[mod] document server:public_instance & remove it out of the botdetection

- the option server:public_instance lacks some documentation
- the processing of this option belongs in the limiter and not
  in botdetection module

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>

4 files changed, 29 insertions, 9 deletions

diff --git a/docs/admin/settings/settings_server.rst b/docs/admin/settings/settings_server.rst
index ba0c9484..e4e66ee2 100644
--- a/docs/admin/settings/settings_server.rst
+++ b/docs/admin/settings/settings_server.rst
@@ -12,6 +12,7 @@
        bind_address: "127.0.0.1"
        secret_key: "ultrasecretkey"           # change this!
        limiter: false
+       public_instance: false
        image_proxy: false
        default_http_headers:
          X-Content-Type-Options : nosniff
@@ -20,7 +21,6 @@
          X-Robots-Tag : noindex, nofollow
          Referrer-Policy : no-referrer
 
-
 ``base_url`` : ``$SEARXNG_URL`` :ref:`buildenv <make buildenv>`
   The base URL where SearXNG is deployed.  Used to create correct inbound links.
   If you change the value, don't forget to rebuild instance's environment
@@ -40,6 +40,16 @@
   Rate limit the number of request on the instance, block some bots.  The
   :ref:`limiter` requires a :ref:`settings redis` database.
 
+.. _public_instance:
+
+``public_instance`` :
+
+  Setting that allows to enable features specifically for public instances (not
+  needed for local usage).  By set to ``true`` the following features are
+  activated:
+
+  - :py:obj:`searx.botdetection.link_token` in the :ref:`limiter`
+
 .. _image_proxy:
 
 ``image_proxy`` :
diff --git a/searx/__init__.py b/searx/__init__.py
index f8605266..d611ef6a 100644
--- a/searx/__init__.py
+++ b/searx/__init__.py
@@ -108,5 +108,6 @@ else:
 if settings['server']['public_instance']:
     logger.warning(
         "Be aware you have activated features intended only for public instances. "
-        + "This force the usage of the bot limiter and link_token plugins."
+        "This force the usage of the limiter and link_token / "
+        "see https://docs.searxng.org/admin/searx.limiter.html"
     )
diff --git a/searx/botdetection/ip_limit.py b/searx/botdetection/ip_limit.py
index 071978a3..387e580e 100644
--- a/searx/botdetection/ip_limit.py
+++ b/searx/botdetection/ip_limit.py
@@ -45,7 +45,6 @@ from ipaddress import (
 
 import flask
 import werkzeug
-from searx import settings
 
 from searx import redisdb
 from searx.redislib import incr_sliding_window, drop_counter
@@ -109,7 +108,7 @@ def filter_request(
         if c > API_MAX:
             return too_many_requests(network, "too many request in API_WINDOW")
 
-    if settings['server']['public_instance'] or cfg['botdetection.ip_limit.link_token']:
+    if cfg['botdetection.ip_limit.link_token']:
 
         suspicious = link_token.is_suspicious(network, request, True)
 
diff --git a/searx/limiter.py b/searx/limiter.py
index b61292d7..fa741892 100644
--- a/searx/limiter.py
+++ b/searx/limiter.py
@@ -211,23 +211,33 @@ def pre_request():
 
 
 def is_installed():
+    """Returns ``True`` if limiter is active and a redis DB is available."""
     return _INSTALLED
 
 
 def initialize(app: flask.Flask, settings):
-    """Instal the botlimiter aka limiter"""
+    """Install the limiter"""
     global _INSTALLED  # pylint: disable=global-statement
-    if not settings['server']['limiter'] and not settings['server']['public_instance']:
+
+    if not (settings['server']['limiter'] or settings['server']['public_instance']):
         return
+
     redis_client = redisdb.client()
     if not redis_client:
         logger.error(
             "The limiter requires Redis, please consult the documentation: "
-            + "https://docs.searxng.org/admin/searx.botdetection.html#limiter"
+            "https://docs.searxng.org/admin/searx.limiter.html"
         )
         if settings['server']['public_instance']:
             sys.exit(1)
         return
-    botdetection.init(get_cfg(), redis_client)
-    app.before_request(pre_request)
+
     _INSTALLED = True
+
+    cfg = get_cfg()
+    if settings['server']['public_instance']:
+        # overwrite limiter.toml setting
+        cfg.set('botdetection.ip_limit.link_token', True)
+
+    botdetection.init(cfg, redis_client)
+    app.before_request(pre_request)