OpenSource
/
dify
關注 4
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 152 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6500 提交
4 分支
目錄樹: 1.9.0
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '1.9.0'
${ noResults }
dify/docker/docker-compose.middleware.yaml

docker-compose.middleware.yaml 8.9KB
原始文件 永久連結 Blame 歷史記錄

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214 
  1. services:

  2.   # The postgres database.

  3.   db:

  4.     image: postgres:15-alpine

  5.     restart: always

  6.     env_file:

  7.       - ./middleware.env

  8.     environment:

  9.       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-difyai123456}

  10.       POSTGRES_DB: ${POSTGRES_DB:-dify}

  11.       PGDATA: ${PGDATA:-/var/lib/postgresql/data/pgdata}

  12.     command: >

  13.       postgres -c 'max_connections=${POSTGRES_MAX_CONNECTIONS:-100}'

  14.                -c 'shared_buffers=${POSTGRES_SHARED_BUFFERS:-128MB}'

  15.                -c 'work_mem=${POSTGRES_WORK_MEM:-4MB}'

  16.                -c 'maintenance_work_mem=${POSTGRES_MAINTENANCE_WORK_MEM:-64MB}'

  17.                -c 'effective_cache_size=${POSTGRES_EFFECTIVE_CACHE_SIZE:-4096MB}'

  18.     volumes:

  19.       - ${PGDATA_HOST_VOLUME:-./volumes/db/data}:/var/lib/postgresql/data

  20.     ports:

  21.       - "${EXPOSE_POSTGRES_PORT:-5432}:5432"

  22.     healthcheck:

  23.       test:

  24.         [

  25.           "CMD",

  26.           "pg_isready",

  27.           "-h",

  28.           "db",

  29.           "-U",

  30.           "${PGUSER:-postgres}",

  31.           "-d",

  32.           "${POSTGRES_DB:-dify}",

  33.         ]

  34.       interval: 1s

  35.       timeout: 3s

  36.       retries: 30

  37. 

  38.   # The redis cache.

  39.   redis:

  40.     image: redis:6-alpine

  41.     restart: always

  42.     env_file:

  43.       - ./middleware.env

  44.     environment:

  45.       REDISCLI_AUTH: ${REDIS_PASSWORD:-difyai123456}

  46.     volumes:

  47.       # Mount the redis data directory to the container.

  48.       - ${REDIS_HOST_VOLUME:-./volumes/redis/data}:/data

  49.     # Set the redis password when startup redis server.

  50.     command: redis-server --requirepass ${REDIS_PASSWORD:-difyai123456}

  51.     ports:

  52.       - "${EXPOSE_REDIS_PORT:-6379}:6379"

  53.     healthcheck:

  54.       test:

  55.         [

  56.           "CMD-SHELL",

  57.           "redis-cli -a ${REDIS_PASSWORD:-difyai123456} ping | grep -q PONG",

  58.         ]

  59. 

  60.   # The DifySandbox

  61.   sandbox:

  62.     image: langgenius/dify-sandbox:0.2.12

  63.     restart: always

  64.     env_file:

  65.       - ./middleware.env

  66.     environment:

  67.       # The DifySandbox configurations

  68.       # Make sure you are changing this key for your deployment with a strong key.

  69.       # You can generate a strong key using `openssl rand -base64 42`.

  70.       API_KEY: ${SANDBOX_API_KEY:-dify-sandbox}

  71.       GIN_MODE: ${SANDBOX_GIN_MODE:-release}

  72.       WORKER_TIMEOUT: ${SANDBOX_WORKER_TIMEOUT:-15}

  73.       ENABLE_NETWORK: ${SANDBOX_ENABLE_NETWORK:-true}

  74.       HTTP_PROXY: ${SANDBOX_HTTP_PROXY:-http://ssrf_proxy:3128}

  75.       HTTPS_PROXY: ${SANDBOX_HTTPS_PROXY:-http://ssrf_proxy:3128}

  76.       SANDBOX_PORT: ${SANDBOX_PORT:-8194}

  77.       PIP_MIRROR_URL: ${PIP_MIRROR_URL:-}

  78.     volumes:

  79.       - ./volumes/sandbox/dependencies:/dependencies

  80.       - ./volumes/sandbox/conf:/conf

  81.     healthcheck:

  82.       test: ["CMD", "curl", "-f", "http://localhost:8194/health"]

  83.     networks:

  84.       - ssrf_proxy_network

  85. 

  86.   # plugin daemon

  87.   plugin_daemon:

  88.     image: langgenius/dify-plugin-daemon:0.3.0-local

  89.     restart: always

  90.     env_file:

  91.       - ./middleware.env

  92.     environment:

  93.       # Use the shared environment variables.

  94.       DB_HOST: ${DB_HOST:-db}

  95.       DB_PORT: ${DB_PORT:-5432}

  96.       DB_USERNAME: ${DB_USER:-postgres}

  97.       DB_PASSWORD: ${DB_PASSWORD:-difyai123456}

  98.       DB_DATABASE: ${DB_PLUGIN_DATABASE:-dify_plugin}

  99.       REDIS_HOST: ${REDIS_HOST:-redis}

  100.       REDIS_PORT: ${REDIS_PORT:-6379}

  101.       REDIS_PASSWORD: ${REDIS_PASSWORD:-difyai123456}

  102.       SERVER_PORT: ${PLUGIN_DAEMON_PORT:-5002}

  103.       SERVER_KEY: ${PLUGIN_DAEMON_KEY:-lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi}

  104.       MAX_PLUGIN_PACKAGE_SIZE: ${PLUGIN_MAX_PACKAGE_SIZE:-52428800}

  105.       PPROF_ENABLED: ${PLUGIN_PPROF_ENABLED:-false}

  106.       DIFY_INNER_API_URL: ${PLUGIN_DIFY_INNER_API_URL:-http://host.docker.internal:5001}

  107.       DIFY_INNER_API_KEY: ${PLUGIN_DIFY_INNER_API_KEY:-QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1}

  108.       PLUGIN_REMOTE_INSTALLING_HOST: ${PLUGIN_DEBUGGING_HOST:-0.0.0.0}

  109.       PLUGIN_REMOTE_INSTALLING_PORT: ${PLUGIN_DEBUGGING_PORT:-5003}

  110.       PLUGIN_WORKING_PATH: ${PLUGIN_WORKING_PATH:-/app/storage/cwd}

  111.       PYTHON_ENV_INIT_TIMEOUT: ${PLUGIN_PYTHON_ENV_INIT_TIMEOUT:-120}

  112.       PLUGIN_MAX_EXECUTION_TIMEOUT: ${PLUGIN_MAX_EXECUTION_TIMEOUT:-600}

  113.       PIP_MIRROR_URL: ${PIP_MIRROR_URL:-}

  114.       PLUGIN_STORAGE_TYPE: ${PLUGIN_STORAGE_TYPE:-local}

  115.       PLUGIN_STORAGE_LOCAL_ROOT: ${PLUGIN_STORAGE_LOCAL_ROOT:-/app/storage}

  116.       PLUGIN_INSTALLED_PATH: ${PLUGIN_INSTALLED_PATH:-plugin}

  117.       PLUGIN_PACKAGE_CACHE_PATH: ${PLUGIN_PACKAGE_CACHE_PATH:-plugin_packages}

  118.       PLUGIN_MEDIA_CACHE_PATH: ${PLUGIN_MEDIA_CACHE_PATH:-assets}

  119.       PLUGIN_STORAGE_OSS_BUCKET: ${PLUGIN_STORAGE_OSS_BUCKET:-}

  120.       S3_USE_AWS: ${PLUGIN_S3_USE_AWS:-false}

  121.       S3_USE_AWS_MANAGED_IAM: ${PLUGIN_S3_USE_AWS_MANAGED_IAM:-false}

  122.       S3_ENDPOINT: ${PLUGIN_S3_ENDPOINT:-}

  123.       S3_USE_PATH_STYLE: ${PLUGIN_S3_USE_PATH_STYLE:-false}

  124.       AWS_ACCESS_KEY: ${PLUGIN_AWS_ACCESS_KEY:-}

  125.       AWS_SECRET_KEY: ${PLUGIN_AWS_SECRET_KEY:-}

  126.       AWS_REGION: ${PLUGIN_AWS_REGION:-}

  127.       AZURE_BLOB_STORAGE_CONNECTION_STRING: ${PLUGIN_AZURE_BLOB_STORAGE_CONNECTION_STRING:-}

  128.       AZURE_BLOB_STORAGE_CONTAINER_NAME: ${PLUGIN_AZURE_BLOB_STORAGE_CONTAINER_NAME:-}

  129.       TENCENT_COS_SECRET_KEY: ${PLUGIN_TENCENT_COS_SECRET_KEY:-}

  130.       TENCENT_COS_SECRET_ID: ${PLUGIN_TENCENT_COS_SECRET_ID:-}

  131.       TENCENT_COS_REGION: ${PLUGIN_TENCENT_COS_REGION:-}

  132.       ALIYUN_OSS_REGION: ${PLUGIN_ALIYUN_OSS_REGION:-}

  133.       ALIYUN_OSS_ENDPOINT: ${PLUGIN_ALIYUN_OSS_ENDPOINT:-}

  134.       ALIYUN_OSS_ACCESS_KEY_ID: ${PLUGIN_ALIYUN_OSS_ACCESS_KEY_ID:-}

  135.       ALIYUN_OSS_ACCESS_KEY_SECRET: ${PLUGIN_ALIYUN_OSS_ACCESS_KEY_SECRET:-}

  136.       ALIYUN_OSS_AUTH_VERSION: ${PLUGIN_ALIYUN_OSS_AUTH_VERSION:-v4}

  137.       ALIYUN_OSS_PATH: ${PLUGIN_ALIYUN_OSS_PATH:-}

  138.       VOLCENGINE_TOS_ENDPOINT: ${PLUGIN_VOLCENGINE_TOS_ENDPOINT:-}

  139.       VOLCENGINE_TOS_ACCESS_KEY: ${PLUGIN_VOLCENGINE_TOS_ACCESS_KEY:-}

  140.       VOLCENGINE_TOS_SECRET_KEY: ${PLUGIN_VOLCENGINE_TOS_SECRET_KEY:-}

  141.       VOLCENGINE_TOS_REGION: ${PLUGIN_VOLCENGINE_TOS_REGION:-}

  142.       THIRD_PARTY_SIGNATURE_VERIFICATION_ENABLED: true

  143.       THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS: /app/keys/publickey.pem

  144.       FORCE_VERIFYING_SIGNATURE: false

  145.     ports:

  146.       - "${EXPOSE_PLUGIN_DAEMON_PORT:-5002}:${PLUGIN_DAEMON_PORT:-5002}"

  147.       - "${EXPOSE_PLUGIN_DEBUGGING_PORT:-5003}:${PLUGIN_DEBUGGING_PORT:-5003}"

  148.     volumes:

  149.       - ./volumes/plugin_daemon:/app/storage

  150. 

  151.   # ssrf_proxy server

  152.   # for more information, please refer to

  153.   # https://docs.dify.ai/learn-more/faq/install-faq#18-why-is-ssrf-proxy-needed%3F

  154.   ssrf_proxy:

  155.     image: ubuntu/squid:latest

  156.     restart: always

  157.     volumes:

  158.       - ./ssrf_proxy/squid.conf.template:/etc/squid/squid.conf.template

  159.       - ./ssrf_proxy/docker-entrypoint.sh:/docker-entrypoint-mount.sh

  160.     entrypoint:

  161.       [

  162.         "sh",

  163.         "-c",

  164.         "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh",

  165.       ]

  166.     env_file:

  167.       - ./middleware.env

  168.     environment:

  169.       # pls clearly modify the squid env vars to fit your network environment.

  170.       HTTP_PORT: ${SSRF_HTTP_PORT:-3128}

  171.       COREDUMP_DIR: ${SSRF_COREDUMP_DIR:-/var/spool/squid}

  172.       REVERSE_PROXY_PORT: ${SSRF_REVERSE_PROXY_PORT:-8194}

  173.       SANDBOX_HOST: ${SSRF_SANDBOX_HOST:-sandbox}

  174.       SANDBOX_PORT: ${SANDBOX_PORT:-8194}

  175.     ports:

  176.       - "${EXPOSE_SSRF_PROXY_PORT:-3128}:${SSRF_HTTP_PORT:-3128}"

  177.       - "${EXPOSE_SANDBOX_PORT:-8194}:${SANDBOX_PORT:-8194}"

  178.     networks:

  179.       - ssrf_proxy_network

  180.       - default

  181. 

  182.   # The Weaviate vector store.

  183.   weaviate:

  184.     image: semitechnologies/weaviate:1.19.0

  185.     profiles:

  186.       - ""

  187.       - weaviate

  188.     restart: always

  189.     volumes:

  190.       # Mount the Weaviate data directory to the container.

  191.       - ${WEAVIATE_HOST_VOLUME:-./volumes/weaviate}:/var/lib/weaviate

  192.     env_file:

  193.       - ./middleware.env

  194.     environment:

  195.       # The Weaviate configurations

  196.       # You can refer to the [Weaviate](https://weaviate.io/developers/weaviate/config-refs/env-vars) documentation for more information.

  197.       PERSISTENCE_DATA_PATH: ${WEAVIATE_PERSISTENCE_DATA_PATH:-/var/lib/weaviate}

  198.       QUERY_DEFAULTS_LIMIT: ${WEAVIATE_QUERY_DEFAULTS_LIMIT:-25}

  199.       AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: ${WEAVIATE_AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED:-false}

  200.       DEFAULT_VECTORIZER_MODULE: ${WEAVIATE_DEFAULT_VECTORIZER_MODULE:-none}

  201.       CLUSTER_HOSTNAME: ${WEAVIATE_CLUSTER_HOSTNAME:-node1}

  202.       AUTHENTICATION_APIKEY_ENABLED: ${WEAVIATE_AUTHENTICATION_APIKEY_ENABLED:-true}

  203.       AUTHENTICATION_APIKEY_ALLOWED_KEYS: ${WEAVIATE_AUTHENTICATION_APIKEY_ALLOWED_KEYS:-WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih}

  204.       AUTHENTICATION_APIKEY_USERS: ${WEAVIATE_AUTHENTICATION_APIKEY_USERS:-hello@dify.ai}

  205.       AUTHORIZATION_ADMINLIST_ENABLED: ${WEAVIATE_AUTHORIZATION_ADMINLIST_ENABLED:-true}

  206.       AUTHORIZATION_ADMINLIST_USERS: ${WEAVIATE_AUTHORIZATION_ADMINLIST_USERS:-hello@dify.ai}

  207.     ports:

  208.       - "${EXPOSE_WEAVIATE_PORT:-8080}:8080"

  209. 

  210. networks:

  211.   # create a network between sandbox, api and ssrf_proxy, and can not access outside.

  212.   ssrf_proxy_network:

  213.     driver: bridge

  214.     internal: true