version: '3.1' services: # API service api: image: langgenius/dify-api:0.3.1 restart: always environment: # Startup mode, 'api' starts the API server. MODE: api # The log level for the application. Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL` LOG_LEVEL: INFO # A secret key that is used for securely signing the session cookie and encrypting sensitive information on the database. You can generate a strong key using `openssl rand -base64 42`. SECRET_KEY: sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U # The base URL of console application, refers to the Console base URL of WEB service if console domain is # different from api or web app domain. # example: http://cloud.dify.ai CONSOLE_URL: '' # The URL for Service API endpoints,refers to the base URL of the current API service if api domain is # different from console domain. # example: http://api.dify.ai API_URL: '' # The URL for Web APP, refers to the Web App base URL of WEB service if web app domain is different from # console or api domain. # example: http://udify.app APP_URL: '' # When enabled, migrations will be executed prior to application startup and the application will start after the migrations have completed. MIGRATION_ENABLED: 'true' # The configurations of postgres database connection. # It is consistent with the configuration in the 'db' service below. DB_USERNAME: postgres DB_PASSWORD: difyai123456 DB_HOST: db DB_PORT: 5432 DB_DATABASE: dify # The configurations of redis connection. # It is consistent with the configuration in the 'redis' service below. REDIS_HOST: redis REDIS_PORT: 6379 REDIS_USERNAME: '' REDIS_PASSWORD: difyai123456 REDIS_USE_SSL: 'false' # use redis db 0 for redis cache REDIS_DB: 0 # The configurations of session, Supported values are `sqlalchemy`. `redis` SESSION_TYPE: redis SESSION_REDIS_HOST: redis SESSION_REDIS_PORT: 6379 SESSION_REDIS_USERNAME: '' SESSION_REDIS_PASSWORD: difyai123456 SESSION_REDIS_USE_SSL: 'false' # use redis db 2 for session store SESSION_REDIS_DB: 2 # The configurations of celery broker. # Use redis as the broker, and redis db 1 for celery broker. CELERY_BROKER_URL: redis://:difyai123456@redis:6379/1 # Specifies the allowed origins for cross-origin requests to the Web API, e.g. https://dify.app or * for all origins. WEB_API_CORS_ALLOW_ORIGINS: '*' # Specifies the allowed origins for cross-origin requests to the console API, e.g. https://cloud.dify.ai or * for all origins. CONSOLE_CORS_ALLOW_ORIGINS: '*' # CSRF Cookie settings # Controls whether a cookie is sent with cross-site requests, # providing some protection against cross-site request forgery attacks # # Default: `SameSite=Lax, Secure=false, HttpOnly=true` # This default configuration supports same-origin requests using either HTTP or HTTPS, # but does not support cross-origin requests. It is suitable for local debugging purposes. # # If you want to enable cross-origin support, # you must use the HTTPS protocol and set the configuration to `SameSite=None, Secure=true, HttpOnly=true`. # # For **production** purposes, please set `SameSite=Lax, Secure=true, HttpOnly=true`. COOKIE_HTTPONLY: 'true' COOKIE_SAMESITE: 'Lax' COOKIE_SECURE: 'false' # The type of storage to use for storing user files. Supported values are `local` and `s3`, Default: `local` STORAGE_TYPE: local # The path to the local storage directory, the directory relative the root path of API service codes or absolute path. Default: `storage` or `/home/john/storage`. # only available when STORAGE_TYPE is `local`. STORAGE_LOCAL_PATH: storage # The S3 storage configurations, only available when STORAGE_TYPE is `s3`. S3_ENDPOINT: 'https://xxx.r2.cloudflarestorage.com' S3_BUCKET_NAME: 'difyai' S3_ACCESS_KEY: 'ak-difyai' S3_SECRET_KEY: 'sk-difyai' S3_REGION: 'us-east-1' # The type of vector store to use. Supported values are `weaviate`, `qdrant`. VECTOR_STORE: weaviate # The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`. WEAVIATE_ENDPOINT: http://weaviate:8080 # The Weaviate API key. WEAVIATE_API_KEY: WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih # The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`. QDRANT_URL: 'https://your-qdrant-cluster-url.qdrant.tech/' # The Qdrant API key. QDRANT_API_KEY: 'ak-difyai' # The DSN for Sentry error reporting. If not set, Sentry error reporting will be disabled. SENTRY_DSN: '' # The sample rate for Sentry events. Default: `1.0` SENTRY_TRACES_SAMPLE_RATE: 1.0 # The sample rate for Sentry profiles. Default: `1.0` SENTRY_PROFILES_SAMPLE_RATE: 1.0 depends_on: - db - redis - weaviate volumes: # Mount the storage directory to the container, for storing user files. - ./volumes/app/storage:/app/api/storage # worker service # The Celery worker for processing the queue. worker: image: langgenius/dify-api:0.3.1 restart: always environment: # Startup mode, 'worker' starts the Celery worker for processing the queue. MODE: worker # --- All the configurations below are the same as those in the 'api' service. --- # The log level for the application. Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL` LOG_LEVEL: INFO # A secret key that is used for securely signing the session cookie and encrypting sensitive information on the database. You can generate a strong key using `openssl rand -base64 42`. # same as the API service SECRET_KEY: sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U # The configurations of postgres database connection. # It is consistent with the configuration in the 'db' service below. DB_USERNAME: postgres DB_PASSWORD: difyai123456 DB_HOST: db DB_PORT: 5432 DB_DATABASE: dify # The configurations of redis cache connection. REDIS_HOST: redis REDIS_PORT: 6379 REDIS_USERNAME: '' REDIS_PASSWORD: difyai123456 REDIS_DB: 0 REDIS_USE_SSL: 'false' # The configurations of celery broker. CELERY_BROKER_URL: redis://:difyai123456@redis:6379/1 # The type of storage to use for storing user files. Supported values are `local` and `s3`, Default: `local` STORAGE_TYPE: local STORAGE_LOCAL_PATH: storage # The Vector store configurations. VECTOR_STORE: weaviate WEAVIATE_ENDPOINT: http://weaviate:8080 WEAVIATE_API_KEY: WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih depends_on: - db - redis - weaviate volumes: # Mount the storage directory to the container, for storing user files. - ./volumes/app/storage:/app/api/storage # Frontend web application. web: image: langgenius/dify-web:0.3.1 restart: always environment: EDITION: SELF_HOSTED # The base URL of console application, refers to the Console base URL of WEB service if console domain is # different from api or web app domain. # example: http://cloud.dify.ai CONSOLE_URL: '' # The URL for Web APP, refers to the Web App base URL of WEB service if web app domain is different from # console or api domain. # example: http://udify.app APP_URL: '' # The postgres database. db: image: postgres:15-alpine restart: always environment: # The password for the default postgres user. POSTGRES_PASSWORD: difyai123456 # The name of the default postgres database. POSTGRES_DB: dify # postgres data directory PGDATA: /var/lib/postgresql/data/pgdata volumes: - ./volumes/db/data:/var/lib/postgresql/data ports: - "5432:5432" # The redis cache. redis: image: redis:6-alpine restart: always volumes: # Mount the redis data directory to the container. - ./volumes/redis/data:/data # Set the redis password when startup redis server. command: redis-server --requirepass difyai123456 # The Weaviate vector store. weaviate: image: semitechnologies/weaviate:1.18.4 restart: always volumes: # Mount the Weaviate data directory to the container. - ./volumes/weaviate:/var/lib/weaviate environment: # The Weaviate configurations # You can refer to the [Weaviate](https://weaviate.io/developers/weaviate/config-refs/env-vars) documentation for more information. QUERY_DEFAULTS_LIMIT: 25 AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'false' PERSISTENCE_DATA_PATH: '/var/lib/weaviate' DEFAULT_VECTORIZER_MODULE: 'none' CLUSTER_HOSTNAME: 'node1' AUTHENTICATION_APIKEY_ENABLED: 'true' AUTHENTICATION_APIKEY_ALLOWED_KEYS: 'WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih' AUTHENTICATION_APIKEY_USERS: 'hello@dify.ai' AUTHORIZATION_ADMINLIST_ENABLED: 'true' AUTHORIZATION_ADMINLIST_USERS: 'hello@dify.ai' # The nginx reverse proxy. # used for reverse proxying the API service and Web service. nginx: image: nginx:latest volumes: - ./nginx/nginx.conf:/etc/nginx/nginx.conf - ./nginx/proxy.conf:/etc/nginx/proxy.conf - ./nginx/conf.d:/etc/nginx/conf.d depends_on: - api - web ports: - "80:80"