Skip to content

Commit

Permalink
Merge branch 'main' of https://github.com/lobehub/lobe-chat
Browse files Browse the repository at this point in the history
  • Loading branch information
@actions-user
actions-user committed Sep 29, 2024
2 parents b99ac16 + 86736db commit 5396eb3
Show file tree
Hide file tree
Showing 7 changed files with 291 additions and 121 deletions.
17 changes: 17 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,23 @@

# Changelog

### [Version 1.20.5](https://github.com/lobehub/lobe-chat/compare/v1.20.4...v1.20.5)

<sup>Released on **2024-09-29**</sup>

<br/>

<details>
<summary><kbd>Improvements and Fixes</kbd></summary>

</details>

<div align="right">

[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)

</div>

### [Version 1.20.4](https://github.com/lobehub/lobe-chat/compare/v1.20.3...v1.20.4)

<sup>Released on **2024-09-28**</sup>
Expand Down
86 changes: 37 additions & 49 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Base image for all the stages
## Base image for all building stages
FROM node:20-slim AS base

ARG USE_CN_MIRROR
Expand All @@ -10,19 +10,22 @@ RUN \
if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
sed -i "s/deb.debian.org/mirrors.ustc.edu.cn/g" "/etc/apt/sources.list.d/debian.sources"; \
fi \
# Add required package & update base package
# Add required package
&& apt update \
&& apt install busybox proxychains-ng -qy \
&& apt full-upgrade -qy \
&& apt autoremove -qy --purge \
&& apt clean -qy \
# Configure BusyBox
&& busybox --install -s \
# Add nextjs:nodejs to run the app
&& addgroup --system --gid 1001 nodejs \
&& adduser --system --home "/app" --gid 1001 -uid 1001 nextjs \
# Set permission for nextjs:nodejs
&& chown -R nextjs:nodejs "/etc/proxychains4.conf" \
&& apt install ca-certificates proxychains-ng -qy \
# Prepare required package to distroless
&& mkdir -p /distroless/bin /distroless/etc /distroless/etc/ssl/certs /distroless/lib \
# Copy proxychains to distroless
&& cp /usr/lib/$(arch)-linux-gnu/libproxychains.so.4 /distroless/lib/libproxychains.so.4 \
&& cp /usr/lib/$(arch)-linux-gnu/libdl.so.2 /distroless/lib/libdl.so.2 \
&& cp /usr/bin/proxychains4 /distroless/bin/proxychains \
&& cp /etc/proxychains4.conf /distroless/etc/proxychains4.conf \
# Copy node to distroless
&& cp /usr/lib/$(arch)-linux-gnu/libstdc++.so.6 /distroless/lib/libstdc++.so.6 \
&& cp /usr/lib/$(arch)-linux-gnu/libgcc_s.so.1 /distroless/lib/libgcc_s.so.1 \
&& cp /usr/local/bin/node /distroless/bin/node \
# Copy CA certificates to distroless
&& cp /etc/ssl/certs/ca-certificates.crt /distroless/etc/ssl/certs/ca-certificates.crt \
# Cleanup temp files
&& rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/*

Expand Down Expand Up @@ -61,6 +64,7 @@ RUN \
if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
export SENTRYCLI_CDNURL="https://npmmirror.com/mirrors/sentry-cli"; \
npm config set registry "https://registry.npmmirror.com/"; \
echo 'canvas_binary_host_mirror=https://npmmirror.com/mirrors/canvas' >> .npmrc; \
fi \
# Set the registry for corepack
&& export COREPACK_NPM_REGISTRY=$(npm config get registry | sed 's/\/$//') \
Expand All @@ -80,7 +84,9 @@ COPY . .
RUN npm run build:docker

## Application image, copy all the files for production
FROM scratch AS app
FROM busybox:latest AS app

COPY --from=base /distroless/ /

COPY --from=builder /app/public /app/public

Expand All @@ -90,13 +96,25 @@ COPY --from=builder /app/.next/standalone /app/
COPY --from=builder /app/.next/static /app/.next/static
COPY --from=builder /deps/node_modules/.pnpm /app/node_modules/.pnpm

# Copy server launcher
COPY --from=builder /app/scripts/serverLauncher/startServer.js /app/startServer.js

RUN \
# Add nextjs:nodejs to run the app
addgroup -S -g 1001 nodejs \
&& adduser -D -G nodejs -H -S -h /app -u 1001 nextjs \
# Set permission for nextjs:nodejs
&& chown -R nextjs:nodejs /app /etc/proxychains4.conf

## Production image, copy all the files and run next
FROM base
FROM scratch

# Copy all the files from app, set the correct permission for prerender cache
COPY --from=app --chown=nextjs:nodejs /app /app
COPY --from=app / /

ENV NODE_ENV="production" \
NODE_OPTIONS="--use-openssl-ca" \
NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt" \
NODE_TLS_REJECT_UNAUTHORIZED=""

# set hostname to localhost
Expand Down Expand Up @@ -176,36 +194,6 @@ USER nextjs

EXPOSE 3210/tcp

CMD \
if [ -n "$PROXY_URL" ]; then \
# Set regex for IPv4
IP_REGEX="^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$"; \
# Set proxychains command
PROXYCHAINS="proxychains -q"; \
# Parse the proxy URL
host_with_port="${PROXY_URL#*//}"; \
host="${host_with_port%%:*}"; \
port="${PROXY_URL##*:}"; \
protocol="${PROXY_URL%%://*}"; \
# Resolve to IP address if the host is a domain
if ! [[ "$host" =~ "$IP_REGEX" ]]; then \
nslookup=$(nslookup -q="A" "$host" | tail -n +3 | grep 'Address:'); \
if [ -n "$nslookup" ]; then \
host=$(echo "$nslookup" | tail -n 1 | awk '{print $2}'); \
fi; \
fi; \
# Generate proxychains configuration file
printf "%s\n" \
'localnet 127.0.0.0/255.0.0.0' \
'localnet ::1/128' \
'proxy_dns' \
'remote_dns_subnet 224' \
'strict_chain' \
'tcp_connect_time_out 8000' \
'tcp_read_time_out 15000' \
'[ProxyList]' \
"$protocol $host $port" \
> "/etc/proxychains4.conf"; \
fi; \
# Run the server
${PROXYCHAINS} node "/app/server.js";
ENTRYPOINT ["/bin/node"]

CMD ["/app/startServer.js"]
90 changes: 37 additions & 53 deletions Dockerfile.database
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Base image for all the stages
## Base image for all building stages
FROM node:20-slim AS base

ARG USE_CN_MIRROR
Expand All @@ -10,19 +10,22 @@ RUN \
if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
sed -i "s/deb.debian.org/mirrors.ustc.edu.cn/g" "/etc/apt/sources.list.d/debian.sources"; \
fi \
# Add required package & update base package
# Add required package
&& apt update \
&& apt install busybox proxychains-ng -qy \
&& apt full-upgrade -qy \
&& apt autoremove -qy --purge \
&& apt clean -qy \
# Configure BusyBox
&& busybox --install -s \
# Add nextjs:nodejs to run the app
&& addgroup --system --gid 1001 nodejs \
&& adduser --system --home "/app" --gid 1001 -uid 1001 nextjs \
# Set permission for nextjs:nodejs
&& chown -R nextjs:nodejs "/etc/proxychains4.conf" \
&& apt install ca-certificates proxychains-ng -qy \
# Prepare required package to distroless
&& mkdir -p /distroless/bin /distroless/etc /distroless/etc/ssl/certs /distroless/lib \
# Copy proxychains to distroless
&& cp /usr/lib/$(arch)-linux-gnu/libproxychains.so.4 /distroless/lib/libproxychains.so.4 \
&& cp /usr/lib/$(arch)-linux-gnu/libdl.so.2 /distroless/lib/libdl.so.2 \
&& cp /usr/bin/proxychains4 /distroless/bin/proxychains \
&& cp /etc/proxychains4.conf /distroless/etc/proxychains4.conf \
# Copy node to distroless
&& cp /usr/lib/$(arch)-linux-gnu/libstdc++.so.6 /distroless/lib/libstdc++.so.6 \
&& cp /usr/lib/$(arch)-linux-gnu/libgcc_s.so.1 /distroless/lib/libgcc_s.so.1 \
&& cp /usr/local/bin/node /distroless/bin/node \
# Copy CA certificates to distroless
&& cp /etc/ssl/certs/ca-certificates.crt /distroless/etc/ssl/certs/ca-certificates.crt \
# Cleanup temp files
&& rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/*

Expand Down Expand Up @@ -65,6 +68,7 @@ RUN \
if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
export SENTRYCLI_CDNURL="https://npmmirror.com/mirrors/sentry-cli"; \
npm config set registry "https://registry.npmmirror.com/"; \
echo 'canvas_binary_host_mirror=https://npmmirror.com/mirrors/canvas' >> .npmrc; \
fi \
# Set the registry for corepack
&& export COREPACK_NPM_REGISTRY=$(npm config get registry | sed 's/\/$//') \
Expand All @@ -84,7 +88,9 @@ COPY . .
RUN npm run build:docker

## Application image, copy all the files for production
FROM scratch AS app
FROM busybox:latest AS app

COPY --from=base /distroless/ /

COPY --from=builder /app/public /app/public

Expand All @@ -103,13 +109,25 @@ COPY --from=builder /app/src/database/server/migrations /app/migrations
COPY --from=builder /app/scripts/migrateServerDB/docker.cjs /app/docker.cjs
COPY --from=builder /app/scripts/migrateServerDB/errorHint.js /app/errorHint.js

# Copy server launcher
COPY --from=builder /app/scripts/serverLauncher/startServer.js /app/startServer.js

RUN \
# Add nextjs:nodejs to run the app
addgroup -S -g 1001 nodejs \
&& adduser -D -G nodejs -H -S -h /app -u 1001 nextjs \
# Set permission for nextjs:nodejs
&& chown -R nextjs:nodejs /app /etc/proxychains4.conf

## Production image, copy all the files and run next
FROM base
FROM scratch

# Copy all the files from app, set the correct permission for prerender cache
COPY --from=app --chown=nextjs:nodejs /app /app
COPY --from=app / /

ENV NODE_ENV="production" \
NODE_OPTIONS="--use-openssl-ca" \
NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt" \
NODE_TLS_REJECT_UNAUTHORIZED=""

# set hostname to localhost
Expand Down Expand Up @@ -208,40 +226,6 @@ USER nextjs

EXPOSE 3210/tcp

CMD \
if [ -n "$PROXY_URL" ]; then \
# Set regex for IPv4
IP_REGEX="^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$"; \
# Set proxychains command
PROXYCHAINS="proxychains -q"; \
# Parse the proxy URL
host_with_port="${PROXY_URL#*//}"; \
host="${host_with_port%%:*}"; \
port="${PROXY_URL##*:}"; \
protocol="${PROXY_URL%%://*}"; \
# Resolve to IP address if the host is a domain
if ! [[ "$host" =~ "$IP_REGEX" ]]; then \
nslookup=$(nslookup -q="A" "$host" | tail -n +3 | grep 'Address:'); \
if [ -n "$nslookup" ]; then \
host=$(echo "$nslookup" | tail -n 1 | awk '{print $2}'); \
fi; \
fi; \
# Generate proxychains configuration file
printf "%s\n" \
'localnet 127.0.0.0/255.0.0.0' \
'localnet ::1/128' \
'proxy_dns' \
'remote_dns_subnet 224' \
'strict_chain' \
'tcp_connect_time_out 8000' \
'tcp_read_time_out 15000' \
'[ProxyList]' \
"$protocol $host $port" \
> "/etc/proxychains4.conf"; \
fi; \
# Run migration
node "/app/docker.cjs"; \
if [ "$?" -eq "0" ]; then \
# Run the server
${PROXYCHAINS} node "/app/server.js"; \
fi;
ENTRYPOINT ["/bin/node"]

CMD ["/app/startServer.js"]
18 changes: 9 additions & 9 deletions docs/self-hosting/server-database/docker-compose.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ docker compose up -d
- `Redirect URI` should be `http://localhost:3210/api/auth/callback/logto`
- `Post sign-out redirect URI` should be `http://localhost:3210/`

3. Obtain the `App ID` and `App secrets`, and fill them into your `.env` file corresponding to `LOGTO_CLIENT_ID` and `LOGTO_CLIENT_SECRET`.
3. Obtain the `App ID` and `App secrets`, and fill them into your `.env` file corresponding to `AUTH_LOGTO_ID` and `AUTH_LOGTO_SECRET`.

### Configure MinIO S3

Expand Down Expand Up @@ -258,9 +258,9 @@ You need to first access the WebUI for configuration:
src="https://github.com/user-attachments/assets/5b816379-c07b-40ea-bde4-df16e2e4e523"
/>

5. Obtain `App ID` and `App secrets`, and fill them into your `.env` file under `LOGTO_CLIENT_ID` and `LOGTO_CLIENT_SECRET`.
5. Obtain `App ID` and `App secrets`, and fill them into your `.env` file under `AUTH_LOGTO_ID` and `AUTH_LOGTO_SECRET`.

6. Set `LOGTO_ISSUER` in your `.env` file to `https://lobe-auth-api.example.com/oidc`.
6. Set `AUTH_LOGTO_ISSUER` in your `.env` file to `https://lobe-auth-api.example.com/oidc`.

<Image
alt="Configure environment variables"
Expand Down Expand Up @@ -349,8 +349,8 @@ To facilitate one-click copying, here are the example configuration files needed

```sh
# Logto secret
LOGTO_CLIENT_ID=
LOGTO_CLIENT_SECRET=
AUTH_LOGTO_ID=
AUTH_LOGTO_SECRET=
# MinIO S3 configuration
MINIO_ROOT_USER=YOUR_MINIO_USER
Expand Down Expand Up @@ -467,7 +467,7 @@ services:
- 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
- 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
- 'NEXTAUTH_URL=http://localhost:${LOBE_PORT}/api/auth'
- 'LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
- 'AUTH_LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
- 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
- 'S3_ENDPOINT=http://localhost:${MINIO_PORT}'
- 'S3_BUCKET=${MINIO_LOBE_BUCKET}'
Expand Down Expand Up @@ -519,9 +519,9 @@ NEXTAUTH_URL=https://lobe.example.com/api/auth
# NextAuth providers configuration (example using Logto)
# For other providers, see: https://lobehub.com/docs/self-hosting/environment-variables/auth
LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
AUTH_LOGTO_ID=YOUR_LOGTO_CLIENT_ID
AUTH_LOGTO_SECRET=YOUR_LOGTO_CLIENT_SECRET
AUTH_LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
# Proxy settings (if needed, e.g., when using GitHub as an auth provider)
# HTTP_PROXY=http://localhost:7890
Expand Down
18 changes: 9 additions & 9 deletions docs/self-hosting/server-database/docker-compose.zh-CN.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ docker compose up -d
- `Redirect URI``http://localhost:3210/api/auth/callback/logto`
- `Post sign-out redirect URI``http://localhost:3210/`

3. 获取 `App ID``App secrets`,填入 `.env` 文件中对应的 `LOGTO_CLIENT_ID``LOGTO_CLIENT_SECRETT`
3. 获取 `App ID``App secrets`,填入 `.env` 文件中对应的 `AUTH_LOGTO_ID``AUTH_LOGTO_SECRET`

### 配置 MinIO S3

Expand Down Expand Up @@ -256,9 +256,9 @@ docker compose up -d # 重新启动
src="https://github.com/user-attachments/assets/5b816379-c07b-40ea-bde4-df16e2e4e523"
/>

5. 获取 `App ID``App secrets`,填入你的 `.env` 文件中的 `LOGTO_CLIENT_ID``LOGTO_CLIENT_SECRETT`
5. 获取 `App ID``App secrets`,填入你的 `.env` 文件中的 `AUTH_LOGTO_ID``AUTH_LOGTO_SECRET`

6. 配置你的 `.env` 文件中 `LOGTO_ISSUER``https://lobe-auth-api.example.com/oidc`
6. 配置你的 `.env` 文件中 `AUTH_LOGTO_ISSUER``https://lobe-auth-api.example.com/oidc`

<Image
alt="配置 Logto 环境变量"
Expand Down Expand Up @@ -346,8 +346,8 @@ docker compose up -d # 重新启动

```sh
# Logto secret
LOGTO_CLIENT_ID=
LOGTO_CLIENT_SECRET=
AUTH_LOGTO_ID=
AUTH_LOGTO_SECRET=
# MinIO S3 配置
MINIO_ROOT_USER=YOUR_MINIO_USER
Expand Down Expand Up @@ -464,7 +464,7 @@ services:
- 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
- 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
- 'NEXTAUTH_URL=http://localhost:${LOBE_PORT}/api/auth'
- 'LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
- 'AUTH_LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
- 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
- 'S3_ENDPOINT=http://localhost:${MINIO_PORT}'
- 'S3_BUCKET=${MINIO_LOBE_BUCKET}'
Expand Down Expand Up @@ -515,9 +515,9 @@ NEXTAUTH_URL=https://lobe.example.com/api/auth
# NextAuth 鉴权服务提供商部分,以 Logto 为例
# 其他鉴权服务提供商所需的环境变量,请参考:https://lobehub.com/zh/docs/self-hosting/environment-variables/auth
LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
AUTH_LOGTO_ID=YOUR_LOGTO_CLIENT_ID
AUTH_LOGTO_SECRET=YOUR_LOGTO_CLIENT_SECRET
AUTH_LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
# 代理相关,如果你需要的话(比如你使用 GitHub 作为鉴权服务提供商)
# HTTP_PROXY=http://localhost:7890
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@lobehub/chat",
"version": "1.20.4",
"version": "1.20.5",
"description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
"keywords": [
"framework",
Expand Down
Loading

0 comments on commit 5396eb3

Please sign in to comment.