mirror of
https://gitee.com/dify_ai/dify.git
synced 2024-12-05 04:38:37 +08:00
484 lines
19 KiB
YAML
484 lines
19 KiB
YAML
version: '3'
|
|
services:
|
|
# API service
|
|
api:
|
|
image: langgenius/dify-api:0.6.10
|
|
restart: always
|
|
environment:
|
|
# Startup mode, 'api' starts the API server.
|
|
MODE: api
|
|
# The log level for the application. Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`
|
|
LOG_LEVEL: INFO
|
|
# enable DEBUG mode to output more logs
|
|
# DEBUG : true
|
|
# A secret key that is used for securely signing the session cookie and encrypting sensitive information on the database. You can generate a strong key using `openssl rand -base64 42`.
|
|
SECRET_KEY: sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
|
|
# The base URL of console application web frontend, refers to the Console base URL of WEB service if console domain is
|
|
# different from api or web app domain.
|
|
# example: http://cloud.dify.ai
|
|
CONSOLE_WEB_URL: ''
|
|
# Password for admin user initialization.
|
|
# If left unset, admin user will not be prompted for a password when creating the initial admin account.
|
|
INIT_PASSWORD: ''
|
|
# The base URL of console application api server, refers to the Console base URL of WEB service if console domain is
|
|
# different from api or web app domain.
|
|
# example: http://cloud.dify.ai
|
|
CONSOLE_API_URL: ''
|
|
# The URL prefix for Service API endpoints, refers to the base URL of the current API service if api domain is
|
|
# different from console domain.
|
|
# example: http://api.dify.ai
|
|
SERVICE_API_URL: ''
|
|
# The URL prefix for Web APP frontend, refers to the Web App base URL of WEB service if web app domain is different from
|
|
# console or api domain.
|
|
# example: http://udify.app
|
|
APP_WEB_URL: ''
|
|
# File preview or download Url prefix.
|
|
# used to display File preview or download Url to the front-end or as Multi-model inputs;
|
|
# Url is signed and has expiration time.
|
|
FILES_URL: ''
|
|
# File Access Time specifies a time interval in seconds for the file to be accessed.
|
|
# The default value is 300 seconds.
|
|
FILES_ACCESS_TIMEOUT: 300
|
|
# When enabled, migrations will be executed prior to application startup and the application will start after the migrations have completed.
|
|
MIGRATION_ENABLED: 'true'
|
|
# The configurations of postgres database connection.
|
|
# It is consistent with the configuration in the 'db' service below.
|
|
DB_USERNAME: postgres
|
|
DB_PASSWORD: difyai123456
|
|
DB_HOST: db
|
|
DB_PORT: 5432
|
|
DB_DATABASE: dify
|
|
# The configurations of redis connection.
|
|
# It is consistent with the configuration in the 'redis' service below.
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_USERNAME: ''
|
|
REDIS_PASSWORD: difyai123456
|
|
REDIS_USE_SSL: 'false'
|
|
# use redis db 0 for redis cache
|
|
REDIS_DB: 0
|
|
# The configurations of celery broker.
|
|
# Use redis as the broker, and redis db 1 for celery broker.
|
|
CELERY_BROKER_URL: redis://:difyai123456@redis:6379/1
|
|
# Specifies the allowed origins for cross-origin requests to the Web API, e.g. https://dify.app or * for all origins.
|
|
WEB_API_CORS_ALLOW_ORIGINS: '*'
|
|
# Specifies the allowed origins for cross-origin requests to the console API, e.g. https://cloud.dify.ai or * for all origins.
|
|
CONSOLE_CORS_ALLOW_ORIGINS: '*'
|
|
# CSRF Cookie settings
|
|
# Controls whether a cookie is sent with cross-site requests,
|
|
# providing some protection against cross-site request forgery attacks
|
|
#
|
|
# Default: `SameSite=Lax, Secure=false, HttpOnly=true`
|
|
# This default configuration supports same-origin requests using either HTTP or HTTPS,
|
|
# but does not support cross-origin requests. It is suitable for local debugging purposes.
|
|
#
|
|
# If you want to enable cross-origin support,
|
|
# you must use the HTTPS protocol and set the configuration to `SameSite=None, Secure=true, HttpOnly=true`.
|
|
#
|
|
# The type of storage to use for storing user files. Supported values are `local` and `s3` and `azure-blob` and `google-storage`, Default: `local`
|
|
STORAGE_TYPE: local
|
|
# The path to the local storage directory, the directory relative the root path of API service codes or absolute path. Default: `storage` or `/home/john/storage`.
|
|
# only available when STORAGE_TYPE is `local`.
|
|
STORAGE_LOCAL_PATH: storage
|
|
# The S3 storage configurations, only available when STORAGE_TYPE is `s3`.
|
|
S3_ENDPOINT: 'https://xxx.r2.cloudflarestorage.com'
|
|
S3_BUCKET_NAME: 'difyai'
|
|
S3_ACCESS_KEY: 'ak-difyai'
|
|
S3_SECRET_KEY: 'sk-difyai'
|
|
S3_REGION: 'us-east-1'
|
|
# The Azure Blob storage configurations, only available when STORAGE_TYPE is `azure-blob`.
|
|
AZURE_BLOB_ACCOUNT_NAME: 'difyai'
|
|
AZURE_BLOB_ACCOUNT_KEY: 'difyai'
|
|
AZURE_BLOB_CONTAINER_NAME: 'difyai-container'
|
|
AZURE_BLOB_ACCOUNT_URL: 'https://<your_account_name>.blob.core.windows.net'
|
|
# The Google storage configurations, only available when STORAGE_TYPE is `google-storage`.
|
|
GOOGLE_STORAGE_BUCKET_NAME: 'yout-bucket-name'
|
|
# if you want to use Application Default Credentials, you can leave GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64 empty.
|
|
GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64: 'your-google-service-account-json-base64-string'
|
|
# The type of vector store to use. Supported values are `weaviate`, `qdrant`, `milvus`, `relyt`.
|
|
VECTOR_STORE: weaviate
|
|
# The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`.
|
|
WEAVIATE_ENDPOINT: http://weaviate:8080
|
|
# The Weaviate API key.
|
|
WEAVIATE_API_KEY: WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
|
# The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`.
|
|
QDRANT_URL: http://qdrant:6333
|
|
# The Qdrant API key.
|
|
QDRANT_API_KEY: difyai123456
|
|
# The Qdrant client timeout setting.
|
|
QDRANT_CLIENT_TIMEOUT: 20
|
|
# The Qdrant client enable gRPC mode.
|
|
QDRANT_GRPC_ENABLED: 'false'
|
|
# The Qdrant server gRPC mode PORT.
|
|
QDRANT_GRPC_PORT: 6334
|
|
# Milvus configuration Only available when VECTOR_STORE is `milvus`.
|
|
# The milvus host.
|
|
MILVUS_HOST: 127.0.0.1
|
|
# The milvus host.
|
|
MILVUS_PORT: 19530
|
|
# The milvus username.
|
|
MILVUS_USER: root
|
|
# The milvus password.
|
|
MILVUS_PASSWORD: Milvus
|
|
# The milvus tls switch.
|
|
MILVUS_SECURE: 'false'
|
|
# relyt configurations
|
|
RELYT_HOST: db
|
|
RELYT_PORT: 5432
|
|
RELYT_USER: postgres
|
|
RELYT_PASSWORD: difyai123456
|
|
RELYT_DATABASE: postgres
|
|
# pgvector configurations
|
|
PGVECTOR_HOST: pgvector
|
|
PGVECTOR_PORT: 5432
|
|
PGVECTOR_USER: postgres
|
|
PGVECTOR_PASSWORD: difyai123456
|
|
PGVECTOR_DATABASE: dify
|
|
# Mail configuration, support: resend, smtp
|
|
MAIL_TYPE: ''
|
|
# default send from email address, if not specified
|
|
MAIL_DEFAULT_SEND_FROM: 'YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)'
|
|
SMTP_SERVER: ''
|
|
SMTP_PORT: 465
|
|
SMTP_USERNAME: ''
|
|
SMTP_PASSWORD: ''
|
|
SMTP_USE_TLS: 'true'
|
|
SMTP_OPPORTUNISTIC_TLS: 'false'
|
|
# the api-key for resend (https://resend.com)
|
|
RESEND_API_KEY: ''
|
|
RESEND_API_URL: https://api.resend.com
|
|
# The DSN for Sentry error reporting. If not set, Sentry error reporting will be disabled.
|
|
SENTRY_DSN: ''
|
|
# The sample rate for Sentry events. Default: `1.0`
|
|
SENTRY_TRACES_SAMPLE_RATE: 1.0
|
|
# The sample rate for Sentry profiles. Default: `1.0`
|
|
SENTRY_PROFILES_SAMPLE_RATE: 1.0
|
|
# Notion import configuration, support public and internal
|
|
NOTION_INTEGRATION_TYPE: public
|
|
NOTION_CLIENT_SECRET: you-client-secret
|
|
NOTION_CLIENT_ID: you-client-id
|
|
NOTION_INTERNAL_SECRET: you-internal-secret
|
|
# The sandbox service endpoint.
|
|
CODE_EXECUTION_ENDPOINT: "http://sandbox:8194"
|
|
CODE_EXECUTION_API_KEY: dify-sandbox
|
|
CODE_MAX_NUMBER: 9223372036854775807
|
|
CODE_MIN_NUMBER: -9223372036854775808
|
|
CODE_MAX_STRING_LENGTH: 80000
|
|
TEMPLATE_TRANSFORM_MAX_LENGTH: 80000
|
|
CODE_MAX_STRING_ARRAY_LENGTH: 30
|
|
CODE_MAX_OBJECT_ARRAY_LENGTH: 30
|
|
CODE_MAX_NUMBER_ARRAY_LENGTH: 1000
|
|
# SSRF Proxy server
|
|
SSRF_PROXY_HTTP_URL: 'http://ssrf_proxy:3128'
|
|
SSRF_PROXY_HTTPS_URL: 'http://ssrf_proxy:3128'
|
|
# Indexing configuration
|
|
INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH: 1000
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
volumes:
|
|
# Mount the storage directory to the container, for storing user files.
|
|
- ./volumes/app/storage:/app/api/storage
|
|
# uncomment to expose dify-api port to host
|
|
# ports:
|
|
# - "5001:5001"
|
|
networks:
|
|
- ssrf_proxy_network
|
|
- default
|
|
|
|
# worker service
|
|
# The Celery worker for processing the queue.
|
|
worker:
|
|
image: langgenius/dify-api:0.6.10
|
|
restart: always
|
|
environment:
|
|
CONSOLE_WEB_URL: ''
|
|
# Startup mode, 'worker' starts the Celery worker for processing the queue.
|
|
MODE: worker
|
|
|
|
# --- All the configurations below are the same as those in the 'api' service. ---
|
|
|
|
# The log level for the application. Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`
|
|
LOG_LEVEL: INFO
|
|
# A secret key that is used for securely signing the session cookie and encrypting sensitive information on the database. You can generate a strong key using `openssl rand -base64 42`.
|
|
# same as the API service
|
|
SECRET_KEY: sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
|
|
# The configurations of postgres database connection.
|
|
# It is consistent with the configuration in the 'db' service below.
|
|
DB_USERNAME: postgres
|
|
DB_PASSWORD: difyai123456
|
|
DB_HOST: db
|
|
DB_PORT: 5432
|
|
DB_DATABASE: dify
|
|
# The configurations of redis cache connection.
|
|
REDIS_HOST: redis
|
|
REDIS_PORT: 6379
|
|
REDIS_USERNAME: ''
|
|
REDIS_PASSWORD: difyai123456
|
|
REDIS_DB: 0
|
|
REDIS_USE_SSL: 'false'
|
|
# The configurations of celery broker.
|
|
CELERY_BROKER_URL: redis://:difyai123456@redis:6379/1
|
|
# The type of storage to use for storing user files. Supported values are `local` and `s3` and `azure-blob` and `google-storage`, Default: `local`
|
|
STORAGE_TYPE: local
|
|
STORAGE_LOCAL_PATH: storage
|
|
# The S3 storage configurations, only available when STORAGE_TYPE is `s3`.
|
|
S3_ENDPOINT: 'https://xxx.r2.cloudflarestorage.com'
|
|
S3_BUCKET_NAME: 'difyai'
|
|
S3_ACCESS_KEY: 'ak-difyai'
|
|
S3_SECRET_KEY: 'sk-difyai'
|
|
S3_REGION: 'us-east-1'
|
|
# The Azure Blob storage configurations, only available when STORAGE_TYPE is `azure-blob`.
|
|
AZURE_BLOB_ACCOUNT_NAME: 'difyai'
|
|
AZURE_BLOB_ACCOUNT_KEY: 'difyai'
|
|
AZURE_BLOB_CONTAINER_NAME: 'difyai-container'
|
|
AZURE_BLOB_ACCOUNT_URL: 'https://<your_account_name>.blob.core.windows.net'
|
|
# The Google storage configurations, only available when STORAGE_TYPE is `google-storage`.
|
|
GOOGLE_STORAGE_BUCKET_NAME: 'yout-bucket-name'
|
|
# if you want to use Application Default Credentials, you can leave GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64 empty.
|
|
GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64: 'your-google-service-account-json-base64-string'
|
|
# The type of vector store to use. Supported values are `weaviate`, `qdrant`, `milvus`, `relyt`, `pgvector`.
|
|
VECTOR_STORE: weaviate
|
|
# The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`.
|
|
WEAVIATE_ENDPOINT: http://weaviate:8080
|
|
# The Weaviate API key.
|
|
WEAVIATE_API_KEY: WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
|
# The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`.
|
|
QDRANT_URL: http://qdrant:6333
|
|
# The Qdrant API key.
|
|
QDRANT_API_KEY: difyai123456
|
|
# The Qdrant client timeout setting.
|
|
QDRANT_CLIENT_TIMEOUT: 20
|
|
# The Qdrant client enable gRPC mode.
|
|
QDRANT_GRPC_ENABLED: 'false'
|
|
# The Qdrant server gRPC mode PORT.
|
|
QDRANT_GRPC_PORT: 6334
|
|
# Milvus configuration Only available when VECTOR_STORE is `milvus`.
|
|
# The milvus host.
|
|
MILVUS_HOST: 127.0.0.1
|
|
# The milvus host.
|
|
MILVUS_PORT: 19530
|
|
# The milvus username.
|
|
MILVUS_USER: root
|
|
# The milvus password.
|
|
MILVUS_PASSWORD: Milvus
|
|
# The milvus tls switch.
|
|
MILVUS_SECURE: 'false'
|
|
# Mail configuration, support: resend
|
|
MAIL_TYPE: ''
|
|
# default send from email address, if not specified
|
|
MAIL_DEFAULT_SEND_FROM: 'YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)'
|
|
SMTP_SERVER: ''
|
|
SMTP_PORT: 465
|
|
SMTP_USERNAME: ''
|
|
SMTP_PASSWORD: ''
|
|
SMTP_USE_TLS: 'true'
|
|
SMTP_OPPORTUNISTIC_TLS: 'false'
|
|
# the api-key for resend (https://resend.com)
|
|
RESEND_API_KEY: ''
|
|
RESEND_API_URL: https://api.resend.com
|
|
# relyt configurations
|
|
RELYT_HOST: db
|
|
RELYT_PORT: 5432
|
|
RELYT_USER: postgres
|
|
RELYT_PASSWORD: difyai123456
|
|
RELYT_DATABASE: postgres
|
|
# pgvector configurations
|
|
PGVECTOR_HOST: pgvector
|
|
PGVECTOR_PORT: 5432
|
|
PGVECTOR_USER: postgres
|
|
PGVECTOR_PASSWORD: difyai123456
|
|
PGVECTOR_DATABASE: dify
|
|
# Notion import configuration, support public and internal
|
|
NOTION_INTEGRATION_TYPE: public
|
|
NOTION_CLIENT_SECRET: you-client-secret
|
|
NOTION_CLIENT_ID: you-client-id
|
|
NOTION_INTERNAL_SECRET: you-internal-secret
|
|
# Indexing configuration
|
|
INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH: 1000
|
|
depends_on:
|
|
- db
|
|
- redis
|
|
volumes:
|
|
# Mount the storage directory to the container, for storing user files.
|
|
- ./volumes/app/storage:/app/api/storage
|
|
networks:
|
|
- ssrf_proxy_network
|
|
- default
|
|
|
|
# Frontend web application.
|
|
web:
|
|
image: langgenius/dify-web:0.6.10
|
|
restart: always
|
|
environment:
|
|
# The base URL of console application api server, refers to the Console base URL of WEB service if console domain is
|
|
# different from api or web app domain.
|
|
# example: http://cloud.dify.ai
|
|
CONSOLE_API_URL: ''
|
|
# The URL for Web APP api server, refers to the Web App base URL of WEB service if web app domain is different from
|
|
# console or api domain.
|
|
# example: http://udify.app
|
|
APP_API_URL: ''
|
|
# The DSN for Sentry error reporting. If not set, Sentry error reporting will be disabled.
|
|
SENTRY_DSN: ''
|
|
# uncomment to expose dify-web port to host
|
|
# ports:
|
|
# - "3000:3000"
|
|
|
|
# The postgres database.
|
|
db:
|
|
image: postgres:15-alpine
|
|
restart: always
|
|
environment:
|
|
PGUSER: postgres
|
|
# The password for the default postgres user.
|
|
POSTGRES_PASSWORD: difyai123456
|
|
# The name of the default postgres database.
|
|
POSTGRES_DB: dify
|
|
# postgres data directory
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
volumes:
|
|
- ./volumes/db/data:/var/lib/postgresql/data
|
|
# uncomment to expose db(postgresql) port to host
|
|
# ports:
|
|
# - "5432:5432"
|
|
healthcheck:
|
|
test: [ "CMD", "pg_isready" ]
|
|
interval: 1s
|
|
timeout: 3s
|
|
retries: 30
|
|
|
|
# The redis cache.
|
|
redis:
|
|
image: redis:6-alpine
|
|
restart: always
|
|
volumes:
|
|
# Mount the redis data directory to the container.
|
|
- ./volumes/redis/data:/data
|
|
# Set the redis password when startup redis server.
|
|
command: redis-server --requirepass difyai123456
|
|
healthcheck:
|
|
test: [ "CMD", "redis-cli", "ping" ]
|
|
# uncomment to expose redis port to host
|
|
# ports:
|
|
# - "6379:6379"
|
|
|
|
# The Weaviate vector store.
|
|
weaviate:
|
|
image: semitechnologies/weaviate:1.19.0
|
|
restart: always
|
|
volumes:
|
|
# Mount the Weaviate data directory to the container.
|
|
- ./volumes/weaviate:/var/lib/weaviate
|
|
environment:
|
|
# The Weaviate configurations
|
|
# You can refer to the [Weaviate](https://weaviate.io/developers/weaviate/config-refs/env-vars) documentation for more information.
|
|
QUERY_DEFAULTS_LIMIT: 25
|
|
AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'false'
|
|
PERSISTENCE_DATA_PATH: '/var/lib/weaviate'
|
|
DEFAULT_VECTORIZER_MODULE: 'none'
|
|
CLUSTER_HOSTNAME: 'node1'
|
|
AUTHENTICATION_APIKEY_ENABLED: 'true'
|
|
AUTHENTICATION_APIKEY_ALLOWED_KEYS: 'WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih'
|
|
AUTHENTICATION_APIKEY_USERS: 'hello@dify.ai'
|
|
AUTHORIZATION_ADMINLIST_ENABLED: 'true'
|
|
AUTHORIZATION_ADMINLIST_USERS: 'hello@dify.ai'
|
|
# uncomment to expose weaviate port to host
|
|
# ports:
|
|
# - "8080:8080"
|
|
|
|
# The DifySandbox
|
|
sandbox:
|
|
image: langgenius/dify-sandbox:0.2.1
|
|
restart: always
|
|
environment:
|
|
# The DifySandbox configurations
|
|
# Make sure you are changing this key for your deployment with a strong key.
|
|
# You can generate a strong key using `openssl rand -base64 42`.
|
|
API_KEY: dify-sandbox
|
|
GIN_MODE: 'release'
|
|
WORKER_TIMEOUT: 15
|
|
ENABLE_NETWORK: 'true'
|
|
HTTP_PROXY: 'http://ssrf_proxy:3128'
|
|
HTTPS_PROXY: 'http://ssrf_proxy:3128'
|
|
SANDBOX_PORT: 8194
|
|
volumes:
|
|
- ./volumes/sandbox/dependencies:/dependencies
|
|
networks:
|
|
- ssrf_proxy_network
|
|
|
|
# ssrf_proxy server
|
|
# for more information, please refer to
|
|
# https://docs.dify.ai/getting-started/install-self-hosted/install-faq#id-16.-why-is-ssrf_proxy-needed
|
|
ssrf_proxy:
|
|
image: ubuntu/squid:latest
|
|
restart: always
|
|
volumes:
|
|
# pls clearly modify the squid.conf file to fit your network environment.
|
|
- ./volumes/ssrf_proxy/squid.conf:/etc/squid/squid.conf
|
|
networks:
|
|
- ssrf_proxy_network
|
|
- default
|
|
# Qdrant vector store.
|
|
# uncomment to use qdrant as vector store.
|
|
# (if uncommented, you need to comment out the weaviate service above,
|
|
# and set VECTOR_STORE to qdrant in the api & worker service.)
|
|
# qdrant:
|
|
# image: langgenius/qdrant:v1.7.3
|
|
# restart: always
|
|
# volumes:
|
|
# - ./volumes/qdrant:/qdrant/storage
|
|
# environment:
|
|
# QDRANT_API_KEY: 'difyai123456'
|
|
# # uncomment to expose qdrant port to host
|
|
# # ports:
|
|
# # - "6333:6333"
|
|
# # - "6334:6334"
|
|
|
|
# The pgvector vector database.
|
|
# Uncomment to use qdrant as vector store.
|
|
# pgvector:
|
|
# image: pgvector/pgvector:pg16
|
|
# restart: always
|
|
# environment:
|
|
# PGUSER: postgres
|
|
# # The password for the default postgres user.
|
|
# POSTGRES_PASSWORD: difyai123456
|
|
# # The name of the default postgres database.
|
|
# POSTGRES_DB: dify
|
|
# # postgres data directory
|
|
# PGDATA: /var/lib/postgresql/data/pgdata
|
|
# volumes:
|
|
# - ./volumes/pgvector/data:/var/lib/postgresql/data
|
|
# # uncomment to expose db(postgresql) port to host
|
|
# # ports:
|
|
# # - "5433:5432"
|
|
# healthcheck:
|
|
# test: [ "CMD", "pg_isready" ]
|
|
# interval: 1s
|
|
# timeout: 3s
|
|
# retries: 30
|
|
|
|
|
|
# The nginx reverse proxy.
|
|
# used for reverse proxying the API service and Web service.
|
|
nginx:
|
|
image: nginx:latest
|
|
restart: always
|
|
volumes:
|
|
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
|
|
- ./nginx/proxy.conf:/etc/nginx/proxy.conf
|
|
- ./nginx/conf.d:/etc/nginx/conf.d
|
|
#- ./nginx/ssl:/etc/ssl
|
|
depends_on:
|
|
- api
|
|
- web
|
|
ports:
|
|
- "80:80"
|
|
#- "443:443"
|
|
networks:
|
|
# create a network between sandbox, api and ssrf_proxy, and can not access outside.
|
|
ssrf_proxy_network:
|
|
driver: bridge
|
|
internal: true
|