+
+MORTY_LISTEN="${MORTY_LISTEN:-127.0.0.1:3000}"
+MORTY_TIMEOUT=5
+
+SERVICE_NAME="morty"
+SERVICE_USER="${SERVICE_USER:-${SERVICE_NAME}}"
+SERVICE_HOME="/home/${SERVICE_USER}"
+SERVICE_SYSTEMD_UNIT="${SYSTEMD_UNITS}/${SERVICE_NAME}.service"
+# shellcheck disable=SC2034
+SERVICE_GROUP="${SERVICE_USER}"
+SERVICE_ENV_DEBUG=false
+
+GO_ENV="${SERVICE_HOME}/.go_env"
+GO_PKG_URL="https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz"
+GO_TAR=$(basename "$GO_PKG_URL")
+
+# shellcheck disable=SC2034
+CONFIG_FILES=()
+
+# Apache Settings
+
+APACHE_MORTY_SITE="morty.conf"
+
+# ----------------------------------------------------------------------------
+usage() {
+# ----------------------------------------------------------------------------
+
+    # shellcheck disable=SC1117
+    cat <<EOF
+
+usage::
+
+  $(basename "$0") shell
+  $(basename "$0") install    [all|user]
+  $(basename "$0") update     [morty]
+  $(basename "$0") remove     [all]
+  $(basename "$0") activate   [service]
+  $(basename "$0") deactivate [service]
+  $(basename "$0") inspect    [service]
+  $(basename "$0") option     [debug-on|debug-off]
+  $(basename "$0") apache     [install|remove]
+
+shell
+  start interactive shell from user ${SERVICE_USER}
+install / remove
+  all:        complete setup of morty service
+  user:       add/remove service user '$SERVICE_USER' at $SERVICE_HOME
+update morty
+  Update morty installation of user ${SERVICE_USER}
+activate service
+  activate and start service daemon (systemd unit)
+deactivate service
+  stop and deactivate service daemon (systemd unit)
+inspect service
+  show service status and log
+option
+  set one of the available options
+apache : ${PUBLIC_URL_MORTY}
+  :install: apache site with a reverse proxy (ProxyPass)
+  :remove:  apache site ${APACHE_MORTY_SITE}
+
+If needed, set the environment variable MORTY_LISTEN in the
+${DOT_CONFIG#"$REPO_ROOT/"} file::
+
+  MORTY_LISTEN :   ${MORTY_LISTEN}
+
+To activate morty in searx, add result_proxy to your settings.yml::
+
+  result_proxy:
+      url : ${PUBLIC_URL_MORTY}
+
+further read: https://asciimoo.github.io/searx/admin/morty.html
+
+EOF
+    [ ! -z ${1+x} ] &&  echo -e "$1"
+}
+
+main() {
+    rst_title "$SERVICE_NAME" part
+
+    required_commands \
+        dpkg apt-get install git wget curl \
+        || exit
+
+    local _usage="ERROR: unknown or missing $1 command $2"
+
+    case $1 in
+        --source-only)  ;;
+        -h|--help) usage; exit 0;;
+
+        shell)
+            sudo_or_exit
+            interactive_shell "${SERVICE_USER}"
+            ;;
+        inspect)
+            case $2 in
+                service)
+                    sudo_or_exit
+                    inspect_service
+                    ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        install)
+            sudo_or_exit
+            case $2 in
+                all) install_all ;;
+                user) assert_user ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        update)
+            sudo_or_exit
+            case $2 in
+                morty) update_morty ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        remove)
+            sudo_or_exit
+            case $2 in
+                all) remove_all;;
+                user) drop_service_account "${SERVICE_USER}" ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        activate)
+            sudo_or_exit
+            case $2 in
+                service)  systemd_activate_service "${SERVICE_NAME}" ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        deactivate)
+            sudo_or_exit
+            case $2 in
+                service)  systemd_deactivate_service "${SERVICE_NAME}" ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        apache)
+            sudo_or_exit
+            case $2 in
+                install) install_apache_site ;;
+                remove) remove_apache_site ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+        option)
+            sudo_or_exit
+            case $2 in
+                debug-on)  enable_debug ;;
+                debug-off)  disable_debug ;;
+                *) usage "$_usage"; exit 42;;
+            esac ;;
+
+        *) usage "ERROR: unknown or missing command $1"; exit 42;;
+    esac
+}
+
+install_all() {
+    rst_title "Install $SERVICE_NAME (service)"
+    assert_user
+    wait_key
+    install_go "${GO_PKG_URL}" "${GO_TAR}" "${SERVICE_USER}"
+    wait_key
+    install_morty
+    wait_key
+    systemd_install_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"
+    wait_key
+    echo
+    if ! service_is_available "http://${MORTY_LISTEN}" ; then
+        err_msg "Morty does not listening on: http://${MORTY_LISTEN}"
+    fi
+    if ask_yn "Do you want to inspect the installation?" Yn; then
+        inspect_service
+    fi
+
+}
+
+remove_all() {
+    rst_title "De-Install $SERVICE_NAME (service)"
+
+    rst_para "\
+It goes without saying that this script can only be used to remove
+installations that were installed with this script."
+
+    if systemd_remove_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"; then
+        drop_service_account "${SERVICE_USER}"
+    fi
+}
+
+assert_user() {
+    rst_title "user $SERVICE_USER" section
+    echo
+    tee_stderr 1 <<EOF | bash | prefix_stdout
+sudo -H adduser --shell /bin/bash --system --home $SERVICE_HOME \
+    --disabled-password --group --gecos 'Morty' $SERVICE_USER
+sudo -H usermod -a -G shadow $SERVICE_USER
+groups $SERVICE_USER
+EOF
+    SERVICE_HOME="$(sudo -i -u "$SERVICE_USER" echo \$HOME)"
+    export SERVICE_HOME
+    echo "export SERVICE_HOME=$SERVICE_HOME"
+
+    cat > "$GO_ENV" <<EOF
+export GOPATH=\$HOME/go-apps
+export PATH=\$PATH:\$HOME/local/go/bin:\$GOPATH/bin
+EOF
+    echo "Environment $GO_ENV has been setup."
+
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER"
+grep -qFs -- 'source $GO_ENV' ~/.profile || echo 'source $GO_ENV' >> ~/.profile
+EOF
+}
+
+morty_is_installed() {
+    [[ -f $SERVICE_HOME/go-apps/bin/morty ]]
+}
+
+_svcpr="  |${SERVICE_USER}| "
+
+install_morty() {
+    rst_title "Install morty in user's ~/go-apps" section
+    echo
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
+go get -v -u github.com/asciimoo/morty
+EOF
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
+cd \$GOPATH/src/github.com/asciimoo/morty
+go test
+go test -benchmem -bench .
+EOF
+}
+
+update_morty() {
+    rst_title "Update morty" section
+    echo
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
+go get -v -u github.com/asciimoo/morty
+EOF
+    tee_stderr <<EOF | sudo -i -u "$SERVICE_USER" 2>&1 | prefix_stdout "$_svcpr"
+cd \$GOPATH/src/github.com/asciimoo/morty
+go test
+go test -benchmem -bench .
+EOF
+}
+
+set_service_env_debug() {
+
+    # usage:  set_service_env_debug [false|true]
+
+    local SERVICE_ENV_DEBUG="${1:-false}"
+    if systemd_remove_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"; then
+        systemd_install_service "${SERVICE_NAME}" "${SERVICE_SYSTEMD_UNIT}"
+    fi
+}
+
+inspect_service() {
+
+    rst_title "service status & log"
+
+    cat <<EOF
+
+sourced ${DOT_CONFIG#"$REPO_ROOT/"} :
+
+  MORTY_LISTEN :   ${MORTY_LISTEN}
+
+EOF
+
+    if service_account_is_available "$SERVICE_USER"; then
+        info_msg "service account $SERVICE_USER available."
+    else
+        err_msg "service account $SERVICE_USER not available!"
+    fi
+    if go_is_available "$SERVICE_USER"; then
+        info_msg "~$SERVICE_USER: go is installed"
+    else
+        err_msg "~$SERVICE_USER: go is not installed"
+    fi
+    if morty_is_installed; then
+        info_msg "~$SERVICE_USER: morty app is installed"
+    else
+        err_msg "~$SERVICE_USER: morty app is not installed!"
+    fi
+
+    if ! service_is_available "http://${MORTY_LISTEN}" ; then
+        err_msg "Morty does not listening on: http://${MORTY_LISTEN}"
+        echo -e "${_Green}stop with [${_BCyan}CTRL-C${_Green}] or .."
+        wait_key
+    fi
+
+    local _debug_on
+    if ask_yn "Enable filtron debug mode?"; then
+        enable_debug
+        _debug_on=1
+    fi
+
+    echo
+    systemctl --no-pager -l status "${SERVICE_NAME}"
+    echo
+
+    # shellcheck disable=SC2059
+    info_msg "morty URL --> http://${MORTY_LISTEN}"
+    info_msg "public URL --> ${PUBLIC_URL_MORTY}"
+    printf "// use ${_BCyan}CTRL-C${_creset} to stop monitoring the log"
+    read -r -s -n1 -t 2
+    echo
+    while true;  do
+        trap break 2
+        journalctl -f -u "${SERVICE_NAME}"
+    done
+
+    if [[ $_debug_on == 1 ]]; then
+        FORCE_SELECTION=Y disable_debug
+    fi
+    return 0
+}
+
+
+enable_debug() {
+    warn_msg "Do not enable debug in production enviroments!!"
+    info_msg "Enabling debug option needs to reinstall systemd service!"
+    set_service_env_debug true
+}
+
+disable_debug() {
+    info_msg "Disabling debug option needs to reinstall systemd service!"
+    set_service_env_debug false
+}
+
+install_apache_site() {
+
+    rst_title "Install Apache site $APACHE_MORTY_SITE"
+
+    rst_para "\
+This installs a reverse proxy (ProxyPass) into apache site (${APACHE_MORTY_SITE})"
+
+    ! apache_is_installed && err_msg "Apache is not installed."
+
+    if ! ask_yn "Do you really want to continue?"; then
+        return
+    fi
+
+    a2enmod headers
+    a2enmod proxy
+    a2enmod proxy_http
+
+    echo
+    apache_install_site "${APACHE_MORTY_SITE}"
+
+    info_msg "testing public url .."
+    if ! service_is_available "${PUBLIC_URL_MORTY}"; then
+        err_msg "Public service at ${PUBLIC_URL_MORTY} is not available!"
+    fi
+}
+
+remove_apache_site() {
+
+    rst_title "Remove Apache site $APACHE_MORTY_SITE"
+
+    rst_para "\
+This removes apache site ${APACHE_MORTY_SITE}."
+
+    ! apache_is_installed && err_msg "Apache is not installed."
+
+    if ! ask_yn "Do you really want to continue?"; then
+        return
+    fi
+
+    apache_remove_site "$APACHE_MORTY_SITE"
+}
+# ----------------------------------------------------------------------------
+main "$@"
+# ----------------------------------------------------------------------------

utils/searx.sh

@@ -17,10 +17,11 @@ SEARX_URL_PATH="${SEARX_URL_PATH:-$(echo "${PUBLIC_URL}" \
 SEARX_INSTANCE_NAME="${SEARX_INSTANCE_NAME:-searx@$(echo "$PUBLIC_URL" \
 | sed -e 's,^.*://\([^\:/]*\).*,\1,g') }"
 
-SERVICE_USER="searx"
+SERVICE_NAME="searx"
+SERVICE_USER="${SERVICE_USER:-${SERVICE_NAME}}"
+SERVICE_HOME="/home/${SERVICE_USER}"
 # shellcheck disable=SC2034
 SERVICE_GROUP="${SERVICE_USER}"
-SERVICE_HOME="/home/${SERVICE_USER}"
 
 SEARX_INTERNAL_URL="127.0.0.1:8888"
 SEARX_GIT_URL="https://github.com/asciimoo/searx.git"
@@ -65,7 +66,7 @@ usage() {
     # shellcheck disable=SC1117
     cat <<EOF
 
-usage:
+usage::
 
   $(basename "$0") shell
   $(basename "$0") install    [all|user|pyenv|searx-src|apache]
@@ -80,10 +81,10 @@ usage:
 shell
   start interactive shell from user ${SERVICE_USER}
 install / remove
-  all:        complete (de-) installation of searx service
-  user:       add/remove service user '$SERVICE_USER' at $SERVICE_HOME
-  searx-src:  clone $SEARX_GIT_URL
-  pyenv:      create/remove virtualenv (python) in $SEARX_PYENV
+  :all:        complete (de-) installation of searx service
+  :user:       add/remove service user '$SERVICE_USER' at $SERVICE_HOME
+  :searx-src:  clone $SEARX_GIT_URL
+  :pyenv:      create/remove virtualenv (python) in $SEARX_PYENV
 update searx
   Update searx installation of user ${SERVICE_USER}
 activate service
@@ -95,11 +96,10 @@ inspect service
 option
   set one of the available options
 apache
-  install: apache site with the searx uwsgi app
-  remove:  apache site ${APACHE_FILTRON_SITE}
+  :install: apache site with the searx uwsgi app
+  :remove:  apache site ${APACHE_FILTRON_SITE}
 
-If needed change the environment variable PUBLIC_URL of your WEB service in the
-${DOT_CONFIG#"$REPO_ROOT/"} file:
+If needed, set PUBLIC_URL of your WEB service in the '${DOT_CONFIG#"$REPO_ROOT/"}' file::
 
   PUBLIC_URL          : ${PUBLIC_URL}
   PUBLIC_HOST         : ${PUBLIC_HOST}
@@ -440,6 +440,7 @@ EOF
 }
 
 enable_debug() {
+    warn_msg "Do not enable debug in production enviroments!!"
     info_msg "try to enable debug mode ..."
     tee_stderr 0.1 <<EOF | sudo -H -u "${SERVICE_USER}" -i 2>&1 |  prefix_stdout "$_service_prefix"
 cd ${SEARX_SRC}
@@ -500,8 +501,10 @@ EOF
     uWSGI_app_available "$SEARX_UWSGI_APP" \
         || err_msg "uWSGI app $SEARX_UWSGI_APP not available!"
 
-    if ! service_is_available "http://$SEARX_INTERNAL_URL"; then
-        err_msg "uWSGI app (service) at http://$SEARX_INTERNAL_URL is not available!"
+    if ! service_is_available "http://${SEARX_INTERNAL_URL}"; then
+        err_msg "uWSGI app (service) at http://${SEARX_INTERNAL_URL} is not available!"
+        echo -e "${_Green}stop with [${_BCyan}CTRL-C${_Green}] or .."
+        wait_key
     fi
 
     if ! service_is_available "${PUBLIC_URL}"; then
@@ -514,15 +517,18 @@ EOF
         _debug_on=1
     fi
     echo
-    systemctl --no-pager -l status uwsgi.service
+    systemctl --no-pager -l status "${SERVICE_NAME}"
     echo
+
     # shellcheck disable=SC2059
+    info_msg "public URL   --> ${PUBLIC_URL}"
+    info_msg "internal URL --> http://${SEARX_INTERNAL_URL}"
     printf "// use ${_BCyan}CTRL-C${_creset} to stop monitoring the log"
     read -r -s -n1 -t 2
     echo
     while true;  do
         trap break 2
-        #journalctl -f -u uwsgi.service
+        #journalctl -f -u "${SERVICE_NAME}"
         tail -f /var/log/uwsgi/app/searx.log
     done
 

utils/templates/etc/apache2/sites-available/morty.conf

@@ -0,0 +1,23 @@
+# -*- coding: utf-8; mode: apache -*-
+
+ProxyPreserveHost On
+
+<Location ${PUBLIC_URL_PATH_MORTY} >
+
+    Require all granted
+    Order deny,allow
+    Deny from all
+    #Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
+    Allow from all
+
+    ProxyPass http://${MORTY_LISTEN}
+    RequestHeader set X-Script-Name ${PUBLIC_URL_PATH_MORTY}
+
+    # In Apache it seems, that setting HTTP_HOST header direct here does have no
+    # effect.  I needed to set 'ProxyPreserveHost On' (see above).  HTTP_HOST is
+    # needed by searx to render correct *Search URL* in the *Link* box and
+    # *saved preference*.
+
+    # RequestHeader set Host ${PUBLIC_URL_PATH_MORTY}
+
+</Location>

utils/templates/lib/systemd/system/morty.service

@@ -0,0 +1,29 @@
+[Unit]
+
+Description=${SERVICE_NAME}
+After=syslog.target
+After=network.target
+
+[Service]
+
+Type=simple
+User=${SERVICE_USER}
+Group=${SERVICE_GROUP}
+WorkingDirectory=${SERVICE_HOME}
+ExecStart=${SERVICE_HOME}/go-apps/bin/morty -key '' -listen '${MORTY_LISTEN}' -timeout ${MORTY_TIMEOUT}
+
+Restart=always
+Environment=USER=${SERVICE_USER} HOME=${SERVICE_HOME} DEBUG=${SERVICE_ENV_DEBUG}
+
+# Some distributions may not support these hardening directives.  If you cannot
+# start the service due to an unknown option, comment out the ones not supported
+# by your version of systemd.
+
+ProtectSystem=full
+PrivateDevices=yes
+PrivateTmp=yes
+NoNewPrivileges=true
+
+[Install]
+
+WantedBy=multi-user.target