2d7c9d3671
- introduce .env.example with 1140+ configuration options for API service and worker - enhance configuration coverage for database, redis, vector stores, and storage providers - add new datasource configuration options for website readers (jinareader, firecrawl, watercrawl) - expand vector store support with additional providers including matrixone, opengauss, tablestore, and vastbase - improve workflow configuration with enhanced storage options and security settings 📝 docs(dify): update configuration templates and documentation - enhance nginx configuration with improved variable substitution and MCP proxy support - update squid proxy configuration with additional security rules and increased buffer size - improve oracle database initialization scripts with world_lexer preference - update tidb configuration files and docker-compose for version compatibility ♻️ refactor(structure): reorganize project directory layout - move configuration files from conf/ subdirectory to app root for better clarity - rename envs/dify.env to dify.env for consistency - update file paths in docker-compose.yml to reflect new directory structure - remove redundant configuration files and consolidate volumes 🔧 chore(dify): simplify form configuration and remove obsolete scripts - remove database and vector store port configurations from data.yml form fields - eliminate obsolete initialization and upgrade scripts - add new pgvector docker-entrypoint.sh script for pg_bigm installation support - update docker-compose.yml with enhanced environment variables and service configurations |
||
|---|---|---|
| .. | ||
| README.md | ||
| docker-entrypoint.sh | ||
| update-cert.template.txt | ||
README.md
Launching new servers with SSL certificates
Short description
docker compose certbot configurations with Backward compatibility (without certbot container).
Use docker compose --profile certbot up to use this features.
The simplest way for launching new servers with SSL certificates
- Get letsencrypt certs
set.envvalues
execute command:NGINX_SSL_CERT_FILENAME=fullchain.pem NGINX_SSL_CERT_KEY_FILENAME=privkey.pem NGINX_ENABLE_CERTBOT_CHALLENGE=true CERTBOT_DOMAIN=your_domain.com CERTBOT_EMAIL=example@your_domain.com
then after the containers launched:docker network prune docker compose --profile certbot up --force-recreate -ddocker compose exec -it certbot /bin/sh /update-cert.sh - Edit
.envfile anddocker compose --profile certbot upagain.
set.envvalue additionally
execute command:NGINX_HTTPS_ENABLED=true
Then you can access your serve with HTTPS.docker compose --profile certbot up -d --no-deps --force-recreate nginx
https://your_domain.com
SSL certificates renewal
For SSL certificates renewal, execute commands below:
docker compose exec -it certbot /bin/sh /update-cert.sh
docker compose exec nginx nginx -s reload
Options for certbot
CERTBOT_OPTIONS key might be helpful for testing. i.e.,
CERTBOT_OPTIONS=--dry-run
To apply changes to CERTBOT_OPTIONS, regenerate the certbot container before updating the certificates.
docker compose --profile certbot up -d --no-deps --force-recreate certbot
docker compose exec -it certbot /bin/sh /update-cert.sh
Then, reload the nginx container if necessary.
docker compose exec nginx nginx -s reload
For legacy servers
To use cert files dir nginx/ssl as before, simply launch containers WITHOUT --profile certbot option.
docker compose up -d