先完整看一遍教程再操作!!!※
第一步(反代)※
做好反向代理,教程里所有的域名记得改成自己的,nas部署的记得加外网端口号,持久目录记得改成自己的实际路径
lobe:IP:3210 反代:ai.example.com
minio:IP:9000 反代:oss.example.com
minio:IP:9001 反代:ossweb.example.com(可选)
casdoor:IP:9527 反代:cd.example.com第二步(Casdoor配置文件)※
在/mnt/ssd/appdata/lobe/casdoor/conf下建立一个配置文件 app.conf,内容如下
appname = casdoor
httpport = 8000
runmode = dev
copyrequestbody = true
driverName = postgres
dataSourceName = "user=postgres password=uWNZugjBqixf8dxC host=postgresql port=5432 sslmode=disable dbname=lobe"
dbName = lobe
tableNamePrefix =
showSql = false
redisEndpoint =
defaultStorageProvider =
isCloudIntranet = false
authState = "casdoor"
socks5Proxy = "127.0.0.1:10808"
verificationCodeTimeout = 10
initScore = 0
logPostOnly = true
isUsernameLowered = false
origin =
originFrontend =
staticBaseUrl = "https://cdn.casbin.org"
isDemoMode = false
batchSize = 100
enableErrorMask = false
enableGzip = true
inactiveTimeoutMinutes =
ldapServerPort = 389
ldapsCertId = ""
ldapsServerPort = 636
radiusServerPort = 1812
radiusDefaultOrganization = "built-in"
radiusSecret = "secret"
quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}
logConfig = {"filename": "logs/casdoor.log", "maxdays":99999, "perm":"0770"}
initDataNewOnly = false
initDataFile = "./init_data.json"
frontendBaseDir = "../cc_0"第三步(启动)※
启动compose
第四步(MinIO配置)※
访问minio,ip:9001 建立存储桶并获取compose需要的参数,用户名和密码在compose里,自行修改
9001端口用于web管理minio,有需要就反代,比如部署在vps上,则需要web访问minio创建存储桶等操作
图里的ACCESSKY和Secret Key填到compose的
S3参数里S3_ACCESS_KEY_ID和S3_SECRET_ACCESS_KEY
第五步(Casdoor配置)※
casdoor配置,默认用户为admin,密码123,记得修改密码
上图的客户端id和密钥填到compose参数里,在鉴权服务提供商所需的环境变量部分AUTH_CASDOOR_ID和AUTH_CASDOOR_SECRET,添加重定向URL:https://ai.example.com/api/auth/callback/casdoor最好把下面的允许注册关掉,防止被白嫖
第六步(LobeChat启动)※
修改完所需变量后重新部署compose
Compose配置
name: lobe-chat-database
services:
postgresql:
image: pgvector/pgvector:pg16
container_name: lobe-postgres
# ports:
# - '5435:5432'
volumes:
- '/mnt/ssd/appdata/lobe/database:/var/lib/postgresql/data'
environment:
- 'POSTGRES_DB=lobe'
- 'POSTGRES_PASSWORD=uWNZugjBqixf8dxC'
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U postgres']
interval: 5s
timeout: 5s
retries: 5
restart: always
minio:
image: minio/minio
container_name: lobe-minio
ports:
- '9000:9000'
- '9001:9001'
volumes:
- '/mnt/ssd/appdata/lobe/minio/data:/etc/minio/data'
- '/mnt/ssd/appdata/lobe/minio/config:/root/.minio'
environment:
- 'MINIO_ROOT_USER=oss'
- 'MINIO_ROOT_PASSWORD=cJu53pUe&$854q'
- 'MINIO_DOMAIN=https://oss.example.com'
- 'MINIO_API_CORS_ALLOW_ORIGIN=https://ai.example.com' # Your LobeChat's domain name.
restart: always
command: >
server /etc/minio/data --address ":9000" --console-address ":9001"
casdoor:
container_name: lobe-casdoor
restart: always
image: casbin/casdoor:latest
ports:
- "9527:8000"
depends_on:
- postgresql
volumes:
- /mnt/ssd/appdata/lobe/casdoor/conf:/conf
lobe:
image: lobehub/lobe-chat-database
container_name: lobe-chat
restart: always
ports:
- '3210:3210'
depends_on:
- postgresql
- minio
- casdoor
environment:
- 'APP_URL=https://ai.example.com'
# Postgres 相关,也即 DB 必需的环境变量
# 必填,用于加密敏感信息的密钥,可以使用 openssl rand -base64 32 生成
- 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
- 'DATABASE_URL=postgresql://postgres:uWNZugjBqixf8dxC@postgresql:5432/lobe'
# NEXT_AUTH 相关,也即鉴权服务必需的环境变量
# 必填,用于 NextAuth 的密钥,可以使用 openssl rand -base64 32 生成
- 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
- 'NEXT_AUTH_SSO_PROVIDERS=casdoor'
- 'NEXTAUTH_URL=https://ai.example.com/api/auth'
# NextAuth 鉴权服务提供商部分,以 CASDOOR 为例
# 其他鉴权服务提供商所需的环境变量,请参考:https://lobehub.com/zh/docs/self-hosting/environment-variables/auth
- 'AUTH_CASDOOR_ID=000000' # 第五步获取的参数填这
- 'AUTH_CASDOOR_SECRET=000000' # 第五步获取的参数填这
- 'AUTH_CASDOOR_ISSUER=https://cd.example.com'
# 代理相关,如果你需要的话(比如你使用 GitHub 作为鉴权服务提供商)
# HTTP_PROXY=http://localhost:7890
# HTTPS_PROXY=http://localhost:7890
# S3 相关,也即非结构化数据(文件、图片等)存储必需的环境变量
# 这里以 MinIO 为例
# 必填,S3 的 Access Key ID,对于 MinIO 来说,直到在 MinIO UI 中手动创建之前都是无效的
- 'S3_ACCESS_KEY_ID=000000' # 第四步获取的参数填这
- 'S3_SECRET_ACCESS_KEY=000000' # 第四步获取的参数填这
- 'S3_ENDPOINT=https://oss.example.com'
- 'S3_BUCKET=lobe'
- 'S3_PUBLIC_DOMAIN=https://oss.example.com'
- 'S3_ENABLE_PATH_STYLE=1'来自疯子哥哥两个小时的部署测试结果
