# Context: Add SearxNG service to homelab network

## Source Ticket

- `tickets/active/2026-06-06-add-searxng-service.md`

## Goal

Deploy a private SearxNG instance as the user's default search engine, a search backend for internal webapps, and a controlled search backend for future safe web research capability.

## Why

The user wants a privacy-preserving search service for personal/default search and internal webapps. Search is also useful for assistant current-information workflows, but web browsing introduces prompt-injection and privacy risks. SearxNG can provide search discovery without requiring cookies, JavaScript, browser profiles, or direct broad browsing privileges for Pi.

## Scope

Included:
- Select a target host/VM/container location.
- Define LAN/VPN-only access policy by default.
- Deploy SearxNG.
- Verify search from approved clients.
- Document runbook, rollback, and operational change log.

Not included:
- Full browser automation.
- Authenticated web browsing.
- Feeding arbitrary web page bodies directly to the LLM.
- Public internet exposure.

## Constraints

- Prefer dedicated VMs/containers for major services.
- Snapshot/backup before changing existing systems.
- Least-privilege access.
- Avoid exposing management interfaces publicly.
- Log server-side operational changes in `docs/server-change-log.md`.
- SearxNG should feed only search result metadata to Pi until the safe fetch/prescan pipeline exists.

## Acceptance Criteria

- SearxNG is deployed internally and verified.
- Access policy and internal URL are documented.
- Operations and rollback are documented.
- Server-side changes are logged.

## Notes

This is a dependency/enabler for `tickets/active/2026-05-17-safe-web-browsing-and-prompt-injection-guard.md`.