docker/service_conf.yaml.template

ragflow:
  host: ${RAGFLOW_HOST:-0.0.0.0}
  http_port: 9380
mysql:
  name: '${MYSQL_DBNAME:-rag_flow}'
  user: '${MYSQL_USER:-root}'
  password: '${MYSQL_PASSWORD:-infini_rag_flow}'
  host: '${MYSQL_HOST:-mysql}'
  port: 3306
  max_connections: 100
  stale_timeout: 30
minio:
  user: '${MINIO_USER:-rag_flow}'
  password: '${MINIO_PASSWORD:-infini_rag_flow}'
  host: '${MINIO_HOST:-minio}:9000'
es:
  hosts: 'http://${ES_HOST:-es01}:9200'
  username: '${ES_USER:-elastic}'
  password: '${ELASTIC_PASSWORD:-infini_rag_flow}'
os:
  hosts: 'http://${OS_HOST:-opensearch01}:9201'
  username: '${OS_USER:-admin}'
  password: '${OPENSEARCHH_PASSWORD:-infini_rag_flow_OS_01}'
infinity:
  uri: '${INFINITY_HOST:-infinity}:23817'
  db_name: 'default_db'
redis:
  db: 1
  password: '${REDIS_PASSWORD:-infini_rag_flow}'
  host: '${REDIS_HOST:-redis}:6379'

# postgres:
#   name: '${POSTGRES_DBNAME:-rag_flow}'
#   user: '${POSTGRES_USER:-rag_flow}'
#   password: '${POSTGRES_PASSWORD:-infini_rag_flow}'
#   host: '${POSTGRES_HOST:-postgres}'
#   port: 5432
#   max_connections: 100
#   stale_timeout: 30
# s3:
#   access_key: 'access_key'
#   secret_key: 'secret_key'
#   region: 'region'
#   endpoint_url: 'endpoint_url'
#   bucket: 'bucket'
#   prefix_path: 'prefix_path'
#   signature_version: 'v4'
#   addressing_style: 'path'
# oss:
#   access_key: '${ACCESS_KEY}'
#   secret_key: '${SECRET_KEY}'
#   endpoint_url: '${ENDPOINT}'
#   region: '${REGION}'
#   bucket: '${BUCKET}'
#   prefix_path: '${OSS_PREFIX_PATH}'
# azure:
#   auth_type: 'sas'
#   container_url: 'container_url'
#   sas_token: 'sas_token'
# azure:
#   auth_type: 'spn'
#   account_url: 'account_url'
#   client_id: 'client_id'
#   secret: 'secret'
#   tenant_id: 'tenant_id'
#   container_name: 'container_name'
# user_default_llm:
#   factory: 'Tongyi-Qianwen'
#   api_key: 'sk-xxxxxxxxxxxxx'
#   base_url: ''
#   default_models:
#     chat_model: 'qwen-plus'
#     embedding_model: 'BAAI/bge-large-zh-v1.5@BAAI'
#     rerank_model: ''
#     asr_model: ''
#     image2text_model: ''
# oauth:
#   github:
#     client_id: xxxxxxxxxxxxxxxxxxxxxxxxx
#     secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
#     url: https://github.com/login/oauth/access_token
#   feishu:
#     app_id: cli_xxxxxxxxxxxxxxxxxxx
#     app_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
#     app_access_token_url: https://open.feishu.cn/open-apis/auth/v3/app_access_token/internal
#     user_access_token_url: https://open.feishu.cn/open-apis/authen/v1/oidc/access_token
#     grant_type: 'authorization_code'
#   custom_channel:
#     type: oidc
#     icon: sso
#     display_name: "Custom Channel"
#     issuer: https://provider.com/v1/oidc
#     client_id: xxxxxxxxxxxxxxxxxxxxxxxxx
#     client_secret: xxxxxxxxxxxxxxxxxxxxxxxx
#     scope: "openid email profile"
#     redirect_uri: https://your-app.com/v1/user/oauth/callback/custom_channel
# authentication:
#   client:
#     switch: false
#     http_app_key:
#     http_secret_key:
#   site:
#     switch: false
# permission:
#   switch: false
#   component: false
#   dataset: false
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`ragflow:`
			`host: ${RAGFLOW_HOST:-0.0.0.0}`
			`http_port: 9380`
			`mysql:`
			`name: '${MYSQL_DBNAME:-rag_flow}'`
			`user: '${MYSQL_USER:-root}'`
			`password: '${MYSQL_PASSWORD:-infini_rag_flow}'`
			`host: '${MYSQL_HOST:-mysql}'`
			`port: 3306`
			`max_connections: 100`
			`stale_timeout: 30`
			`minio:`
			`user: '${MINIO_USER:-rag_flow}'`
			`password: '${MINIO_PASSWORD:-infini_rag_flow}'`
			`host: '${MINIO_HOST:-minio}:9000'`
			`es:`
			`hosts: 'http://${ES_HOST:-es01}:9200'`
			`username: '${ES_USER:-elastic}'`
Added doc for switching elasticsearch to infinity (#3370) ### What problem does this PR solve? Added doc for switching elasticsearch to infinity ### Type of change - [x] New Feature (non-breaking change which adds functionality) - [x] Documentation Update 2024-11-14 00:08:55 +08:00			`password: '${ELASTIC_PASSWORD:-infini_rag_flow}'`
Feat: Adds OpenSearch2.19.1 as the vector_database support (#7140) ### What problem does this PR solve? This PR adds the support for latest OpenSearch2.19.1 as the store engine & search engine option for RAGFlow. ### Main Benefit 1. OpenSearch2.19.1 is licensed under the [Apache v2.0 License] which is much better than Elasticsearch 2. For search, OpenSearch2.19.1 supports full-text search、vector_search、hybrid_search those are similar with Elasticsearch on schema 3. For store, OpenSearch2.19.1 stores text、vector those are quite simliar with Elasticsearch on schema ### Changes - Support opensearch_python_connetor. I make a lot of adaptions since the schema and api/method between ES and Opensearch differs in many ways(especially the knn_search has a significant gap) : rag/utils/opensearch_coon.py - Support static config adaptions by changing: conf/service_conf.yaml、api/settings.py、rag/settings.py - Supprt some store&search schema changes between OpenSearch and ES: conf/os_mapping.json - Support OpenSearch python sdk : pyproject.toml - Support docker config for OpenSearch2.19.1 : docker/.env、docker/docker-compose-base.yml、docker/service_conf.yaml.template ### How to use - I didn't change the priority that ES as the default doc/search engine. Only if in docker/.env , we set DOC_ENGINE=${DOC_ENGINE:-opensearch}, it will work. ### Others Our team tested a lot of docs in our environment by using OpenSearch as the vector database ,it works very well. All the conifg for OpenSearch is necessary. ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Yongteng Lei <yongtengrey@outlook.com> Co-authored-by: writinwaters <93570324+writinwaters@users.noreply.github.com> Co-authored-by: Yingfeng <yingfeng.zhang@gmail.com> 2025-04-24 16:03:31 +08:00			`os:`
			`hosts: 'http://${OS_HOST:-opensearch01}:9201'`
			`username: '${OS_USER:-admin}'`
			`password: '${OPENSEARCHH_PASSWORD:-infini_rag_flow_OS_01}'`
Bump infinity to v0.5.0-dev5 (#3520) ### What problem does this PR solve? Bump infinity to v0.5.0-dev5 ### Type of change - [x] Refactoring 2024-11-25 11:53:58 +08:00			`infinity:`
			`uri: '${INFINITY_HOST:-infinity}:23817'`
			`db_name: 'default_db'`
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`redis:`
			`db: 1`
Improve storage engine (#4341) ### What problem does this PR solve? - Bring `STORAGE_IMPL` back in `rag/svr/cache_file_svr.py` - Simplify storage connection when working with AWS S3 ### Type of change - [x] Refactoring 2025-01-06 11:06:24 +07:00			`password: '${REDIS_PASSWORD:-infini_rag_flow}'`
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`host: '${REDIS_HOST:-redis}:6379'`

			`# postgres:`
			`# name: '${POSTGRES_DBNAME:-rag_flow}'`
			`# user: '${POSTGRES_USER:-rag_flow}'`
			`# password: '${POSTGRES_PASSWORD:-infini_rag_flow}'`
			`# host: '${POSTGRES_HOST:-postgres}'`
			`# port: 5432`
			`# max_connections: 100`
			`# stale_timeout: 30`
			`# s3:`
			`# access_key: 'access_key'`
			`# secret_key: 'secret_key'`
			`# region: 'region'`
Feat: extend S3 storage compatibility and add knowledge base ID prefix (#6355) ### What problem does this PR solve? - Added support for S3-compatible protocols. - Enabled the use of knowledge base ID as a file prefix when storing files in S3. - Updated docker/README.md to include detailed S3 and OSS configuration instructions. ### Type of change - [x] New Feature (non-breaking change which adds functionality) 2025-03-31 16:09:43 +08:00			`# endpoint_url: 'endpoint_url'`
			`# bucket: 'bucket'`
			`# prefix_path: 'prefix_path'`
			`# signature_version: 'v4'`
			`# addressing_style: 'path'`
Feat: Accessing Alibaba Cloud OSS with Amazon S3 SDK (#5438) Accessing Alibaba Cloud OSS with Amazon S3 SDK 2025-02-27 17:02:42 +08:00			`# oss:`
			`# access_key: '${ACCESS_KEY}'`
			`# secret_key: '${SECRET_KEY}'`
			`# endpoint_url: '${ENDPOINT}'`
			`# region: '${REGION}'`
			`# bucket: '${BUCKET}'`
Fix: enhance aliyun oss access with adding prefix path (#5475) ### What problem does this PR solve? Enhance aliyun oss access with adding prefix path. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) 2025-02-28 15:00:00 +08:00			`# prefix_path: '${OSS_PREFIX_PATH}'`
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`# azure:`
			`# auth_type: 'sas'`
			`# container_url: 'container_url'`
			`# sas_token: 'sas_token'`
			`# azure:`
			`# auth_type: 'spn'`
			`# account_url: 'account_url'`
			`# client_id: 'client_id'`
			`# secret: 'secret'`
			`# tenant_id: 'tenant_id'`
			`# container_name: 'container_name'`
			`# user_default_llm:`
			`# factory: 'Tongyi-Qianwen'`
			`# api_key: 'sk-xxxxxxxxxxxxx'`
			`# base_url: ''`
Add configuration to choose default llm models (#5245) ### What problem does this PR solve? This pull request includes changes to the `api/settings.py` and `docker/service_conf.yaml.template` files to add support for default models in the LLM configuration (specially for LIGHTEN builds). The most important changes include adding default model configurations and updating the initialization settings to use these defaults. For example: With this configuration Bedrock will be enable by default with claude and titan embeddings. ``` user_default_llm: factory: 'Bedrock' api_key: '{}' base_url: '' default_models: chat_model: 'anthropic.claude-3-5-sonnet-20240620-v1:0' embedding_model: 'amazon.titan-embed-text-v2:0' rerank_model: '' asr_model: '' image2text_model: '' ``` ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> 2025-02-23 21:13:39 -05:00			`# default_models:`
			`# chat_model: 'qwen-plus'`
			`# embedding_model: 'BAAI/bge-large-zh-v1.5@BAAI'`
			`# rerank_model: ''`
			`# asr_model: ''`
			`# image2text_model: ''`
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`# oauth:`
			`# github:`
			`# client_id: xxxxxxxxxxxxxxxxxxxxxxxxx`
			`# secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxx`
			`# url: https://github.com/login/oauth/access_token`
			`# feishu:`
			`# app_id: cli_xxxxxxxxxxxxxxxxxxx`
			`# app_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxx`
			`# app_access_token_url: https://open.feishu.cn/open-apis/auth/v3/app_access_token/internal`
			`# user_access_token_url: https://open.feishu.cn/open-apis/authen/v1/oidc/access_token`
			`# grant_type: 'authorization_code'`
Feat: Add support for OAuth2 and OpenID Connect (OIDC) authentication (#7379) ### What problem does this PR solve? Add support for OAuth2 and OpenID Connect (OIDC) authentication, allowing OAuth/OIDC authentication using the specified routes: - `/login/<channel>`: Initiates the OAuth flow for the specified channel - `/oauth/callback/<channel>`: Handles the OAuth callback after successful authentication The callback URL should be configured in your OAuth provider as: ``` https://your-app.com/oauth/callback/<channel> ``` For detailed instructions on configuring service_conf.yaml.template, see: `./api/apps/auth/README.md#usage`. - Related issues #3495 ### Type of change - [x] New Feature (non-breaking change which adds functionality) - [x] Documentation Update 2025-04-28 16:15:52 +08:00			`# custom_channel:`
			`# type: oidc`
Feat: Add `/login/channels` route and improve auth logic for frontend third-party login integration (#7521) ### What problem does this PR solve? Add `/login/channels` route and improve auth logic to support frontend integration with third-party login providers: - Add `/login/channels` route to provide authentication channel list with `display_name` and `icon` - Optimize user info parsing logic by prioritizing `avatar_url` and falling back to `picture` - Simplify OIDC token validation by removing unnecessary `kid` checks - Ensure `client_id` is safely cast to string during `audience` validation - Fix typo --- - Related pull request: #7379 ### Type of change - [x] New Feature (non-breaking change which adds functionality) - [x] Documentation Update 2025-05-08 10:23:19 +08:00			`# icon: sso`
			`# display_name: "Custom Channel"`
Feat: Add support for OAuth2 and OpenID Connect (OIDC) authentication (#7379) ### What problem does this PR solve? Add support for OAuth2 and OpenID Connect (OIDC) authentication, allowing OAuth/OIDC authentication using the specified routes: - `/login/<channel>`: Initiates the OAuth flow for the specified channel - `/oauth/callback/<channel>`: Handles the OAuth callback after successful authentication The callback URL should be configured in your OAuth provider as: ``` https://your-app.com/oauth/callback/<channel> ``` For detailed instructions on configuring service_conf.yaml.template, see: `./api/apps/auth/README.md#usage`. - Related issues #3495 ### Type of change - [x] New Feature (non-breaking change which adds functionality) - [x] Documentation Update 2025-04-28 16:15:52 +08:00			`# issuer: https://provider.com/v1/oidc`
			`# client_id: xxxxxxxxxxxxxxxxxxxxxxxxx`
			`# client_secret: xxxxxxxxxxxxxxxxxxxxxxxx`
			`# scope: "openid email profile"`
Feat: Add `/login/channels` route and improve auth logic for frontend third-party login integration (#7521) ### What problem does this PR solve? Add `/login/channels` route and improve auth logic to support frontend integration with third-party login providers: - Add `/login/channels` route to provide authentication channel list with `display_name` and `icon` - Optimize user info parsing logic by prioritizing `avatar_url` and falling back to `picture` - Simplify OIDC token validation by removing unnecessary `kid` checks - Ensure `client_id` is safely cast to string during `audience` validation - Fix typo --- - Related pull request: #7379 ### Type of change - [x] New Feature (non-breaking change which adds functionality) - [x] Documentation Update 2025-05-08 10:23:19 +08:00			`# redirect_uri: https://your-app.com/v1/user/oauth/callback/custom_channel`
Dynamically create the service_conf.yaml file by replacing environment variables from .env (#3341) ### What problem does this PR solve? This pull request implements the feature mentioned in #3322. Instead of manually having to edit the `service_conf.yaml` file when changes have been made to `.env` and mapping it into the docker container at runtime, a template file is used and the values replaced by the environment variables from the `.env` file when the container is started. ### Type of change - [X] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Kevin Hu <kevinhu.sh@gmail.com> Co-authored-by: Zhichang Yu <yuzhichang@gmail.com> 2024-11-12 15:56:53 +01:00			`# authentication:`
			`# client:`
			`# switch: false`
			`# http_app_key:`
			`# http_secret_key:`
			`# site:`
			`# switch: false`
			`# permission:`
			`# switch: false`
			`# component: false`
			`# dataset: false`