update dify

This commit is contained in:
Andrei Canta
2024-09-27 14:29:29 +03:00
parent 662394d56d
commit 2466ad1785
6 changed files with 218 additions and 97 deletions
+86 -10
View File
@@ -75,7 +75,7 @@ INIT_PASSWORD=
DEPLOY_ENV=PRODUCTION
# Whether to enable the version check policy.
# If set to empty, https://updates.dify.ai will not be called for version check.
# If set to empty, https://updates.dify.ai will be called for version check.
CHECK_UPDATE_URL=https://updates.dify.ai
# Used to change the OpenAI base address, default is https://api.openai.com/v1.
@@ -214,6 +214,18 @@ REDIS_USERNAME=
REDIS_PASSWORD=difyai123456
REDIS_USE_SSL=false
# Whether to use Redis Sentinel mode.
# If set to true, the application will automatically discover and connect to the master node through Sentinel.
REDIS_USE_SENTINEL=false
# List of Redis Sentinel nodes. If Sentinel mode is enabled, provide at least one Sentinel IP and port.
# Format: `<sentinel1_ip>:<sentinel1_port>,<sentinel2_ip>:<sentinel2_port>,<sentinel3_ip>:<sentinel3_port>`
REDIS_SENTINELS=
REDIS_SENTINEL_SERVICE_NAME=
REDIS_SENTINEL_USERNAME=
REDIS_SENTINEL_PASSWORD=
REDIS_SENTINEL_SOCKET_TIMEOUT=0.1
# ------------------------------
# Celery Configuration
# ------------------------------
@@ -221,9 +233,16 @@ REDIS_USE_SSL=false
# Use redis as the broker, and redis db 1 for celery broker.
# Format as follows: `redis://<redis_username>:<redis_password>@<redis_host>:<redis_port>/<redis_database>`
# Example: redis://:difyai123456@redis:6379/1
# If use Redis Sentinel, format as follows: `sentinel://<sentinel_username>:<sentinel_password>@<sentinel_host>:<sentinel_port>/<redis_database>`
# Example: sentinel://localhost:26379/1;sentinel://localhost:26380/1;sentinel://localhost:26381/1
CELERY_BROKER_URL=redis://:difyai123456@redis:6379/1
BROKER_USE_SSL=false
# If you are using Redis Sentinel for high availability, configure the following settings.
CELERY_USE_SENTINEL=false
CELERY_SENTINEL_MASTER_NAME=
CELERY_SENTINEL_SOCKET_TIMEOUT=0.1
# ------------------------------
# CORS Configuration
# Used to set the front-end cross-domain access policy.
@@ -242,7 +261,7 @@ CONSOLE_CORS_ALLOW_ORIGINS=*
# ------------------------------
# The type of storage to use for storing user files.
# Supported values are `local` and `s3` and `azure-blob` and `google-storage` and `tencent-cos`,
# Supported values are `local` and `s3` and `azure-blob` and `google-storage` and `tencent-cos` and `huawei-obs`
# Default: `local`
STORAGE_TYPE=local
@@ -285,6 +304,8 @@ ALIYUN_OSS_SECRET_KEY=your-secret-key
ALIYUN_OSS_ENDPOINT=https://oss-ap-southeast-1-internal.aliyuncs.com
ALIYUN_OSS_REGION=ap-southeast-1
ALIYUN_OSS_AUTH_VERSION=v4
# Don't start with '/'. OSS doesn't support leading slash in object names.
ALIYUN_OSS_PATH=your-path
# Tencent COS Configuration
# The name of the Tencent COS bucket to use for storing files.
@@ -298,12 +319,34 @@ TENCENT_COS_REGION=your-region
# The scheme of the Tencent COS service.
TENCENT_COS_SCHEME=your-scheme
# Huawei OBS Configuration
# The name of the Huawei OBS bucket to use for storing files.
HUAWEI_OBS_BUCKET_NAME=your-bucket-name
# The secret key to use for authenticating with the Huawei OBS service.
HUAWEI_OBS_SECRET_KEY=your-secret-key
# The access key to use for authenticating with the Huawei OBS service.
HUAWEI_OBS_ACCESS_KEY=your-access-key
# The server url of the HUAWEI OBS service.
HUAWEI_OBS_SERVER=your-server-url
# Volcengine TOS Configuration
# The name of the Volcengine TOS bucket to use for storing files.
VOLCENGINE_TOS_BUCKET_NAME=your-bucket-name
# The secret key to use for authenticating with the Volcengine TOS service.
VOLCENGINE_TOS_SECRET_KEY=your-secret-key
# The access key to use for authenticating with the Volcengine TOS service.
VOLCENGINE_TOS_ACCESS_KEY=your-access-key
# The endpoint of the Volcengine TOS service.
VOLCENGINE_TOS_ENDPOINT=your-server-url
# The region of the Volcengine TOS service.
VOLCENGINE_TOS_REGION=your-region
# ------------------------------
# Vector Database Configuration
# ------------------------------
# The type of vector store to use.
# Supported values are `weaviate`, `qdrant`, `milvus`, `myscale`, `relyt`, `pgvector`, `chroma`, `opensearch`, `tidb_vector`, `oracle`, `tencent`, `elasticsearch`.
# Supported values are `weaviate`, `qdrant`, `milvus`, `myscale`, `relyt`, `pgvector`, `pgvecto-rs`, ``chroma`, `opensearch`, `tidb_vector`, `oracle`, `tencent`, `elasticsearch`, `analyticdb`.
VECTOR_STORE=weaviate
# The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`.
@@ -323,16 +366,14 @@ QDRANT_GRPC_ENABLED=false
QDRANT_GRPC_PORT=6334
# Milvus configuration Only available when VECTOR_STORE is `milvus`.
# The milvus host.
MILVUS_HOST=127.0.0.1
# The milvus host.
MILVUS_PORT=19530
# The milvus uri.
MILVUS_URI=http://127.0.0.1:19530
# The milvus token.
MILVUS_TOKEN=
# The milvus username.
MILVUS_USER=root
# The milvus password.
MILVUS_PASSWORD=Milvus
# The milvus tls switch.
MILVUS_SECURE=false
# MyScale configuration, only available when VECTOR_STORE is `myscale`
# For multi-language support, please set MYSCALE_FTS_PARAMS with referring to:
@@ -344,12 +385,31 @@ MYSCALE_PASSWORD=
MYSCALE_DATABASE=dify
MYSCALE_FTS_PARAMS=
# pgvector configurations, only available when VECTOR_STORE is `pgvecto-rs or pgvector`
# pgvector configurations, only available when VECTOR_STORE is `pgvector`
PGVECTOR_HOST=pgvector
PGVECTOR_PORT=5432
PGVECTOR_USER=postgres
PGVECTOR_PASSWORD=difyai123456
PGVECTOR_DATABASE=dify
PGVECTOR_MIN_CONNECTION=1
PGVECTOR_MAX_CONNECTION=5
# pgvecto-rs configurations, only available when VECTOR_STORE is `pgvecto-rs`
PGVECTO_RS_HOST=pgvecto-rs
PGVECTO_RS_PORT=5432
PGVECTO_RS_USER=postgres
PGVECTO_RS_PASSWORD=difyai123456
PGVECTO_RS_DATABASE=dify
# analyticdb configurations, only available when VECTOR_STORE is `analyticdb`
ANALYTICDB_KEY_ID=your-ak
ANALYTICDB_KEY_SECRET=your-sk
ANALYTICDB_REGION_ID=cn-hangzhou
ANALYTICDB_INSTANCE_ID=gp-ab123456
ANALYTICDB_ACCOUNT=testaccount
ANALYTICDB_PASSWORD=testpassword
ANALYTICDB_NAMESPACE=dify
ANALYTICDB_NAMESPACE_PASSWORD=difypassword
# TiDB vector configurations, only available when VECTOR_STORE is `tidb`
TIDB_VECTOR_HOST=tidb
@@ -522,11 +582,27 @@ CODE_MAX_STRING_ARRAY_LENGTH=30
CODE_MAX_OBJECT_ARRAY_LENGTH=30
CODE_MAX_NUMBER_ARRAY_LENGTH=1000
# Workflow runtime configuration
WORKFLOW_MAX_EXECUTION_STEPS=500
WORKFLOW_MAX_EXECUTION_TIME=1200
WORKFLOW_CALL_MAX_DEPTH=5
# HTTP request node in workflow configuration
HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760
HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576
# SSRF Proxy server HTTP URL
SSRF_PROXY_HTTP_URL=http://ssrf_proxy:3128
# SSRF Proxy server HTTPS URL
SSRF_PROXY_HTTPS_URL=http://ssrf_proxy:3128
# ------------------------------
# Environment Variables for web Service
# ------------------------------
# The timeout for the text generation in millisecond
TEXT_GENERATION_TIMEOUT_MS=60000
# ------------------------------
# Environment Variables for db Service
# ------------------------------
+1 -1
View File
@@ -83,7 +83,7 @@ The `.env.example` file provided in the Docker setup is extensive and covers a w
7. **Vector Database Configuration**:
- `VECTOR_STORE`: Type of vector database (e.g., `weaviate`, `milvus`).
- Specific settings for each vector store like `WEAVIATE_ENDPOINT`, `MILVUS_HOST`.
- Specific settings for each vector store like `WEAVIATE_ENDPOINT`, `MILVUS_URI`.
8. **CORS Configuration**:
- `WEB_API_CORS_ALLOW_ORIGINS`, `CONSOLE_CORS_ALLOW_ORIGINS`: Settings for cross-origin resource sharing.
+13 -13
View File
@@ -2,8 +2,8 @@
## Short description
Docker-compose certbot configurations with Backward compatibility (without certbot container).
Use `docker-compose --profile certbot up` to use this features.
docker compose certbot configurations with Backward compatibility (without certbot container).
Use `docker compose --profile certbot up` to use this features.
## The simplest way for launching new servers with SSL certificates
@@ -18,21 +18,21 @@ Use `docker-compose --profile certbot up` to use this features.
```
execute command:
```shell
sudo docker network prune
sudo docker-compose --profile certbot up --force-recreate -d
docker network prune
docker compose --profile certbot up --force-recreate -d
```
then after the containers launched:
```shell
sudo docker-compose exec -it certbot /bin/sh /update-cert.sh
docker compose exec -it certbot /bin/sh /update-cert.sh
```
2. Edit `.env` file and `sudo docker-compose --profile certbot up` again.
2. Edit `.env` file and `docker compose --profile certbot up` again.
set `.env` value additionally
```properties
NGINX_HTTPS_ENABLED=true
```
execute command:
```shell
sudo docker-compose --profile certbot up -d --no-deps --force-recreate nginx
docker compose --profile certbot up -d --no-deps --force-recreate nginx
```
Then you can access your serve with HTTPS.
[https://your_domain.com](https://your_domain.com)
@@ -42,8 +42,8 @@ Use `docker-compose --profile certbot up` to use this features.
For SSL certificates renewal, execute commands below:
```shell
sudo docker-compose exec -it certbot /bin/sh /update-cert.sh
sudo docker-compose exec nginx nginx -s reload
docker compose exec -it certbot /bin/sh /update-cert.sh
docker compose exec nginx nginx -s reload
```
## Options for certbot
@@ -57,14 +57,14 @@ CERTBOT_OPTIONS=--dry-run
To apply changes to `CERTBOT_OPTIONS`, regenerate the certbot container before updating the certificates.
```shell
sudo docker-compose --profile certbot up -d --no-deps --force-recreate certbot
sudo docker-compose exec -it certbot /bin/sh /update-cert.sh
docker compose --profile certbot up -d --no-deps --force-recreate certbot
docker compose exec -it certbot /bin/sh /update-cert.sh
```
Then, reload the nginx container if necessary.
```shell
sudo docker-compose exec nginx nginx -s reload
docker compose exec nginx nginx -s reload
```
## For legacy servers
@@ -72,5 +72,5 @@ sudo docker-compose exec nginx nginx -s reload
To use cert files dir `nginx/ssl` as before, simply launch containers WITHOUT `--profile certbot` option.
```shell
sudo docker-compose up -d
docker compose up -d
```
+12 -2
View File
@@ -19,6 +19,11 @@ services:
- ./volumes/db/data:/var/lib/postgresql/data
ports:
- "${EXPOSE_POSTGRES_PORT:-5432}:5432"
healthcheck:
test: [ "CMD", "pg_isready" ]
interval: 1s
timeout: 3s
retries: 30
# The redis cache.
redis:
@@ -31,10 +36,12 @@ services:
command: redis-server --requirepass difyai123456
ports:
- "${EXPOSE_REDIS_PORT:-6379}:6379"
healthcheck:
test: [ "CMD", "redis-cli", "ping" ]
# The DifySandbox
sandbox:
image: langgenius/dify-sandbox:0.2.6
image: langgenius/dify-sandbox:0.2.9
restart: always
environment:
# The DifySandbox configurations
@@ -49,12 +56,14 @@ services:
SANDBOX_PORT: ${SANDBOX_PORT:-8194}
volumes:
- ./volumes/sandbox/dependencies:/dependencies
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8194/health" ]
networks:
- ssrf_proxy_network
# ssrf_proxy server
# for more information, please refer to
# https://docs.dify.ai/learn-more/faq/self-host-faq#id-18.-why-is-ssrf_proxy-needed
# https://docs.dify.ai/learn-more/faq/install-faq#id-18.-why-is-ssrf_proxy-needed
ssrf_proxy:
image: ubuntu/squid:latest
restart: always
@@ -80,6 +89,7 @@ services:
weaviate:
image: semitechnologies/weaviate:1.19.0
profiles:
- ""
- weaviate
restart: always
volumes:
+89 -54
View File
@@ -42,8 +42,17 @@ x-shared-env: &shared-api-worker-env
REDIS_PASSWORD: ${REDIS_PASSWORD:-difyai123456}
REDIS_USE_SSL: ${REDIS_USE_SSL:-false}
REDIS_DB: 0
REDIS_USE_SENTINEL: ${REDIS_USE_SENTINEL:-false}
REDIS_SENTINELS: ${REDIS_SENTINELS:-}
REDIS_SENTINEL_SERVICE_NAME: ${REDIS_SENTINEL_SERVICE_NAME:-}
REDIS_SENTINEL_USERNAME: ${REDIS_SENTINEL_USERNAME:-}
REDIS_SENTINEL_PASSWORD: ${REDIS_SENTINEL_PASSWORD:-}
REDIS_SENTINEL_SOCKET_TIMEOUT: ${REDIS_SENTINEL_SOCKET_TIMEOUT:-0.1}
CELERY_BROKER_URL: ${CELERY_BROKER_URL:-redis://:difyai123456@redis:6379/1}
BROKER_USE_SSL: ${BROKER_USE_SSL:-false}
CELERY_USE_SENTINEL: ${CELERY_USE_SENTINEL:-false}
CELERY_SENTINEL_MASTER_NAME: ${CELERY_SENTINEL_MASTER_NAME:-}
CELERY_SENTINEL_SOCKET_TIMEOUT: ${CELERY_SENTINEL_SOCKET_TIMEOUT:-0.1}
WEB_API_CORS_ALLOW_ORIGINS: ${WEB_API_CORS_ALLOW_ORIGINS:-*}
CONSOLE_CORS_ALLOW_ORIGINS: ${CONSOLE_CORS_ALLOW_ORIGINS:-*}
STORAGE_TYPE: ${STORAGE_TYPE:-local}
@@ -66,16 +75,26 @@ x-shared-env: &shared-api-worker-env
ALIYUN_OSS_ENDPOINT: ${ALIYUN_OSS_ENDPOINT:-}
ALIYUN_OSS_REGION: ${ALIYUN_OSS_REGION:-}
ALIYUN_OSS_AUTH_VERSION: ${ALIYUN_OSS_AUTH_VERSION:-v4}
ALIYUN_OSS_PATH: ${ALIYUN_OSS_PATH:-}
TENCENT_COS_BUCKET_NAME: ${TENCENT_COS_BUCKET_NAME:-}
TENCENT_COS_SECRET_KEY: ${TENCENT_COS_SECRET_KEY:-}
TENCENT_COS_SECRET_ID: ${TENCENT_COS_SECRET_ID:-}
TENCENT_COS_REGION: ${TENCENT_COS_REGION:-}
TENCENT_COS_SCHEME: ${TENCENT_COS_SCHEME:-}
HUAWEI_OBS_BUCKET_NAME: ${HUAWEI_OBS_BUCKET_NAME:-}
HUAWEI_OBS_SECRET_KEY: ${HUAWEI_OBS_SECRET_KEY:-}
HUAWEI_OBS_ACCESS_KEY: ${HUAWEI_OBS_ACCESS_KEY:-}
HUAWEI_OBS_SERVER: ${HUAWEI_OBS_SERVER:-}
OCI_ENDPOINT: ${OCI_ENDPOINT:-}
OCI_BUCKET_NAME: ${OCI_BUCKET_NAME:-}
OCI_ACCESS_KEY: ${OCI_ACCESS_KEY:-}
OCI_SECRET_KEY: ${OCI_SECRET_KEY:-}
OCI_REGION: ${OCI_REGION:-}
VOLCENGINE_TOS_BUCKET_NAME: ${VOLCENGINE_TOS_BUCKET_NAME:-}
VOLCENGINE_TOS_SECRET_KEY: ${VOLCENGINE_TOS_SECRET_KEY:-}
VOLCENGINE_TOS_ACCESS_KEY: ${VOLCENGINE_TOS_ACCESS_KEY:-}
VOLCENGINE_TOS_ENDPOINT: ${VOLCENGINE_TOS_ENDPOINT:-}
VOLCENGINE_TOS_REGION: ${VOLCENGINE_TOS_REGION:-}
VECTOR_STORE: ${VECTOR_STORE:-weaviate}
WEAVIATE_ENDPOINT: ${WEAVIATE_ENDPOINT:-http://weaviate:8080}
WEAVIATE_API_KEY: ${WEAVIATE_API_KEY:-WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih}
@@ -84,11 +103,10 @@ x-shared-env: &shared-api-worker-env
QDRANT_CLIENT_TIMEOUT: ${QDRANT_CLIENT_TIMEOUT:-20}
QDRANT_GRPC_ENABLED: ${QDRANT_GRPC_ENABLED:-false}
QDRANT_GRPC_PORT: ${QDRANT_GRPC_PORT:-6334}
MILVUS_HOST: ${MILVUS_HOST:-127.0.0.1}
MILVUS_PORT: ${MILVUS_PORT:-19530}
MILVUS_URI: ${MILVUS_URI:-http://127.0.0.1:19530}
MILVUS_TOKEN: ${MILVUS_TOKEN:-}
MILVUS_USER: ${MILVUS_USER:-root}
MILVUS_PASSWORD: ${MILVUS_PASSWORD:-Milvus}
MILVUS_SECURE: ${MILVUS_SECURE:-false}
MYSCALE_HOST: ${MYSCALE_HOST:-myscale}
MYSCALE_PORT: ${MYSCALE_PORT:-8123}
MYSCALE_USER: ${MYSCALE_USER:-default}
@@ -184,13 +202,18 @@ x-shared-env: &shared-api-worker-env
CODE_MAX_STRING_ARRAY_LENGTH: ${CODE_MAX_STRING_ARRAY_LENGTH:-30}
CODE_MAX_OBJECT_ARRAY_LENGTH: ${CODE_MAX_OBJECT_ARRAY_LENGTH:-30}
CODE_MAX_NUMBER_ARRAY_LENGTH: ${CODE_MAX_NUMBER_ARRAY_LENGTH:-1000}
WORKFLOW_MAX_EXECUTION_STEPS: ${WORKFLOW_MAX_EXECUTION_STEPS:-500}
WORKFLOW_MAX_EXECUTION_TIME: ${WORKFLOW_MAX_EXECUTION_TIME:-1200}
WORKFLOW_CALL_MAX_DEPTH: ${WORKFLOW_MAX_EXECUTION_TIME:-5}
SSRF_PROXY_HTTP_URL: ${SSRF_PROXY_HTTP_URL:-http://ssrf_proxy:3128}
SSRF_PROXY_HTTPS_URL: ${SSRF_PROXY_HTTPS_URL:-http://ssrf_proxy:3128}
HTTP_REQUEST_NODE_MAX_BINARY_SIZE: ${HTTP_REQUEST_NODE_MAX_BINARY_SIZE:-10485760}
HTTP_REQUEST_NODE_MAX_TEXT_SIZE: ${HTTP_REQUEST_NODE_MAX_TEXT_SIZE:-1048576}
services:
# API service
api:
image: langgenius/dify-api:0.7.2
image: langgenius/dify-api:0.8.3
restart: always
environment:
# Use the shared environment variables.
@@ -210,7 +233,7 @@ services:
# worker service
# The Celery worker for processing the queue.
worker:
image: langgenius/dify-api:0.7.2
image: langgenius/dify-api:0.8.3
restart: always
environment:
# Use the shared environment variables.
@@ -229,13 +252,14 @@ services:
# Frontend web application.
web:
image: langgenius/dify-web:0.7.2
image: langgenius/dify-web:0.8.3
restart: always
environment:
CONSOLE_API_URL: ${CONSOLE_API_URL:-}
APP_API_URL: ${APP_API_URL:-}
SENTRY_DSN: ${WEB_SENTRY_DSN:-}
NEXT_TELEMETRY_DISABLED: ${NEXT_TELEMETRY_DISABLED:-0}
TEXT_GENERATION_TIMEOUT_MS: ${TEXT_GENERATION_TIMEOUT_MS:-60000}
# The postgres database.
db:
@@ -274,7 +298,7 @@ services:
# The DifySandbox
sandbox:
image: langgenius/dify-sandbox:0.2.6
image: langgenius/dify-sandbox:0.2.9
restart: always
environment:
# The DifySandbox configurations
@@ -289,6 +313,8 @@ services:
SANDBOX_PORT: ${SANDBOX_PORT:-8194}
volumes:
- ./volumes/sandbox/dependencies:/dependencies
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8194/health" ]
networks:
- ssrf_proxy_network
@@ -301,12 +327,7 @@ services:
volumes:
- ./ssrf_proxy/squid.conf.template:/etc/squid/squid.conf.template
- ./ssrf_proxy/docker-entrypoint.sh:/docker-entrypoint-mount.sh
entrypoint:
[
"sh",
"-c",
"cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh",
]
entrypoint: [ "sh", "-c", "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh" ]
environment:
# pls clearly modify the squid env vars to fit your network environment.
HTTP_PORT: ${SSRF_HTTP_PORT:-3128}
@@ -353,12 +374,7 @@ services:
- ./volumes/certbot/conf/live:/etc/letsencrypt/live # cert dir (with certbot container)
- ./volumes/certbot/conf:/etc/letsencrypt
- ./volumes/certbot/www:/var/www/html
entrypoint:
[
"sh",
"-c",
"cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh",
]
entrypoint: [ "sh", "-c", "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh" ]
environment:
NGINX_SERVER_NAME: ${NGINX_SERVER_NAME:-_}
NGINX_HTTPS_ENABLED: ${NGINX_HTTPS_ENABLED:-false}
@@ -379,6 +395,9 @@ services:
depends_on:
- api
- web
# ports:
# - "${EXPOSE_NGINX_PORT:-80}:${NGINX_PORT:-80}"
# - "${EXPOSE_NGINX_SSL_PORT:-443}:${NGINX_SSL_PORT:-443}"
# The Weaviate vector store.
weaviate:
@@ -480,24 +499,25 @@ services:
- oracle
restart: always
volumes:
- type: volume
source: oradata
- source: oradata
type: volume
target: /opt/oracle/oradata
- ./startupscripts:/opt/oracle/scripts/startup
environment:
- ORACLE_PWD=${ORACLE_PWD:-Dify123456}
- ORACLE_CHARACTERSET=${ORACLE_CHARACTERSET:-AL32UTF8}
ORACLE_PWD: ${ORACLE_PWD:-Dify123456}
ORACLE_CHARACTERSET: ${ORACLE_CHARACTERSET:-AL32UTF8}
# Milvus vector database services
etcd:
# container_name: milvus-etcd
image: quay.io/coreos/etcd:v3.5.5
profiles:
- milvus
environment:
- ETCD_AUTO_COMPACTION_MODE=${ETCD_AUTO_COMPACTION_MODE:-revision}
- ETCD_AUTO_COMPACTION_RETENTION=${ETCD_AUTO_COMPACTION_RETENTION:-1000}
- ETCD_QUOTA_BACKEND_BYTES=${ETCD_QUOTA_BACKEND_BYTES:-4294967296}
- ETCD_SNAPSHOT_COUNT=${ETCD_SNAPSHOT_COUNT:-50000}
ETCD_AUTO_COMPACTION_MODE: ${ETCD_AUTO_COMPACTION_MODE:-revision}
ETCD_AUTO_COMPACTION_RETENTION: ${ETCD_AUTO_COMPACTION_RETENTION:-1000}
ETCD_QUOTA_BACKEND_BYTES: ${ETCD_QUOTA_BACKEND_BYTES:-4294967296}
ETCD_SNAPSHOT_COUNT: ${ETCD_SNAPSHOT_COUNT:-50000}
volumes:
- ./volumes/milvus/etcd:/etcd
command: etcd -advertise-client-urls=http://127.0.0.1:2379 -listen-client-urls http://0.0.0.0:2379 --data-dir /etcd
@@ -510,6 +530,7 @@ services:
- milvus
minio:
# container_name: milvus-minio
image: minio/minio:RELEASE.2023-03-20T20-16-18Z
profiles:
- milvus
@@ -528,6 +549,7 @@ services:
- milvus
milvus-standalone:
# container_name: milvus-standalone
image: milvusdb/milvus:v2.3.1
profiles:
- milvus
@@ -545,21 +567,25 @@ services:
timeout: 20s
retries: 3
depends_on:
- "etcd"
- "minio"
- etcd
- minio
# ports:
# - 19530:19530
# - 9091:9091
networks:
- milvus
# Opensearch vector database
opensearch:
# container_name: opensearch
image: opensearchproject/opensearch:latest
profiles:
- opensearch
environment:
- discovery.type=${OPENSEARCH_DISCOVERY_TYPE:-single-node}
- bootstrap.memory_lock=${OPENSEARCH_BOOTSTRAP_MEMORY_LOCK:-true}
- OPENSEARCH_JAVA_OPTS=-Xms${OPENSEARCH_JAVA_OPTS_MIN:-512m} -Xmx${OPENSEARCH_JAVA_OPTS_MAX:-1024m}
- OPENSEARCH_INITIAL_ADMIN_PASSWORD=${OPENSEARCH_INITIAL_ADMIN_PASSWORD:-Qazwsxedc!@#123}
discovery.type: ${OPENSEARCH_DISCOVERY_TYPE:-single-node}
bootstrap.memory_lock: ${OPENSEARCH_BOOTSTRAP_MEMORY_LOCK:-true}
OPENSEARCH_JAVA_OPTS: -Xms${OPENSEARCH_JAVA_OPTS_MIN:-512m} -Xmx${OPENSEARCH_JAVA_OPTS_MAX:-1024m}
OPENSEARCH_INITIAL_ADMIN_PASSWORD: ${OPENSEARCH_INITIAL_ADMIN_PASSWORD:-Qazwsxedc!@#123}
ulimits:
memlock:
soft: ${OPENSEARCH_MEMLOCK_SOFT:--1}
@@ -573,6 +599,7 @@ services:
- opensearch-net
opensearch-dashboards:
# container_name: opensearch-dashboards
image: opensearchproject/opensearch-dashboards:latest
profiles:
- opensearch
@@ -587,6 +614,7 @@ services:
# MyScale vector database
myscale:
# container_name: myscale
image: myscale/myscaledb:1.6.4
profiles:
- myscale
@@ -596,28 +624,32 @@ services:
- ./volumes/myscale/data:/var/lib/clickhouse
- ./volumes/myscale/log:/var/log/clickhouse-server
- ./volumes/myscale/config/users.d/custom_users_config.xml:/etc/clickhouse-server/users.d/custom_users_config.xml
# ports:
# - ${MYSCALE_PORT:-8123}:${MYSCALE_PORT:-8123}
# https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html
# https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#docker-prod-prerequisites
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.14.3
image: docker.elastic.co/elasticsearch/elasticsearch:8.15.1
# container_name: elasticsearch
profiles:
- elasticsearch
restart: always
volumes:
- dify_es01_data:/usr/share/elasticsearch/data
environment:
- ELASTIC_PASSWORD=${ELASTICSEARCH_PASSWORD:-elastic}
- cluster.name=dify-es-cluster
- node.name=dify-es0
- discovery.type=single-node
- xpack.license.self_generated.type=trial
- xpack.security.enabled=true
- xpack.security.enrollment.enabled=false
- xpack.security.http.ssl.enabled=false
ELASTIC_PASSWORD: ${ELASTICSEARCH_PASSWORD:-elastic}
cluster.name: dify-es-cluster
node.name: dify-es0
discovery.type: single-node
xpack.license.self_generated.type: trial
xpack.security.enabled: "true"
xpack.security.enrollment.enabled: "false"
xpack.security.http.ssl.enabled: "false"
# ports:
# - ${ELASTICSEARCH_PORT:-9200}:9200
healthcheck:
test:
["CMD", "curl", "-s", "http://localhost:9200/_cluster/health?pretty"]
test: [ "CMD", "curl", "-s", "http://localhost:9200/_cluster/health?pretty" ]
interval: 30s
timeout: 10s
retries: 50
@@ -625,22 +657,25 @@ services:
# https://www.elastic.co/guide/en/kibana/current/docker.html
# https://www.elastic.co/guide/en/kibana/current/settings.html
kibana:
image: docker.elastic.co/kibana/kibana:8.14.3
image: docker.elastic.co/kibana/kibana:8.15.1
# container_name: kibana
profiles:
- elasticsearch
depends_on:
- elasticsearch
restart: always
environment:
- XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY=d1a66dfd-c4d3-4a0a-8290-2abcb83ab3aa
- NO_PROXY=localhost,127.0.0.1,elasticsearch,kibana
- XPACK_SECURITY_ENABLED=true
- XPACK_SECURITY_ENROLLMENT_ENABLED=false
- XPACK_SECURITY_HTTP_SSL_ENABLED=false
- XPACK_FLEET_ISAIRGAPPED=true
- I18N_LOCALE=zh-CN
- SERVER_PORT=5601
- ELASTICSEARCH_HOSTS="http://elasticsearch:9200"
XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: d1a66dfd-c4d3-4a0a-8290-2abcb83ab3aa
NO_PROXY: localhost,127.0.0.1,elasticsearch,kibana
XPACK_SECURITY_ENABLED: "true"
XPACK_SECURITY_ENROLLMENT_ENABLED: "false"
XPACK_SECURITY_HTTP_SSL_ENABLED: "false"
XPACK_FLEET_ISAIRGAPPED: "true"
I18N_LOCALE: zh-CN
SERVER_PORT: "5601"
ELASTICSEARCH_HOSTS: http://elasticsearch:9200
# ports:
# - ${KIBANA_PORT:-5601}:5601
healthcheck:
test: [ "CMD-SHELL", "curl -s http://localhost:5601 >/dev/null || exit 1" ]
interval: 30s
+6 -6
View File
@@ -1,13 +1,13 @@
#!/usr/bin/env bash
DB_INITIALISED="/opt/oracle/oradata/dbinit"
#[ -f ${DB_INITIALISED} ] && exit
#touch ${DB_INITIALISED}
if [ -f ${DB_INITIALISED} ]; then
DB_INITIALIZED="/opt/oracle/oradata/dbinit"
#[ -f ${DB_INITIALIZED} ] && exit
#touch ${DB_INITIALIZED}
if [ -f ${DB_INITIALIZED} ]; then
echo 'File exists. Standards for have been Init'
exit
else
echo 'File does not exist. Standards for first time Strart up this DB'
echo 'File does not exist. Standards for first time Start up this DB'
"$ORACLE_HOME"/bin/sqlplus -s "/ as sysdba" @"/opt/oracle/scripts/startup/init_user.script";
touch ${DB_INITIALISED}
touch ${DB_INITIALIZED}
fi