KNet/onyx
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made coolify-ready

Browse source
This commit is contained in:
KARMACOMA 2025-12-13 19:44:44 +01:00
parent 964e1219bc
commit f4bf6fad60
3 changed files with 86 additions and 135 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
.env Normal file
View file

199
docker-compose.yml
View file

@ -37,11 +37,8 @@
name: onyx name: onyx
services: services:
api_server: onyx-api_server:
image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}} image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}}
build:
context: ../../backend
dockerfile: Dockerfile
command: > command: >
/bin/sh -c "alembic upgrade head && /bin/sh -c "alembic upgrade head &&
echo \"Starting Onyx Api Server\" && echo \"Starting Onyx Api Server\" &&
@ -51,12 +48,14 @@ services:
- path: .env - path: .env
required: false required: false
depends_on: depends_on:
- relational_db - onyx-relational_db
- index - onyx-index
- cache - onyx-cache
- inference_model_server - onyx-inference_model_server
- minio - onyx-minio
restart: unless-stopped restart: unless-stopped
expose:
- "8080"
# DEV: To expose ports, either: # DEV: To expose ports, either:
# 1. Use docker-compose.dev.yml: docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d # 1. Use docker-compose.dev.yml: docker compose -f docker-compose.yml -f docker-compose.dev.yml up -d
# 2. Uncomment the ports below # 2. Uncomment the ports below
@ -65,11 +64,11 @@ services:
environment: environment:
# Auth Settings # Auth Settings
- AUTH_TYPE=${AUTH_TYPE:-basic} - AUTH_TYPE=${AUTH_TYPE:-basic}
- POSTGRES_HOST=${POSTGRES_HOST:-relational_db} - POSTGRES_HOST=${POSTGRES_HOST:-onyx-relational_db}
- VESPA_HOST=${VESPA_HOST:-index} - VESPA_HOST=${VESPA_HOST:-onyx-index}
- REDIS_HOST=${REDIS_HOST:-cache} - REDIS_HOST=${REDIS_HOST:-onyx-cache}
- MODEL_SERVER_HOST=${MODEL_SERVER_HOST:-inference_model_server} - MODEL_SERVER_HOST=${MODEL_SERVER_HOST:-onyx-inference_model_server}
- S3_ENDPOINT_URL=${S3_ENDPOINT_URL:-http://minio:9000} - S3_ENDPOINT_URL=${S3_ENDPOINT_URL:-http://onyx-minio:9000}
- S3_AWS_ACCESS_KEY_ID=${S3_AWS_ACCESS_KEY_ID:-minioadmin} - S3_AWS_ACCESS_KEY_ID=${S3_AWS_ACCESS_KEY_ID:-minioadmin}
- S3_AWS_SECRET_ACCESS_KEY=${S3_AWS_SECRET_ACCESS_KEY:-minioadmin} - S3_AWS_SECRET_ACCESS_KEY=${S3_AWS_SECRET_ACCESS_KEY:-minioadmin}
# PRODUCTION: Uncomment the line below to use if IAM_AUTH is true and you are using iam auth for postgres # PRODUCTION: Uncomment the line below to use if IAM_AUTH is true and you are using iam auth for postgres
@ -84,13 +83,10 @@ services:
max-file: "6" max-file: "6"
# Optional, only for debugging purposes # Optional, only for debugging purposes
volumes: volumes:
- api_server_logs:/var/log/onyx - onyx-api_server_logs:/var/log/onyx
background: onyx-background:
image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}} image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}}
build:
context: ../../backend
dockerfile: Dockerfile
command: > command: >
/bin/sh -c " /bin/sh -c "
if [ -f /etc/ssl/certs/custom-ca.crt ]; then if [ -f /etc/ssl/certs/custom-ca.crt ]; then
@ -101,20 +97,20 @@ services:
- path: .env - path: .env
required: false required: false
depends_on: depends_on:
- relational_db - onyx-relational_db
- index - onyx-index
- cache - onyx-cache
- inference_model_server - onyx-inference_model_server
- indexing_model_server - onyx-indexing_model_server
restart: unless-stopped restart: unless-stopped
environment: environment:
- USE_LIGHTWEIGHT_BACKGROUND_WORKER=${USE_LIGHTWEIGHT_BACKGROUND_WORKER:-true} - USE_LIGHTWEIGHT_BACKGROUND_WORKER=${USE_LIGHTWEIGHT_BACKGROUND_WORKER:-true}
- POSTGRES_HOST=${POSTGRES_HOST:-relational_db} - POSTGRES_HOST=${POSTGRES_HOST:-onyx-relational_db}
- VESPA_HOST=${VESPA_HOST:-index} - VESPA_HOST=${VESPA_HOST:-onyx-index}
- REDIS_HOST=${REDIS_HOST:-cache} - REDIS_HOST=${REDIS_HOST:-onyx-cache}
- MODEL_SERVER_HOST=${MODEL_SERVER_HOST:-inference_model_server} - MODEL_SERVER_HOST=${MODEL_SERVER_HOST:-onyx-inference_model_server}
- INDEXING_MODEL_SERVER_HOST=${INDEXING_MODEL_SERVER_HOST:-indexing_model_server} - INDEXING_MODEL_SERVER_HOST=${INDEXING_MODEL_SERVER_HOST:-onyx-indexing_model_server}
- S3_ENDPOINT_URL=${S3_ENDPOINT_URL:-http://minio:9000} - S3_ENDPOINT_URL=${S3_ENDPOINT_URL:-http://onyx-minio:9000}
- S3_AWS_ACCESS_KEY_ID=${S3_AWS_ACCESS_KEY_ID:-minioadmin} - S3_AWS_ACCESS_KEY_ID=${S3_AWS_ACCESS_KEY_ID:-minioadmin}
- S3_AWS_SECRET_ACCESS_KEY=${S3_AWS_SECRET_ACCESS_KEY:-minioadmin} - S3_AWS_SECRET_ACCESS_KEY=${S3_AWS_SECRET_ACCESS_KEY:-minioadmin}
# PRODUCTION: Uncomment the line below to use if IAM_AUTH is true and you are using iam auth for postgres # PRODUCTION: Uncomment the line below to use if IAM_AUTH is true and you are using iam auth for postgres
@ -124,7 +120,7 @@ services:
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
# Optional, only for debugging purposes # Optional, only for debugging purposes
volumes: volumes:
- background_logs:/var/log/onyx - onyx-background_logs:/var/log/onyx
logging: logging:
driver: json-file driver: json-file
options: options:
@ -140,36 +136,29 @@ services:
# # Maps to the CA_CERT_PATH environment variable in the Dockerfile # # Maps to the CA_CERT_PATH environment variable in the Dockerfile
# - ${CA_CERT_PATH:-./custom-ca.crt}:/etc/ssl/certs/custom-ca.crt:ro # - ${CA_CERT_PATH:-./custom-ca.crt}:/etc/ssl/certs/custom-ca.crt:ro
web_server: onyx-web_server:
image: ${ONYX_WEB_SERVER_IMAGE:-onyxdotapp/onyx-web-server:${IMAGE_TAG:-latest}} image: ${ONYX_WEB_SERVER_IMAGE:-onyxdotapp/onyx-web-server:${IMAGE_TAG:-latest}}
build:
context: ../../web
dockerfile: Dockerfile
args:
- NEXT_PUBLIC_POSITIVE_PREDEFINED_FEEDBACK_OPTIONS=${NEXT_PUBLIC_POSITIVE_PREDEFINED_FEEDBACK_OPTIONS:-}
- NEXT_PUBLIC_NEGATIVE_PREDEFINED_FEEDBACK_OPTIONS=${NEXT_PUBLIC_NEGATIVE_PREDEFINED_FEEDBACK_OPTIONS:-}
- NEXT_PUBLIC_DISABLE_LOGOUT=${NEXT_PUBLIC_DISABLE_LOGOUT:-}
- NEXT_PUBLIC_DEFAULT_SIDEBAR_OPEN=${NEXT_PUBLIC_DEFAULT_SIDEBAR_OPEN:-}
- NEXT_PUBLIC_FORGOT_PASSWORD_ENABLED=${NEXT_PUBLIC_FORGOT_PASSWORD_ENABLED:-}
# Enterprise Edition only
- NEXT_PUBLIC_THEME=${NEXT_PUBLIC_THEME:-}
# DO NOT TURN ON unless you have EXPLICIT PERMISSION from Onyx.
- NEXT_PUBLIC_DO_NOT_USE_TOGGLE_OFF_DANSWER_POWERED=${NEXT_PUBLIC_DO_NOT_USE_TOGGLE_OFF_DANSWER_POWERED:-false}
- NODE_OPTIONS=${NODE_OPTIONS:-"--max-old-space-size=4096"}
env_file: env_file:
- path: .env - path: .env
required: false required: false
depends_on: depends_on:
- api_server - onyx-api_server
restart: unless-stopped restart: unless-stopped
expose:
- "3000"
environment: environment:
- INTERNAL_URL=${INTERNAL_URL:-http://api_server:8080} - INTERNAL_URL=${INTERNAL_URL:-http://onyx-api_server:8080}
- NEXT_PUBLIC_POSITIVE_PREDEFINED_FEEDBACK_OPTIONS=${NEXT_PUBLIC_POSITIVE_PREDEFINED_FEEDBACK_OPTIONS:-}
- NEXT_PUBLIC_NEGATIVE_PREDEFINED_FEEDBACK_OPTIONS=${NEXT_PUBLIC_NEGATIVE_PREDEFINED_FEEDBACK_OPTIONS:-}
- NEXT_PUBLIC_DISABLE_LOGOUT=${NEXT_PUBLIC_DISABLE_LOGOUT:-}
- NEXT_PUBLIC_DEFAULT_SIDEBAR_OPEN=${NEXT_PUBLIC_DEFAULT_SIDEBAR_OPEN:-}
- NEXT_PUBLIC_FORGOT_PASSWORD_ENABLED=${NEXT_PUBLIC_FORGOT_PASSWORD_ENABLED:-}
- NEXT_PUBLIC_THEME=${NEXT_PUBLIC_THEME:-}
- NEXT_PUBLIC_DO_NOT_USE_TOGGLE_OFF_DANSWER_POWERED=${NEXT_PUBLIC_DO_NOT_USE_TOGGLE_OFF_DANSWER_POWERED:-true}
- NODE_OPTIONS=${NODE_OPTIONS:-"--max-old-space-size=4096"}
mcp_server: onyx-mcp_server:
image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}} image: ${ONYX_BACKEND_IMAGE:-onyxdotapp/onyx-backend:${IMAGE_TAG:-latest}}
build:
context: ../../backend
dockerfile: Dockerfile
command: > command: >
/bin/sh -c "if [ \"${MCP_SERVER_ENABLED:-}\" != \"True\" ] && [ \"${MCP_SERVER_ENABLED:-}\" != \"true\" ]; then /bin/sh -c "if [ \"${MCP_SERVER_ENABLED:-}\" != \"True\" ] && [ \"${MCP_SERVER_ENABLED:-}\" != \"true\" ]; then
echo 'MCP server is disabled (MCP_SERVER_ENABLED=false), skipping...'; echo 'MCP server is disabled (MCP_SERVER_ENABLED=false), skipping...';
@ -181,18 +170,18 @@ services:
- path: .env - path: .env
required: false required: false
depends_on: depends_on:
- relational_db - onyx-relational_db
- cache - onyx-cache
restart: "no" restart: "no"
environment: environment:
- POSTGRES_HOST=${POSTGRES_HOST:-relational_db} - POSTGRES_HOST=${POSTGRES_HOST:-onyx-relational_db}
- REDIS_HOST=${REDIS_HOST:-cache} - REDIS_HOST=${REDIS_HOST:-onyx-cache}
# MCP Server Configuration # MCP Server Configuration
- MCP_SERVER_ENABLED=${MCP_SERVER_ENABLED:-false} - MCP_SERVER_ENABLED=${MCP_SERVER_ENABLED:-false}
- MCP_SERVER_PORT=${MCP_SERVER_PORT:-8090} - MCP_SERVER_PORT=${MCP_SERVER_PORT:-8090}
- MCP_SERVER_CORS_ORIGINS=${MCP_SERVER_CORS_ORIGINS:-} - MCP_SERVER_CORS_ORIGINS=${MCP_SERVER_CORS_ORIGINS:-}
- API_SERVER_PROTOCOL=${API_SERVER_PROTOCOL:-http} - API_SERVER_PROTOCOL=${API_SERVER_PROTOCOL:-http}
- API_SERVER_HOST=${API_SERVER_HOST:-api_server} - API_SERVER_HOST=${API_SERVER_HOST:-onyx-api_server}
- API_SERVER_PORT=${API_SERVER_PORT:-8080} - API_SERVER_PORT=${API_SERVER_PORT:-8080}
extra_hosts: extra_hosts:
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
@ -203,13 +192,10 @@ services:
max-file: "6" max-file: "6"
# Optional, only for debugging purposes # Optional, only for debugging purposes
volumes: volumes:
- mcp_server_logs:/var/log/onyx - onyx-mcp_server_logs:/var/log/onyx
inference_model_server: onyx-inference_model_server:
image: ${ONYX_MODEL_SERVER_IMAGE:-onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}} image: ${ONYX_MODEL_SERVER_IMAGE:-onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}}
build:
context: ../../backend
dockerfile: Dockerfile.model_server
# GPU Support: Uncomment the following lines to enable GPU support # GPU Support: Uncomment the following lines to enable GPU support
# Requires nvidia-container-toolkit to be installed on the host # Requires nvidia-container-toolkit to be installed on the host
# deploy: # deploy:
@ -232,20 +218,17 @@ services:
restart: unless-stopped restart: unless-stopped
volumes: volumes:
# Not necessary, this is just to reduce download time during startup # Not necessary, this is just to reduce download time during startup
- model_cache_huggingface:/app/.cache/huggingface/ - onyx-model_cache_huggingface:/app/.cache/huggingface/
# Optional, only for debugging purposes # Optional, only for debugging purposes
- inference_model_server_logs:/var/log/onyx - onyx-inference_model_server_logs:/var/log/onyx
logging: logging:
driver: json-file driver: json-file
options: options:
max-size: "50m" max-size: "50m"
max-file: "6" max-file: "6"
indexing_model_server: onyx-indexing_model_server:
image: ${ONYX_MODEL_SERVER_IMAGE:-onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}} image: ${ONYX_MODEL_SERVER_IMAGE:-onyxdotapp/onyx-model-server:${IMAGE_TAG:-latest}}
build:
context: ../../backend
dockerfile: Dockerfile.model_server
# GPU Support: Uncomment the following lines to enable GPU support # GPU Support: Uncomment the following lines to enable GPU support
# Requires nvidia-container-toolkit to be installed on the host # Requires nvidia-container-toolkit to be installed on the host
# deploy: # deploy:
@ -270,16 +253,16 @@ services:
- INDEXING_ONLY=True - INDEXING_ONLY=True
volumes: volumes:
# Not necessary, this is just to reduce download time during startup # Not necessary, this is just to reduce download time during startup
- indexing_huggingface_model_cache:/app/.cache/huggingface/ - onyx-indexing_huggingface_model_cache:/app/.cache/huggingface/
# Optional, only for debugging purposes # Optional, only for debugging purposes
- indexing_model_server_logs:/var/log/onyx - onyx-indexing_model_server_logs:/var/log/onyx
logging: logging:
driver: json-file driver: json-file
options: options:
max-size: "50m" max-size: "50m"
max-file: "6" max-file: "6"
relational_db: onyx-relational_db:
image: postgres:15.2-alpine image: postgres:15.2-alpine
shm_size: 1g shm_size: 1g
command: -c 'max_connections=250' command: -c 'max_connections=250'
@ -297,10 +280,10 @@ services:
# ports: # ports:
# - "5432:5432" # - "5432:5432"
volumes: volumes:
- db_volume:/var/lib/postgresql/data - onyx-db_volume:/var/lib/postgresql/data
# This container name cannot have an underscore in it due to Vespa expectations of the URL # This container name cannot have an underscore in it due to Vespa expectations of the URL
index: onyx-index:
image: vespaengine/vespa:8.609.39 image: vespaengine/vespa:8.609.39
restart: unless-stopped restart: unless-stopped
env_file: env_file:
@ -315,54 +298,14 @@ services:
# - "19071:19071" # - "19071:19071"
# - "8081:8081" # - "8081:8081"
volumes: volumes:
- vespa_volume:/opt/vespa/var - onyx-vespa_volume:/opt/vespa/var
logging: logging:
driver: json-file driver: json-file
options: options:
max-size: "50m" max-size: "50m"
max-file: "6" max-file: "6"
nginx: onyx-cache:
image: nginx:1.25.5-alpine
restart: unless-stopped
# nginx will immediately crash with `nginx: [emerg] host not found in upstream`
# if api_server / web_server are not up
depends_on:
- api_server
- web_server
env_file:
- path: .env
required: false
environment:
- DOMAIN=localhost
# Nginx proxy timeout settings (in seconds)
- NGINX_PROXY_CONNECT_TIMEOUT=${NGINX_PROXY_CONNECT_TIMEOUT:-300}
- NGINX_PROXY_SEND_TIMEOUT=${NGINX_PROXY_SEND_TIMEOUT:-300}
- NGINX_PROXY_READ_TIMEOUT=${NGINX_PROXY_READ_TIMEOUT:-300}
ports:
- "${HOST_PORT_80:-80}:80"
- "${HOST_PORT:-3000}:80" # allow for localhost:3000 usage, since that is the norm
volumes:
- ../data/nginx:/etc/nginx/conf.d
# PRODUCTION: Add SSL certificate volumes for HTTPS support:
# - ../data/certbot/conf:/etc/letsencrypt
# - ../data/certbot/www:/var/www/certbot
logging:
driver: json-file
options:
max-size: "50m"
max-file: "6"
# The specified script waits for the api_server to start up.
# Without this we've seen issues where nginx shows no error logs but
# does not receive any traffic
# NOTE: we have to use dos2unix to remove Carriage Return chars from the file
# in order to make this work on both Unix-like systems and windows
# PRODUCTION: Change to app.conf.template.prod for production nginx config
command: >
/bin/sh -c "dos2unix /etc/nginx/conf.d/run-nginx.sh
&& /etc/nginx/conf.d/run-nginx.sh app.conf.template"
cache:
image: redis:7.4-alpine image: redis:7.4-alpine
restart: unless-stopped restart: unless-stopped
# DEV: To expose ports, either: # DEV: To expose ports, either:
@ -380,7 +323,7 @@ services:
tmpfs: tmpfs:
- /data - /data
minio: onyx-minio:
image: minio/minio:RELEASE.2025-07-23T15-54-02Z-cpuv1 image: minio/minio:RELEASE.2025-07-23T15-54-02Z-cpuv1
restart: unless-stopped restart: unless-stopped
# DEV: To expose ports, either: # DEV: To expose ports, either:
@ -398,7 +341,7 @@ services:
# Note: we've seen the default bucket creation logic not work in some cases # Note: we've seen the default bucket creation logic not work in some cases
MINIO_DEFAULT_BUCKETS: ${S3_FILE_STORE_BUCKET_NAME:-onyx-file-store-bucket} MINIO_DEFAULT_BUCKETS: ${S3_FILE_STORE_BUCKET_NAME:-onyx-file-store-bucket}
volumes: volumes:
- minio_data:/data - onyx-minio_data:/data
command: server /data --console-address ":9001" command: server /data --console-address ":9001"
healthcheck: healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"] test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
@ -406,7 +349,7 @@ services:
timeout: 20s timeout: 20s
retries: 3 retries: 3
code-interpreter: onyx-code-interpreter:
image: onyxdotapp/code-interpreter:${CODE_INTERPRETER_IMAGE_TAG:-latest} image: onyxdotapp/code-interpreter:${CODE_INTERPRETER_IMAGE_TAG:-latest}
entrypoint: ["/bin/bash", "-c"] entrypoint: ["/bin/bash", "-c"]
command: > command: >
@ -447,15 +390,15 @@ services:
volumes: volumes:
# Necessary for persisting data for use # Necessary for persisting data for use
db_volume: onyx-db_volume:
vespa_volume: # Created by the container itself onyx-vespa_volume: # Created by the container itself
minio_data: onyx-minio_data:
# Caches to prevent re-downloading models, not strictly necessary # Caches to prevent re-downloading models, not strictly necessary
model_cache_huggingface: onyx-model_cache_huggingface:
indexing_huggingface_model_cache: onyx-indexing_huggingface_model_cache:
# Logs preserved across container restarts # Logs preserved across container restarts
api_server_logs: onyx-api_server_logs:
background_logs: onyx-background_logs:
mcp_server_logs: onyx-mcp_server_logs:
inference_model_server_logs: onyx-inference_model_server_logs:
indexing_model_server_logs: onyx-indexing_model_server_logs:

22
env.template
View file

@ -54,7 +54,7 @@ POSTGRES_PASSWORD=password
# DB_READONLY_PASSWORD= # DB_READONLY_PASSWORD=
## MinIO/S3 Configuration ## MinIO/S3 Configuration
S3_ENDPOINT_URL=http://minio:9000 S3_ENDPOINT_URL=http://onyx-minio:9000
S3_AWS_ACCESS_KEY_ID=minioadmin S3_AWS_ACCESS_KEY_ID=minioadmin
S3_AWS_SECRET_ACCESS_KEY=minioadmin S3_AWS_SECRET_ACCESS_KEY=minioadmin
S3_FILE_STORE_BUCKET_NAME=onyx-file-store-bucket S3_FILE_STORE_BUCKET_NAME=onyx-file-store-bucket
@ -223,9 +223,17 @@ LOG_INDIVIDUAL_MODEL_TOKENS=False
# NEXT_PUBLIC_CUSTOM_REFRESH_URL= # NEXT_PUBLIC_CUSTOM_REFRESH_URL=
## Pointer to services ## Pointer to services
POSTGRES_HOST=relational_db POSTGRES_HOST=onyx-relational_db
VESPA_HOST=index VESPA_HOST=onyx-index
REDIS_HOST=cache REDIS_HOST=onyx-cache
MODEL_SERVER_HOST=inference_model_server MODEL_SERVER_HOST=onyx-inference_model_server
INDEXING_MODEL_SERVER_HOST=indexing_model_server INDEXING_MODEL_SERVER_HOST=onyx-indexing_model_server
INTERNAL_URL=http://api_server:8080 INTERNAL_URL=http://onyx-api_server:8080
## Traefik / Coolify routing
# Hostname (no scheme) Traefik should route to, e.g. onyx.example.com
TRAEFIK_HOSTNAME=onyx.example.com
# Comma separated entrypoints that Coolify/Traefik exposes (usually websecure)
TRAEFIK_ENTRYPOINTS=websecure
# Optional cert resolver name inside Traefik
TRAEFIK_CERT_RESOLVER=coolify