You used to be able to search for information using your favourite search engine and get what you were looking for. But I guess in the age of AI-generated content and SEO-riddled websites, that’s no longer the case.

As I described in a previous post, I run a metasearch engine instance instead of directly “googling” for information. In case you don’t know what that means (and don’t feel like reading my previous post): I use an app that sends my searches to multiple search engines at the same time, and retrieves the aggregated results back to me. This allows me to (hopefully) have access to less biased information, and to reduce my reliance on Google. However, this still won’t spare me from useless websites, scam websites, or awful “modern” interfaces that the website owners decided to shove down our throats (looking at you Reddit).

Luckily, SearXNG (my metasearch engine of choice) has a builtin plugin which allows me to either filter out or redirect domains. All I need to do is to change my SearXNG settings.yml file to enable it by default:

enabled_plugins:
  — ‘Hostname replace’

Then define the filter rules on the same file:

hostname_replace:
# Filter out
  'badwebsite\.com': false
# Redirect
  '(.*\.)?reddit\.com$': 'old.reddit.com'

And that’s it! Just need to restart the docker container, and I’ll have a much more pleasant browsing experience.

docker restart searxng

If you want know how to set-up SearXNG check out my previous post, and if you need a comprehensive list of junk websites, you can always have a look at what some relevant open-source projects use, for example:

• The Big Blocklist Collection
• Let’s Block It!
• uBlock-Origin-dev-filter

Happy browsing! 🙂

There is this idea expressed in the book The Wisdom of Crowds, which states that aggregating the information from a large group tends to yield better decisions than the ones taken by a single member of the group (as long as the group is diverse enough and each member is independent). There are some discussions regarding the conditions in which this holds, but there’s still some nugget of truth in there: looking through a problem from a diverse set of perspectives is beneficial.

Which leads leads me to: search engines.

Depending on the source, you’ll get slightly different values for the current market share of Google, but the general consensus is that it seems to be around 90%. This is concerning (to say the least), since the world is trusting a single member to dictate what’s relevant and/or true. Yes, Google aggregates the results from different sources, but the company is still responsible for designing the algorithm that decides which sources are displayed at the top (or displayed at all).

Even if you don’t really care about the possible consequences of concentrating all this power in a single company, you can still look at this issue from a pure self-interest perspective (which turns it into an opportunity). In the current competitive information age, having access to more varied sources of information than your peers can be an advantage. You may not notice it at first, but every so often you’ll find a website that was not as good at playing the google SEO game, but happens to have the information or the solution to the problem that you were looking for. Exposing yourself to more variety will give you an edge.

My point is not “don’t use Google”, but rather “why use only Google?”. The fact is, Google is amazing at what they do, but there’s nothing stopping you from enhancing your search results with more sources, in other words: to create your own wise crowd.

Which leads me to: metasearch engines.

A metasearch engine is basically a search engine of search engines. It’s a piece of software that sends your query to multiple search engines, aggregates the results, and presents them to you.

In this post, I’ll show you how you can run your own metasearch engine for free. More specifically, SearXNG.

SearXNG is a fork of Searx, with a few improvements which makes it (in my opinion) easier to set-up.

Setting up SearXNG

The first step is to install docker. Make sure that you follow the post-installation steps as well, so that you don’t have to run docker with sudo. After you’re done, create a directory where you’re going to store the startup scripts (or cd into the one you already use for your personal scripts):

cd ~/
mkdir scripts
cd scripts

Inside your scripts directory, create a new script called start_searxng, open it, and paste the following:

#!/bin/sh

mkdir -p $HOME/searxng
docker pull searxng/searxng
docker run -d --rm \
              -d -p 8080:8080 \
              -v "${HOME}/searxng:/etc/searxng" \
              -e "BASE_URL=http://localhost:8080/" \
              searxng/searxng

Don’t forget to make the script executable

chmod +x start_searxng

And run it:

./start_searxng

If you now open your browser and go to localhost:8080, you should be able to see the SearXNG page.

It’s that easy. You’re running SearXNG now!

You can customize your preferences, and pick which search engines you’d like to use.

Be aware that your queries will be slower the more engines you add (specially if they are slow and/or unreliable). So, you’ll have to balance between diversity and speed.

You can also see that you have various search categories, including “science” (i.e. scientific papers) and “files” (i.e. torrents), which you can customize as well.

Setting it up in the search bar (optional)

Another thing you may want to configure, is to have your browser use SearXNG when you type a search in the address bar, instead of Google. This will depend on your browser.

Chrome-based browsers

For chrome-based browsers (which include Brave), you want to do the following:

1. Go to the settings: chromium://settings/searchEngines (replace chromium with brave, chrome, etc).
2. Go into the “Search engines” section.
3. Add a new search engine.
4. Give it a name.
5. In the “URL with %s in place of query” field, fill it out with the following: http://localhost:8080/search?q=%s.
6. Set it as the default search engine.

Firefox-based browsers

For Firefox-based browsers (which include LibreWolf), the procedure is the following:

1. Go into the settings: about:preferences#search
2. Select the “Add search bar in toolbar” option (i.e. select the option to split the search bar from the address bar).
3. Open localhost:8080
4. On the search bar, the magnifying glass icon should have a green “+” symbol.
5. Click on the icon.
6. You should see an SearXNG icon with the same “+” green icon.
7. Click on it. SearXNG is now on your search engines.
8. Go back to about:preferences#search, and set it as default.

Final questions you might have

What if I want to use this on the go, while on my phone?

This is where the “for free” part of running your own metasearch engine stops. If you want to do this, you will usually have to buy a domain name and pay for hosting. If there’s interest, I might write a post in the future with a step-by-step guide. But for now, you should at least be able to play around with your new metasearch engine, and see if this is something that you’re willing to pay a few dollars per month to have available everywhere you go.

If you’re already familiar with how to host your own services, you should be able to easily deploy the docker containers yourself. SearXNG provides a docker-compose yaml file that will make your life much easier.

Are there any kind people running SearXNG instances that I could use for free?

There certainly are, but to be honest, I wouldn’t use them. You have no idea what a random internet stranger is running, they could be logging your search history. You can check what kind of code you’re running on your machine, but you can’t check theirs.

As with most computer-related things, I’d rather have more control. But you’re free to decide what’s best for you.

In my previous post, I explained how to set up a Raspberry Pi on your home network to act as an I2P router, allowing you to browse anonymous sites (and contribute to the network at the same time).

If you’re not familiar with I2P, or how to set up an I2P router. Please checkout my previous post, as this one starts where the other one left off.

Why bother hosting a website on I2P?

I could give you the whole spiel about the importance of censorship resistant systems, freedom of information, decentralisation of the web, etc. But the truth is: I did it because I was bored, and this was fun. So, why not?

You certainly won’t get as much visibility when compared with a website on the clearnet. But you can always have a copy of your personal website on both the clearnet and I2P. However, be aware that speed that you get on I2P is really slow, so keep it light. Who needs anything more than HTML and CSS anyway?

This is the solution that I found to host it. Do let me know if you think it can be improved!

Step 1 — Make a website and host it on your Raspberry Pi

The first step is to make a website. Log into the Raspberry Pi, and create something simple.

cd ~/
echo "<h1>Hello World!</h1>" >> index.html

Now, you need to make it visible to anyone on your home network. For this part, you’ll want to have both docker and docker-compose installed. Also, make sure that you follow the post-installation steps as well, so that you don’t have to run docker with sudo, and that docker starts when the Raspberry Pi boots up.

To host the website, you’ll want to use a webserver like nginx . But to make things easier, you can use it inside a docker container.

Start by creating a directory inside your home called nginx and go into it (you can give it another name, as long as you keep things consistent).

mkdir ~/nginx
cd ~/nginx

Then, create a directory to keep the website in:

mkdir website
mv ~/index.html website/

Now that’s in place, you want to create a docker container running nginx, and tell it where to find your website.

You could just use docker run for this, but docker-compose also allows you to run multi-container applications. One could argue this is a bit overkill, but there is one little feature which I quite like.

Create a new file named docker-compose.yml inside ~/nginx, and paste the following inside:

version: '3'
services:
  app:
    image: 'nginx:latest'
    restart: always
    ports:
      - '80:80'
    volumes:
      - ~/nginx/website:/usr/share/nginx/html
  watchtower:
    image: containrrr/watchtower
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

This will tell docker-compose to launch a multi-container application with 2 containers. The first one (app), will be a webserver with the following characteristics:

• it’s running the latest nginx image
• it always restarts the container if it stops
• it forwards port 80 in the host (the Raspberry Pi), to port 80 in the container
• it mounts the path ~/nginx/website in the Raspberry Pi, to the the default path used by nginx to read the website from (/usr/share/nginx/html).

That last point is important. It means that whatever you put inside ~/nginx/website/ will be read by the docker container running nginx, and will be served as your website. Therefore, if you want to update it, you just need to change the files inside ~/nginx/website/.

OK that’s pretty obvious, but what’s watchtower?

This is neat little solution that automatically updates app every time a new version of nginx:latest is pushed to Docker Hub. In other words, if a newer version is available, watchtower pulls the latest version, shuts-down the currently running container (i.e. app), and launches a new one running the latest version. Have a look at the documentation for more details.

Once the docker-compose.yml file is saved, all you have to do is launch it:

cd ~/nginx/
docker compose up -d

You can now open a browser from another machine on your network, and give it the internal IP address of the Raspberry Pi.

firefox <raspberry-pi-internal-ip-address>

You should be able to see your website. If this does not work, something went wrong with the webserver. Try to pinpoint the problem before proceeding.

Wait, how do I find this address?

From your Raspberry Pi, you can run the command below to get the address of the interfaces (e.g. if the Raspberry Pi is using the wifi, look at the inet field under the wlan0 section):

ifconfig -a

If you want to find it from the machine where you’re opening the browser, you can scan your network to find it:

sudo nmap -sn 192.168.1.0/24

I won’t go into detail on how nmap works, as it’s outside of the scope of this tutorial.

Step 2 — Make the website accessible to the rest of the I2P network

As mentioned in the introduction, at this point, you should have i2pd configured in the same way as described in my previous post. I’m assuming that’s the case for you.

Now that you can see the site from a different machine on your network, it’s time to make it visible on i2p. For that, you’re going to need to change the tunnels.conf file. It’s usually on ~/.i2pd/tunnels.conf , but that might not be the case for you.

If you access the i2pd webconsole (http://127.0.0.1:7070/), you should see a Data path field on the main page (in my case, it says /var/lib/i2pd). That’s the directory where you can find the tunnels.conf file. Open that file (you might need to use sudo), and add the following to the bottom:

[anon-website]
type = http
host = 127.0.0.1
port = 80
keys = anon-website.dat

Restart i2pd:

sudo systemctl restart i2pd.service

Open the webconsole, and go to the tunnels page (http://127.0.0.1:7070/?page=i2p_tunnels), you should see a subheading saying anon-website followed by a long string with *.b32.i2p:80 at the end. That’s the address to the website (you should be able to open it in the browser after a while).

Step 3 (Optional) — Get a human-readable address for your fancy new website

Congratulations! You are now hosting your own website on the darkweb.

But that long string is rather ugly, wouldn’t it be nice to have a nice human-readable address?

To do that, go into the webconsole > I2P tunnels > anon-website. On this page, click on “Address registration line” and fill out which domain you’d like. If the generation is successful, it should take you to another page, asking to add a small description. Submit it, and wait a bit until the new address works (it could be a couple of days, so don’t stand there refreshing in despair).

You shouldn’t need anything else. But if at any point you need to generate an authentication string, you’ll need to use i2pd-tools, in particular readdr:

./regaddr anon-website.dat <your-domain>.i2p > auth_string.txt
cat auth_string.txt

The anon-website.dat file can be found in the same directory as the tunnels.conf file. Follow the instructions on the project’s repo on how to compile i2pd-tools.

After a few days, you should be able to see the website being announced on planet.i2p and identiguy.i2p.

And that’s it! Enjoy your own piece of virtual real estate on the darkweb.

Take a moment to recall when was the last time you used the Caps Lock key.

Do you remember?

Unless you’re a boomer ranting on Facebook about things you have no knowledge about, then the answer should be “when I accidentally touched it, and then had to backspace to re-write a whole sentence”.

Why is this useless (and often hindering) key so close to the home row? Arguably, the area on the keyboard where your fingers spend the most amount of time while typing?

The answer is that the Caps Lock key is actually a legacy from mechanical typewriters, back in the days when you might need a row of upper case letters to define a title. But with today’s cutting edge technological advances like different sized fonts, bold, and italic; it’s time for it to die.

Making this key actually useful on Linux

In this day and age, it makes no sense for Caps Lock to occupy such a valuable piece of keyboard real estate (or to exist at all). So, while I cannot force some sense into the keyboard manufacturers’ heads, I still have control over my own machines. There is no reason why one shouldn't remap this key into something more useful, like an extra Ctrl.

Just think about it: how many times do you use the Ctrl key per day? You probably use it to copy (Ctrl+c), paste (Ctrl+v), save (Ctrl+s), select all (Ctrl+a), open a tab (Ctrl+t), close a tab (Ctrl+w), etc. All these require you to bend the left little finger awkwardly downwards, and it’s the cause of the mythical “Emacs pinky” injury.

You could be living in the present, and have an easy access to one of the most useful modifier keys! It’s time to join the 21st century.

If you are using Linux with Gnome, the most user-friendly way to remap the Caps Lock key is to install gnome tweaks:

$ sudo apt-get install gnome-tweaks

And enable the remap option on “Keyboard & Mouse” > “Additional Layout Options”

If you want a more general solution (or are too cool to use desktop environments), you can change ~/.Xmodmap instead:

remove Lock = Caps_Lock
keysym Caps_Lock = Control_L
add Control = Control_L

Other operating systems

As for Windows and Mac users, I can’t provide first hand experience. I’ve done it on a Windows 7 machine many years ago, and it involved creating my own registry key file with regedit. However, I’ve seen that Microsoft has made this easier, with a new tool called Keyboard Manager.

On MacOS, this option is also available in the System Preferences.

Now go forth, and enjoy your newly found productivity. After years of typing for several hours a day, your left little finger will thank you for this change.

In this post, I’ll outline how I have set up a Raspberry Pi I had laying around the house to act as an I2P node, allowing me not only to browse I2P, but to help the network as well.

I’m not claiming this is the best way to do it. In fact, if you have any ideas on how to make it better, please let me know! But it’s probably a good starting point if you’re planing to play around with anonymous networks.

I’m assuming that you are familiar with the Linux command line, and have a Raspberry Pi already running on your home network. If there is interest in any of those topics, I can write some posts about them in the future.

Before you proceed

Please be aware that there are things on the darkweb that you’d rather not see, or are down right illegal and reprehensible. Fortunately, I have not run into any of them. I have been using I2P to browse random blogs and tinkering with the technology, but you may not be as lucky. Proceed at your own risk.

A few questions you might have before we start

What is I2P?

I2P is a network layer, that allows anonymous and encrypted peer-to-peer communication. It’s similar to tor, but it won’t allow one to browse websites on the clearnet (at least, not directly). You can think of I2P as its own separate internet, where the sun always shines!¹

For a more detailed comparison, check out the official website.

Why a Raspberry Pi? Can’t I just install it on a regular computer? I have an old laptop I’m not using

You can, but you probably don’t want to.

Another difference between tor and I2P is that each node also contributes to the network (even the people just browsing), while tor has dedicated machines acting as relays. In other words, you don’t just browse the network, but you contribute to it as well, by being one of the nodes which traffic flows through.

This means that when you connect to I2P, you won’t be able to browse any sites at first, as your node is not integrated with the network yet. It can take several hours until you start seeing some sites. Therefore, you want to keep it connected for long periods of time (ideally, 24/7). With the current energy prices, you may want to avoid doing this on a regular computer.

I don’t have a Raspberry Pi, but I do have a server that I already use for something else. Can I run it there?

You certainly can!

I haven’t tried it yet. So I’ll focus on a Raspberry Pi for now.

Setting up

You can get the java version on the official website. However, I’ve found it to be unnecessarily heavy on my puny Raspberry Pi, so I switched to i2pd. Even though it comes with less features out of the box (e.g. it does not include torrent or email capabilities built in), it’s written in C++, and is much lighter.

Installing i2pd and running it

On a Debian system, you can install it by running the following:

sudo apt-get install apt-transport-https
wget -q -O - https://repo.i2pd.xyz/.help/add_repo | sudo bash -s -
sudo apt-get update
sudo apt-get install i2pd

To start it, you can simply run:

i2pd

However, you probably want to start it on the background every time the Raspberry Pi boots up:

sudo systemctl enable i2pd.service # enable i2pd autostart
sudo systemctl disable i2pd.service # disable i2pd autostart

Browsing I2P

Great! You have i2pd up and running now. But how can you browse I2P websites (also known as eepsites)?

Unlike tor, i2pd does not ship with a dedicated browser, you have to configure your own browser to use it.

I prefer to have a separate browser just for I2P. So I installed librewolf and configured the connection settings as follows:

Once that’s done, you should be able to see your i2pd console by going to 127.0.0.1:7070 on librewolf.

Browsing on other computers in your home

So, you’ve got your Raspberry Pi set up, but it’s all the way over there, and you’re pretty comfy sitting on the couch with your laptop. What can you do?

Well, that’s pretty easy. All you have to do is to run this command on the computer you wish to browse I2P on:

ssh -fTNL 4444:127.0.0.1:4444 -L 7070:127.0.0.1:7070 <raspberry-pi-username>@<raspberry-pi-local-ip-address>

You can now browse from any computer inside your house, as long as you are on the same network as the Raspberry Pi.

Where can one find sites to visit?

Unfortunately, the amount of sites available on I2P is fairly small, even compared with something like tor hidden services. However, you can find a big list of them here: identiguy.i2p. There are also search engines you can use, e.g. legwork.i2p.

For an RSS feed of the latest things happening on I2P, check out planet.i2p. Or maybe you’d like to browse some quality blogs like this one: orizuru.i2p (a bit of a shameless plug 🙂).

Wait, how do you host your own blog on I2P?

It’s actually pretty easy, and you can do it on the same Raspberry Pi. But I’ll leave that tutorial for another time.

EDIT (2023–01–26): Part 2 of this post is now available. It will teach you how to host a website on I2P.

[1]: When trying to stay anonymous on the internet. Do not talk about anything that could be used to find out your location including the weather.