mirror of
https://github.com/lobehub/lobe-chat.git
synced 2026-06-13 19:20:04 +00:00
YuTengjing
7ba15cceba
* 🔥 chore(docker-compose): remove Casdoor SSO dependency Casdoor is no longer needed since BetterAuth now supports email/password registration natively. LOBE-3907 * ♻️ refactor(docker-compose): restructure directories - Rename local/ to dev/ for development dependencies - Remove logto/ and zitadel/ from production/ - Restore Casdoor config in production/grafana/ - Simplify dev/ to core services only (postgresql, redis, rustfs, searxng) - Update docker-compose.development.yml to use dev/ - Remove minio-bucket.config.json (switched to rustfs) * ♻️ refactor(docker-compose): simplify dev environment setup - Remove docker-compose.development.yml, use dev/docker-compose.yml directly - Add npm scripts: dev:docker, dev:docker:down, dev:docker:reset - Simplify .env.example.development (remove variable refs, redundant vars) - Update docker-compose/dev/.env.example (consistent passwords) - Add docker-compose/dev/data/ to .gitignore - Update setup docs: use npm scripts, remove image generation section * 🔧 chore: add SSRF_ALLOW_PRIVATE_IP_ADDRESS to dev env example * 🔒 security: auto-generate KEY_VAULTS_SECRET and AUTH_SECRET in setup.sh - Remove hardcoded secrets from docker-compose.yml - Add placeholders to .env.example files - Generate secrets dynamically in setup.sh using openssl rand -base64 32 * 🔧 chore(docker-compose): expose SearXNG port and improve dev scripts - Add SearXNG port mapping (8180:8080) for host access - Use --wait flag in dev:docker to ensure services are healthy - Include db:migrate in dev:docker:reset for one-command reset - Update MinIO reference to RustFS in zh-CN docs - Add SearXNG to service URLs and port conflict docs
149 lines
3.8 KiB
YAML
149 lines
3.8 KiB
YAML
name: lobehub
|
|
services:
|
|
network-service:
|
|
image: alpine
|
|
container_name: lobe-network
|
|
restart: always
|
|
ports:
|
|
- '${RUSTFS_PORT}:9000' # RustFS API
|
|
- '9001:9001' # RustFS Console
|
|
- '${LOBE_PORT}:3210' # LobeChat
|
|
command: tail -f /dev/null
|
|
networks:
|
|
- lobe-network
|
|
|
|
postgresql:
|
|
image: paradedb/paradedb:latest-pg17
|
|
container_name: lobe-postgres
|
|
ports:
|
|
- '5432:5432'
|
|
volumes:
|
|
- './data:/var/lib/postgresql/data'
|
|
environment:
|
|
- 'POSTGRES_DB=${LOBE_DB_NAME}'
|
|
- 'POSTGRES_PASSWORD=${POSTGRES_PASSWORD}'
|
|
healthcheck:
|
|
test: ['CMD-SHELL', 'pg_isready -U postgres']
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
restart: always
|
|
networks:
|
|
- lobe-network
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: lobe-redis
|
|
ports:
|
|
- '6379:6379'
|
|
command: redis-server --save 60 1000 --appendonly yes
|
|
volumes:
|
|
- 'redis_data:/data'
|
|
healthcheck:
|
|
test: ['CMD', 'redis-cli', 'ping']
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 5
|
|
restart: always
|
|
networks:
|
|
- lobe-network
|
|
|
|
rustfs:
|
|
image: rustfs/rustfs:latest
|
|
container_name: lobe-rustfs
|
|
network_mode: 'service:network-service'
|
|
environment:
|
|
- RUSTFS_CONSOLE_ENABLE=true
|
|
- RUSTFS_ACCESS_KEY=${RUSTFS_ACCESS_KEY}
|
|
- RUSTFS_SECRET_KEY=${RUSTFS_SECRET_KEY}
|
|
volumes:
|
|
- rustfs-data:/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "wget -qO- http://localhost:9000/health >/dev/null 2>&1 || exit 1"]
|
|
interval: 5s
|
|
timeout: 3s
|
|
retries: 30
|
|
command: ["--access-key","${RUSTFS_ACCESS_KEY}","--secret-key","${RUSTFS_SECRET_KEY}","/data"]
|
|
|
|
rustfs-init:
|
|
image: minio/mc:latest
|
|
container_name: lobe-rustfs-init
|
|
depends_on:
|
|
rustfs:
|
|
condition: service_healthy
|
|
volumes:
|
|
- ./bucket.config.json:/bucket.config.json:ro
|
|
entrypoint: /bin/sh
|
|
command: -c '
|
|
set -eux;
|
|
echo "S3_ACCESS_KEY=${RUSTFS_ACCESS_KEY}, S3_SECRET_KEY=${RUSTFS_SECRET_KEY}";
|
|
mc --version;
|
|
mc alias set rustfs "http://network-service:9000" "${RUSTFS_ACCESS_KEY}" "${RUSTFS_SECRET_KEY}";
|
|
mc ls rustfs || true;
|
|
mc mb "rustfs/lobe" --ignore-existing;
|
|
mc admin info rustfs || true;
|
|
mc anonymous set-json "/bucket.config.json" "rustfs/lobe";
|
|
'
|
|
restart: "no"
|
|
networks:
|
|
- lobe-network
|
|
|
|
searxng:
|
|
image: searxng/searxng
|
|
container_name: lobe-searxng
|
|
volumes:
|
|
- './searxng-settings.yml:/etc/searxng/settings.yml'
|
|
environment:
|
|
- 'SEARXNG_SETTINGS_FILE=/etc/searxng/settings.yml'
|
|
restart: always
|
|
networks:
|
|
- lobe-network
|
|
env_file:
|
|
- .env
|
|
|
|
lobe:
|
|
image: lobehub/lobehub
|
|
container_name: lobehub
|
|
network_mode: 'service:network-service'
|
|
depends_on:
|
|
postgresql:
|
|
condition: service_healthy
|
|
network-service:
|
|
condition: service_started
|
|
rustfs:
|
|
condition: service_healthy
|
|
rustfs-init:
|
|
condition: service_completed_successfully
|
|
redis:
|
|
condition: service_healthy
|
|
environment:
|
|
- 'KEY_VAULTS_SECRET=${KEY_VAULTS_SECRET}'
|
|
- 'AUTH_SECRET=${AUTH_SECRET}'
|
|
- 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
|
|
- 'S3_BUCKET=${RUSTFS_LOBE_BUCKET}'
|
|
- 'S3_ENABLE_PATH_STYLE=1'
|
|
- 'S3_ACCESS_KEY=${RUSTFS_ACCESS_KEY}'
|
|
- 'S3_ACCESS_KEY_ID=${RUSTFS_ACCESS_KEY}'
|
|
- 'S3_SECRET_ACCESS_KEY=${RUSTFS_SECRET_KEY}'
|
|
- 'LLM_VISION_IMAGE_USE_BASE64=1'
|
|
- 'S3_SET_ACL=0'
|
|
- 'SEARXNG_URL=http://searxng:8080'
|
|
- 'REDIS_URL=redis://redis:6379'
|
|
- 'REDIS_PREFIX=lobechat'
|
|
- 'REDIS_TLS=0'
|
|
env_file:
|
|
- .env
|
|
restart: always
|
|
|
|
volumes:
|
|
data:
|
|
driver: local
|
|
redis_data:
|
|
driver: local
|
|
rustfs-data:
|
|
driver: local
|
|
|
|
networks:
|
|
lobe-network:
|
|
driver: bridge
|