From f4ad57dd151541a2ac68f121d9744ad598d90814 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Fri, 15 Aug 2025 12:45:16 -0600 Subject: [PATCH 01/19] Add RAGApp integration into configuration - Updated .env.example to include RAGAPP_HOSTNAME, RAGAPP_USERNAME, and RAGAPP_PASSWORD for basic authentication. - Modified Caddyfile to implement basic authentication for the RAGApp reverse proxy. - Enhanced docker-compose.yml to add a new RAGApp service with necessary environment variables. - Updated scripts to generate RAGApp credentials and include them in the setup wizard and final report. - Documented RAGApp details in the final report for user visibility. --- .env.example | 10 ++++++++++ Caddyfile | 8 ++++++++ docker-compose.yml | 9 +++++++++ scripts/03_generate_secrets.sh | 19 +++++++++++++++++-- scripts/04_wizard.sh | 1 + scripts/06_final_report.sh | 11 +++++++++++ 6 files changed, 56 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index 0c02647..142928b 100644 --- a/.env.example +++ b/.env.example @@ -147,6 +147,7 @@ PORTAINER_HOSTNAME=portainer.yourdomain.com LETTA_HOSTNAME=letta.yourdomain.com QDRANT_HOSTNAME=qdrant.yourdomain.com COMFYUI_HOSTNAME=comfyui.yourdomain.com +RAGAPP_HOSTNAME=ragapp.yourdomain.com LETSENCRYPT_EMAIL= # Everything below this point is optional. @@ -154,6 +155,14 @@ LETSENCRYPT_EMAIL= RUN_N8N_IMPORT= +############ +# [required] +# RAGApp credentials - used for Basic Auth in Caddy +############ + +RAGAPP_USERNAME= +RAGAPP_PASSWORD= + # # ####### @@ -311,3 +320,4 @@ COMPOSE_PROFILES="n8n,flowise,monitoring" PROMETHEUS_PASSWORD_HASH= SEARXNG_PASSWORD_HASH= COMFYUI_PASSWORD_HASH= +RAGAPP_PASSWORD_HASH= diff --git a/Caddyfile b/Caddyfile index 36d67df..30c4436 100644 --- a/Caddyfile +++ b/Caddyfile @@ -25,6 +25,14 @@ reverse_proxy nginx:80 } +# RAGApp +{$RAGAPP_HOSTNAME} { + basic_auth { + {$RAGAPP_USERNAME} {$RAGAPP_PASSWORD_HASH} + } + reverse_proxy ragapp:8000 +} + # Langfuse {$LANGFUSE_HOSTNAME} { reverse_proxy langfuse-web:3000 diff --git a/docker-compose.yml b/docker-compose.yml index 6fd3e86..b1d2fa3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -200,6 +200,9 @@ services: - WEBUI_HOSTNAME=${WEBUI_HOSTNAME} - FLOWISE_HOSTNAME=${FLOWISE_HOSTNAME} - DIFY_HOSTNAME=${DIFY_HOSTNAME} + - RAGAPP_HOSTNAME=${RAGAPP_HOSTNAME} + - RAGAPP_USERNAME=${RAGAPP_USERNAME} + - RAGAPP_PASSWORD_HASH=${RAGAPP_PASSWORD_HASH} - SUPABASE_HOSTNAME=${SUPABASE_HOSTNAME} - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME} - LANGFUSE_HOSTNAME=${LANGFUSE_HOSTNAME} @@ -577,6 +580,12 @@ services: retries: 5 start_period: 10s + ragapp: + image: ragapp/ragapp:latest + container_name: ragapp + profiles: ["ragapp"] + restart: unless-stopped + portainer: image: portainer/portainer-ce:latest container_name: portainer diff --git a/scripts/03_generate_secrets.sh b/scripts/03_generate_secrets.sh index 949e339..296242c 100755 --- a/scripts/03_generate_secrets.sh +++ b/scripts/03_generate_secrets.sh @@ -52,6 +52,7 @@ declare -A VARS_TO_GENERATE=( # Dify environment variables ["DIFY_SECRET_KEY"]="secret:64" # Dify application secret key (maps to SECRET_KEY in Dify) ["COMFYUI_PASSWORD"]="password:32" # Added ComfyUI basic auth password + ["RAGAPP_PASSWORD"]="password:32" # Added RAGApp basic auth password ) # Initialize existing_env_vars and attempt to read .env if it exists @@ -370,6 +371,7 @@ generated_values["LANGFUSE_INIT_USER_EMAIL"]="$USER_EMAIL" generated_values["N8N_WORKER_COUNT"]="$N8N_WORKER_COUNT" generated_values["WEAVIATE_USERNAME"]="$USER_EMAIL" # Set Weaviate username for Caddy generated_values["COMFYUI_USERNAME"]="$USER_EMAIL" # Set ComfyUI username for Caddy +generated_values["RAGAPP_USERNAME"]="$USER_EMAIL" # Set RAGApp username for Caddy if [[ -n "$OPENAI_API_KEY" ]]; then generated_values["OPENAI_API_KEY"]="$OPENAI_API_KEY" @@ -394,6 +396,7 @@ found_vars["N8N_WORKER_COUNT"]=0 found_vars["WEAVIATE_USERNAME"]=0 found_vars["NEO4J_AUTH_USERNAME"]=0 found_vars["COMFYUI_USERNAME"]=0 +found_vars["RAGAPP_USERNAME"]=0 # Read template, substitute domain, generate initial values while IFS= read -r line || [[ -n "$line" ]]; do @@ -440,7 +443,7 @@ while IFS= read -r line || [[ -n "$line" ]]; do # This 'else' block is for lines from template not covered by existing values or VARS_TO_GENERATE. # Check if it is one of the user input vars - these are handled by found_vars later if not in template. is_user_input_var=0 # Reset for each line - user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME") + user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME") for uivar in "${user_input_vars[@]}"; do if [[ "$varName" == "$uivar" ]]; then is_user_input_var=1 @@ -522,7 +525,7 @@ if [[ -z "${generated_values[SERVICE_ROLE_KEY]}" ]]; then fi # Add any custom variables that weren't found in the template -for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME"; do +for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME"; do if [[ ${found_vars["$var"]} -eq 0 && -v generated_values["$var"] ]]; then # Before appending, check if it's already in TMP_ENV_FILE to avoid duplicates if ! grep -q -E "^${var}=" "$TMP_ENV_FILE"; then @@ -645,6 +648,18 @@ if [[ -z "$FINAL_COMFYUI_HASH" && -n "$COMFYUI_PLAIN_PASS" ]]; then fi _update_or_add_env_var "COMFYUI_PASSWORD_HASH" "$FINAL_COMFYUI_HASH" +# --- RAGAPP --- +RAGAPP_PLAIN_PASS="${generated_values["RAGAPP_PASSWORD"]}" +FINAL_RAGAPP_HASH="${generated_values[RAGAPP_PASSWORD_HASH]}" +if [[ -z "$FINAL_RAGAPP_HASH" && -n "$RAGAPP_PLAIN_PASS" ]]; then + NEW_HASH=$(_generate_and_get_hash "$RAGAPP_PLAIN_PASS") + if [[ -n "$NEW_HASH" ]]; then + FINAL_RAGAPP_HASH="$NEW_HASH" + generated_values["RAGAPP_PASSWORD_HASH"]="$NEW_HASH" + fi +fi +_update_or_add_env_var "RAGAPP_PASSWORD_HASH" "$FINAL_RAGAPP_HASH" + if [ $? -eq 0 ]; then # This $? reflects the status of the last mv command from the last _update_or_add_env_var call. # For now, assuming if we reached here and mv was fine, primary operations were okay. diff --git a/scripts/04_wizard.sh b/scripts/04_wizard.sh index 126b931..d0e9255 100755 --- a/scripts/04_wizard.sh +++ b/scripts/04_wizard.sh @@ -63,6 +63,7 @@ base_services_data=( "letta" "Letta (Agent Server & SDK)" "gotenberg" "Gotenberg (Document Conversion API)" "crawl4ai" "Crawl4ai (Web Crawler for AI)" + "ragapp" "RAGApp (Open-source RAG UI + API)" "open-webui" "Open WebUI (ChatGPT-like Interface)" "searxng" "SearXNG (Private Metasearch Engine)" "ollama" "Ollama (Local LLM Runner - select hardware in next step)" diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index 46d33d8..4583531 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -135,6 +135,17 @@ if is_profile_active "portainer"; then echo "(Note: On first login, Portainer will prompt to set up an admin user.)" fi +if is_profile_active "ragapp"; then + echo + echo "================================= RAGApp ==============================" + echo + echo "Host: ${RAGAPP_HOSTNAME:-}" + echo "User: ${RAGAPP_USERNAME:-}" + echo "Password: ${RAGAPP_PASSWORD:-}" + echo "Admin: https://${RAGAPP_HOSTNAME:-}/admin" + echo "API Docs: https://${RAGAPP_HOSTNAME:-}/docs" +fi + if is_profile_active "comfyui"; then echo echo "================================= ComfyUI =============================" From 7062697b96ff3058c952c37bf314de64729b808e Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Fri, 15 Aug 2025 12:58:43 -0600 Subject: [PATCH 02/19] Add RAGApp documentation and internal access details - Updated README.md to include RAGApp as a new open-source tool for building Retrieval-Augmented Generation assistants. - Enhanced final report script to display internal access information for RAGApp, improving user visibility and integration guidance. --- README.md | 3 +++ scripts/06_final_report.sh | 1 + 2 files changed, 4 insertions(+) diff --git a/README.md b/README.md index 03cd5c0..c158726 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,9 @@ The installer also makes the following powerful open-source tools **available fo ✅ [**ComfyUI**](https://github.com/comfyanonymous/ComfyUI) - A powerful, node-based UI for Stable Diffusion workflows. Build and run image-generation pipelines visually, with support for custom nodes and extensions. +✅ [**RAGApp**](https://github.com/ragapp/ragapp) - Open-source application to build Retrieval-Augmented Generation (RAG) assistants over your data. Provides a web UI for chat and an HTTP API for integration with your workflows. + + ✅ [**Dify**](https://dify.ai/) - An open-source AI application development platform that provides comprehensive LLMOps capabilities, including workflow management, prompt engineering, RAG pipelines, and AI agent orchestration. Perfect for building production-ready AI applications. ✅ [**Qdrant**](https://qdrant.tech/) - A high-performance open-source vector store, specialized for AI. While Supabase also offers vector capabilities, Qdrant is included for its speed, making it ideal for demanding AI tasks. diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index 4583531..dee7b78 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -140,6 +140,7 @@ if is_profile_active "ragapp"; then echo "================================= RAGApp ==============================" echo echo "Host: ${RAGAPP_HOSTNAME:-}" + echo "Internal Access (e.g., from n8n): http://ragapp:8000" echo "User: ${RAGAPP_USERNAME:-}" echo "Password: ${RAGAPP_PASSWORD:-}" echo "Admin: https://${RAGAPP_HOSTNAME:-}/admin" From 7037b203bbb792bbd455e72bc74920ac70503484 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Fri, 15 Aug 2025 16:35:13 -0600 Subject: [PATCH 03/19] Add Python Runner service and documentation - Introduced a new internal utility service, python-runner, in docker-compose.yml to execute custom Python scripts within the Docker network. - Added detailed documentation in n8n-installer-developer-guide.md and README.md on how to enable and use the python-runner service. - Created main.py and requirements.txt files for user-defined Python code and dependencies. - Updated scripts to include python-runner in the service selection wizard and final report for improved user guidance. --- README.md | 7 +++++ docker-compose.yml | 10 +++++++ n8n-installer-developer-guide.md | 50 ++++++++++++++++++++++++++++++++ python-runner/main.py | 3 ++ python-runner/requirements.txt | 0 scripts/04_wizard.sh | 1 + scripts/06_final_report.sh | 11 +++++++ 7 files changed, 82 insertions(+) create mode 100644 python-runner/main.py create mode 100644 python-runner/requirements.txt diff --git a/README.md b/README.md index c158726..9db1e47 100644 --- a/README.md +++ b/README.md @@ -141,6 +141,13 @@ After successful installation, your services are up and running! Here's how to g - **Portainer:** `portainer.yourdomain.com` (Protected by Caddy basic auth; on first login, complete Portainer admin setup) - **ComfyUI:** `comfyui.yourdomain.com` (Node-based Stable Diffusion UI) +### Optional Internal Utility: Python Runner + +- **What it is**: An internal-only service to run your custom Python code inside the same Docker network as your other services (n8n, Postgres, Qdrant, etc.). No external ports are exposed, and it is not proxied by Caddy. +- **How to enable**: Select “Python Runner” in the Service Selection Wizard during install/update, or add the profile manually: `COMPOSE_PROFILES=...,python-runner`. +- **Where to put code**: Place your Python files in `python-runner/`. The default entry point is `python-runner/main.py`. +- **Dependencies**: Add them to `python-runner/requirements.txt`; they will be installed automatically on container start. + 2. **Explore n8n:** - Log in to your n8n instance. This is your central hub for workflow automation. diff --git a/docker-compose.yml b/docker-compose.yml index b1d2fa3..3d9d885 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -609,3 +609,13 @@ services: interval: 10s timeout: 5s retries: 5 + + python-runner: + image: python:3.11-slim + container_name: python-runner + profiles: ["python-runner"] + restart: unless-stopped + working_dir: /app + command: /bin/sh -c 'if [ -f /app/requirements.txt ]; then python -m pip install --no-cache-dir -r /app/requirements.txt; fi; python /app/main.py' + volumes: + - ./python-runner:/app diff --git a/n8n-installer-developer-guide.md b/n8n-installer-developer-guide.md index 9be7ad3..7b02530 100644 --- a/n8n-installer-developer-guide.md +++ b/n8n-installer-developer-guide.md @@ -305,6 +305,56 @@ volumes: --- +## 🐍 Internal Utility Service: python-runner (Optional) + +**Purpose**: Lightweight internal container to run custom user Python scripts inside the compose network without exposing any ports. + +- **Image**: `python:3.11-slim` +- **Profiles**: `python-runner` (disabled by default; enabled via wizard or `.env`) +- **Mount**: `./python-runner:/app` +- **Command**: Installs `requirements.txt` if present, then runs `python /app/main.py`. +- **Network**: Joins the default compose network (`localai_default`), so it can reach other services by their container names (e.g., `n8n`, `postgres`, `redis`, `qdrant`). +- **Security/Exposure**: No external ports, no reverse proxy, no domains. Internal-only. + +### How to enable (Wizard) + +- Run `sudo bash ./scripts/install.sh` (initial) or `sudo bash ./scripts/update.sh` (update) and select **Python Runner** in the wizard. + +### How to enable (manually) + +Add the profile to `.env` so it is managed by the normal startup flow: +```bash +COMPOSE_PROFILES="...,python-runner" +``` + +Or start on-demand from the CLI without changing `.env`: +```bash +docker compose -p localai --profile python-runner up -d python-runner +``` + +### Where to put your code + +- Local path: `python-runner/` +- Entry file: `python-runner/main.py` +- Optional deps: `python-runner/requirements.txt` (installed automatically on container start) + +### Developing and running your script + +1) Edit `python-runner/main.py` with your logic. Example: connect to `postgres` using the hostname `postgres` and credentials from `.env`. +2) Add dependencies to `python-runner/requirements.txt` if needed. +3) Start or restart the service: +```bash +docker compose -p localai --profile python-runner up -d --force-recreate python-runner +``` +4) View logs: +```bash +docker compose -p localai logs -f python-runner +``` + +This service is intentionally minimal to avoid conflicts and can be extended by users as needed. + +--- + ## 🌐 Network Architecture ### **Caddyfile Configuration** diff --git a/python-runner/main.py b/python-runner/main.py new file mode 100644 index 0000000..e2ec0d2 --- /dev/null +++ b/python-runner/main.py @@ -0,0 +1,3 @@ +print("Python runner is up!") + + diff --git a/python-runner/requirements.txt b/python-runner/requirements.txt new file mode 100644 index 0000000..e69de29 diff --git a/scripts/04_wizard.sh b/scripts/04_wizard.sh index d0e9255..0ac2b4e 100755 --- a/scripts/04_wizard.sh +++ b/scripts/04_wizard.sh @@ -66,6 +66,7 @@ base_services_data=( "ragapp" "RAGApp (Open-source RAG UI + API)" "open-webui" "Open WebUI (ChatGPT-like Interface)" "searxng" "SearXNG (Private Metasearch Engine)" + "python-runner" "Python Runner (Run your custom Python code from ./python-runner)" "ollama" "Ollama (Local LLM Runner - select hardware in next step)" "comfyui" "ComfyUI (Node-based Stable Diffusion UI)" ) diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index dee7b78..dd889a2 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -187,6 +187,17 @@ if is_profile_active "gotenberg"; then echo " Office to PDF: POST /forms/libreoffice/convert" fi +if is_profile_active "python-runner"; then + echo + echo "================================= Python Runner ========================" + echo + echo "Internal Container DNS: python-runner" + echo "Mounted Code Directory: ./python-runner (host) -> /app (container)" + echo "Entry File: /app/main.py" + echo "(Note: Internal-only service with no exposed ports; view output via logs)" + echo "Logs: docker compose -p localai logs -f python-runner" +fi + if is_profile_active "n8n" || is_profile_active "langfuse"; then echo echo "================================= Redis (Valkey) ======================" From d1b96e61769d57f9e2e2d4b7bfd5498c93bb6224 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Fri, 15 Aug 2025 16:36:25 -0600 Subject: [PATCH 04/19] Increase whiptail checklist options in service selection wizard for enhanced user experience --- scripts/04_wizard.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/04_wizard.sh b/scripts/04_wizard.sh index 0ac2b4e..91219a3 100755 --- a/scripts/04_wizard.sh +++ b/scripts/04_wizard.sh @@ -103,7 +103,7 @@ done # Use whiptail to display the checklist CHOICES=$(whiptail --title "Service Selection Wizard" --checklist \ - "Choose the services you want to deploy.\nUse ARROW KEYS to navigate, SPACEBAR to select/deselect, ENTER to confirm." 32 90 17 \ + "Choose the services you want to deploy.\nUse ARROW KEYS to navigate, SPACEBAR to select/deselect, ENTER to confirm." 32 90 19 \ "${services[@]}" \ 3>&1 1>&2 2>&3) From ff6c47267d2f510fac06e1488753c009d2d75624 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Mon, 18 Aug 2025 10:27:43 -0600 Subject: [PATCH 05/19] Update n8n service configuration in docker-compose.yml - Refactored environment variables for the n8n service, including the addition of EXECUTIONS_MODE, LANGCHAIN_API_KEY, and other settings for improved functionality. - Ensured consistency in database configuration and enabled binary data mode with a TTL setting. - Updated webhook URL and trust proxy settings for enhanced security and performance. --- docker-compose.yml | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 3d9d885..7fa3c29 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,31 +23,33 @@ x-n8n: &service-n8n context: ./n8n pull: true environment: &service-n8n-env - DB_TYPE: postgresdb - DB_POSTGRESDB_HOST: postgres - DB_POSTGRESDB_USER: postgres - DB_POSTGRESDB_PASSWORD: ${POSTGRES_PASSWORD} DB_POSTGRESDB_DATABASE: postgres - N8N_TRUST_PROXY: true - N8N_DIAGNOSTICS_ENABLED: false - N8N_PERSONALIZATION_ENABLED: false - N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} - N8N_USER_MANAGEMENT_JWT_SECRET: ${N8N_USER_MANAGEMENT_JWT_SECRET} - WEBHOOK_URL: ${N8N_HOSTNAME:+https://}${N8N_HOSTNAME:-http://localhost:5678}/ - N8N_METRICS: true - NODE_ENV: production + DB_POSTGRESDB_HOST: postgres + DB_POSTGRESDB_PASSWORD: ${POSTGRES_PASSWORD} + DB_POSTGRESDB_USER: postgres + DB_TYPE: postgresdb EXECUTIONS_MODE: queue - N8N_RUNNERS_ENABLED: true - QUEUE_HEALTH_CHECK_ACTIVE: true - QUEUE_BULL_REDIS_HOST: ${REDIS_HOST:-redis} - QUEUE_BULL_REDIS_PORT: ${REDIS_PORT:-6379} - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS: true - N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE: true - NODE_FUNCTION_ALLOW_BUILTIN: "*" - NODE_FUNCTION_ALLOW_EXTERNAL: cheerio,axios,moment,lodash + LANGCHAIN_API_KEY: ${LANGCHAIN_API_KEY} LANGCHAIN_ENDPOINT: ${LANGCHAIN_ENDPOINT} LANGCHAIN_TRACING_V2: ${LANGCHAIN_TRACING_V2} - LANGCHAIN_API_KEY: ${LANGCHAIN_API_KEY} + N8N_BINARY_DATA_MODE: filesystem + N8N_BINARY_DATA_TTL: 600 + N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE: true + N8N_DIAGNOSTICS_ENABLED: false + N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} + N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS: true + N8N_METRICS: true + N8N_PERSONALIZATION_ENABLED: false + N8N_RUNNERS_ENABLED: true + N8N_TRUST_PROXY: true + N8N_USER_MANAGEMENT_JWT_SECRET: ${N8N_USER_MANAGEMENT_JWT_SECRET} + NODE_ENV: production + NODE_FUNCTION_ALLOW_BUILTIN: "*" + NODE_FUNCTION_ALLOW_EXTERNAL: cheerio,axios,moment,lodash + QUEUE_BULL_REDIS_HOST: ${REDIS_HOST:-redis} + QUEUE_BULL_REDIS_PORT: ${REDIS_PORT:-6379} + QUEUE_HEALTH_CHECK_ACTIVE: true + WEBHOOK_URL: ${N8N_HOSTNAME:+https://}${N8N_HOSTNAME:-http://localhost:5678}/ x-ollama: &service-ollama image: ollama/ollama:latest From 2ff14b56892f839433379928d0b0044b9f75e901 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Mon, 18 Aug 2025 14:20:36 -0600 Subject: [PATCH 06/19] Add N8N_PAYLOAD_SIZE_MAX environment variable to n8n service in docker-compose.yml - Introduced N8N_PAYLOAD_SIZE_MAX variable to configure the maximum payload size for the n8n service, enhancing data handling capabilities. - This addition supports improved performance and stability in processing larger payloads. --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 7fa3c29..d72247e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,6 +34,7 @@ x-n8n: &service-n8n LANGCHAIN_TRACING_V2: ${LANGCHAIN_TRACING_V2} N8N_BINARY_DATA_MODE: filesystem N8N_BINARY_DATA_TTL: 600 + N8N_PAYLOAD_SIZE_MAX: 256 N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE: true N8N_DIAGNOSTICS_ENABLED: false N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY} From 512f9194238a0302d11221dab97a08c095339ed9 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Mon, 18 Aug 2025 17:41:07 -0600 Subject: [PATCH 07/19] Add troubleshooting section to README.md for site loading issues - Introduced a new section addressing common issues related to sites not loading after installation. - Provided potential causes and solutions, including resource checks and minimal configuration testing to enhance user support and guidance. --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 9db1e47..154ed32 100644 --- a/README.md +++ b/README.md @@ -211,6 +211,14 @@ This can be useful for removing old images and freeing up space, but be aware th Here are solutions to common issues you might encounter: +### Sites not loading even after following the instructions + +- **Symptom:** Your domains/sites do not open or return errors even though you completed all installation steps. +- **Likely cause:** Your VPS does not have enough resources for the set of services you selected. +- **What to try:** + 1. Check current CPU and RAM usage (e.g., with `top`/`htop`, `free -h`, and `docker stats`). If resources are saturated, upgrade the server or reduce the number of running services. + 2. Try a minimal configuration — start only `n8n` and verify it comes up. If it works in this minimal setup, enable other services gradually while monitoring the load. + ### Temporary "Dangerous Site" Warning in Browser - **Symptom:** Immediately after deploying the services, your browser (e.g., Chrome) might display a "Dangerous Site" or similar security warning when you try to access your services. This warning typically disappears after some time (e.g., within a few hours or by the next day). From 25ebc661b8f6d2119d0ec49718da52c2e633ea50 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 13:54:50 -0600 Subject: [PATCH 08/19] Add Postiz service integration and configuration - Introduced Postiz as a new service in docker-compose.yml, including necessary environment variables and volume configurations. - Updated Caddyfile to set up reverse proxy for Postiz. - Enhanced README.md to document Postiz and its hostname for user reference. - Modified scripts to include Postiz in the service selection wizard and final report for improved user guidance. --- .env.example | 1 + Caddyfile | 5 +++++ README.md | 3 +++ docker-compose.yml | 12 ++++++++++++ scripts/04_wizard.sh | 1 + scripts/06_final_report.sh | 8 ++++++++ 6 files changed, 30 insertions(+) diff --git a/.env.example b/.env.example index 142928b..e747eb0 100644 --- a/.env.example +++ b/.env.example @@ -144,6 +144,7 @@ NEO4J_HOSTNAME=neo4j.yourdomain.com GRAFANA_HOSTNAME=grafana.yourdomain.com PROMETHEUS_HOSTNAME=prometheus.yourdomain.com PORTAINER_HOSTNAME=portainer.yourdomain.com +POSTIZ_HOSTNAME=postiz.yourdomain.com LETTA_HOSTNAME=letta.yourdomain.com QDRANT_HOSTNAME=qdrant.yourdomain.com COMFYUI_HOSTNAME=comfyui.yourdomain.com diff --git a/Caddyfile b/Caddyfile index 30c4436..68b11e4 100644 --- a/Caddyfile +++ b/Caddyfile @@ -66,6 +66,11 @@ reverse_proxy portainer:9000 } +# Postiz +{$POSTIZ_HOSTNAME} { + reverse_proxy postiz:5000 +} + # Letta {$LETTA_HOSTNAME} { reverse_proxy letta:8283 diff --git a/README.md b/README.md index 154ed32..d3431a7 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,8 @@ The installer also makes the following powerful open-source tools **available fo ✅ [**Portainer**](https://www.portainer.io/) - A lightweight, secure web UI to manage your Docker environment (containers, images, volumes, networks) with ease. +✅ [**Postiz**](https://postiz.com/) - An open-source social media scheduling and publishing platform. + ### Included Community Workflows Get started quickly with a vast library of pre-built automations (optional import during setup)! This collection includes over 300 workflows covering a wide range of use cases: @@ -140,6 +142,7 @@ After successful installation, your services are up and running! Here's how to g - **Prometheus:** `prometheus.yourdomain.com` (Typically used as a data source for Grafana) - **Portainer:** `portainer.yourdomain.com` (Protected by Caddy basic auth; on first login, complete Portainer admin setup) - **ComfyUI:** `comfyui.yourdomain.com` (Node-based Stable Diffusion UI) + - **Postiz:** `postiz.yourdomain.com` ### Optional Internal Utility: Python Runner diff --git a/docker-compose.yml b/docker-compose.yml index d72247e..ecf38c3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,6 +17,8 @@ volumes: weaviate_data: portainer_data: comfyui_data: + postiz-config: + postiz-uploads: x-n8n: &service-n8n build: @@ -221,6 +223,7 @@ services: - SEARXNG_USERNAME=${SEARXNG_USERNAME} - SEARXNG_PASSWORD_HASH=${SEARXNG_PASSWORD_HASH} - PORTAINER_HOSTNAME=${PORTAINER_HOSTNAME} + - POSTIZ_HOSTNAME=${POSTIZ_HOSTNAME} - COMFYUI_HOSTNAME=${COMFYUI_HOSTNAME} - COMFYUI_USERNAME=${COMFYUI_USERNAME} - COMFYUI_PASSWORD_HASH=${COMFYUI_PASSWORD_HASH} @@ -598,6 +601,15 @@ services: - portainer_data:/data - ${DOCKER_SOCKET_LOCATION:-/var/run/docker.sock}:/var/run/docker.sock + postiz: + image: ghcr.io/gitroomhq/postiz-app:latest + container_name: postiz + profiles: ["postiz"] + restart: unless-stopped + volumes: + - postiz-config:/config + - postiz-uploads:/uploads + comfyui: image: yanwk/comfyui-boot:cu124-slim container_name: comfyui diff --git a/scripts/04_wizard.sh b/scripts/04_wizard.sh index 91219a3..6f49b93 100755 --- a/scripts/04_wizard.sh +++ b/scripts/04_wizard.sh @@ -55,6 +55,7 @@ base_services_data=( "flowise" "Flowise (AI Agent Builder)" "monitoring" "Monitoring Suite (Prometheus, Grafana, cAdvisor, Node-Exporter)" "portainer" "Portainer (Docker management UI)" + "postiz" "Postiz (Social publishing platform)" "langfuse" "Langfuse Suite (AI Observability - includes Clickhouse, Minio)" "qdrant" "Qdrant (Vector Database)" "supabase" "Supabase (Backend as a Service)" diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index dd889a2..b4c6b11 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -135,6 +135,14 @@ if is_profile_active "portainer"; then echo "(Note: On first login, Portainer will prompt to set up an admin user.)" fi +if is_profile_active "postiz"; then + echo + echo "================================= Postiz ==============================" + echo + echo "Host: ${POSTIZ_HOSTNAME:-}" + echo "Note: Configure Postgres/Redis in /config/.env inside the container on first run." +fi + if is_profile_active "ragapp"; then echo echo "================================= RAGApp ==============================" From 2f09c40b60ef31064eb128cbf2c67ec8668b32e8 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 13:58:01 -0600 Subject: [PATCH 09/19] Add health check dependencies for Postiz service in docker-compose.yml - Updated the Postiz service configuration to include health check dependencies for PostgreSQL and Redis, ensuring that these services are healthy before Postiz starts. - This enhancement improves service reliability and startup order in the Docker environment. --- docker-compose.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index ecf38c3..9eb9784 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -609,6 +609,11 @@ services: volumes: - postiz-config:/config - postiz-uploads:/uploads + depends_on: + postgres: + condition: service_healthy + redis: + condition: service_healthy comfyui: image: yanwk/comfyui-boot:cu124-slim From d3facc8e74b595c3f3444c15dedc3ffa95c0a31d Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:01:02 -0600 Subject: [PATCH 10/19] Increase the number of options in the whiptail checklist for the service selection wizard to enhance user experience --- scripts/04_wizard.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/04_wizard.sh b/scripts/04_wizard.sh index 6f49b93..3068e30 100755 --- a/scripts/04_wizard.sh +++ b/scripts/04_wizard.sh @@ -104,7 +104,7 @@ done # Use whiptail to display the checklist CHOICES=$(whiptail --title "Service Selection Wizard" --checklist \ - "Choose the services you want to deploy.\nUse ARROW KEYS to navigate, SPACEBAR to select/deselect, ENTER to confirm." 32 90 19 \ + "Choose the services you want to deploy.\nUse ARROW KEYS to navigate, SPACEBAR to select/deselect, ENTER to confirm." 32 90 20 \ "${services[@]}" \ 3>&1 1>&2 2>&3) From 155c0243c5ffe8b8776274f4814774a8a037661a Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:12:25 -0600 Subject: [PATCH 11/19] Add environment variables for Postiz service in docker-compose.yml - Introduced DATABASE_URL, REDIS_URL, and JWT_SECRET environment variables to the Postiz service configuration. - This enhancement improves the service's connectivity and security by ensuring necessary configurations are set for database and Redis access. --- docker-compose.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 9eb9784..c3df1f5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -609,6 +609,10 @@ services: volumes: - postiz-config:/config - postiz-uploads:/uploads + environment: + - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres?schema=postiz + - REDIS_URL=redis://redis:6379 + - JWT_SECRET=${JWT_SECRET} depends_on: postgres: condition: service_healthy From f9b22d96317f94f93501ecfa5ac95b2cf6d2e756 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:25:07 -0600 Subject: [PATCH 12/19] Add Postiz configuration and environment variables - Updated .env.example to include new environment variables for Postiz, including authentication and social media integration settings. - Modified Caddyfile to implement basic authentication for the Postiz service. - Enhanced docker-compose.yml to incorporate Postiz environment variables and ensure proper service configuration. - Updated scripts to generate Postiz-related secrets and included them in the final report for user reference. --- .env.example | 60 ++++++++++++++++++++++++++ Caddyfile | 3 ++ docker-compose.yml | 77 ++++++++++++++++++++++++---------- scripts/03_generate_secrets.sh | 19 ++++++++- scripts/06_final_report.sh | 4 +- 5 files changed, 139 insertions(+), 24 deletions(-) diff --git a/.env.example b/.env.example index e747eb0..c4ee19d 100644 --- a/.env.example +++ b/.env.example @@ -322,3 +322,63 @@ PROMETHEUS_PASSWORD_HASH= SEARXNG_PASSWORD_HASH= COMFYUI_PASSWORD_HASH= RAGAPP_PASSWORD_HASH= + +############ +# Postiz configuration +# Reference: https://docs.postiz.com/configuration/reference +# To protect Postiz via Caddy basic auth (optional), set these: +############ + +POSTIZ_USERNAME= +POSTIZ_PASSWORD= +POSTIZ_PASSWORD_HASH= + +############ +# Postiz Social Media Integrations +# Leave blank if not used. Provide credentials from each platform. +############ + +X_API_KEY= +X_API_SECRET= + +LINKEDIN_CLIENT_ID= +LINKEDIN_CLIENT_SECRET= + +REDDIT_CLIENT_ID= +REDDIT_CLIENT_SECRET= + +GITHUB_CLIENT_ID= +GITHUB_CLIENT_SECRET= + +BEEHIIVE_API_KEY= +BEEHIIVE_PUBLICATION_ID= + +THREADS_APP_ID= +THREADS_APP_SECRET= + +FACEBOOK_APP_ID= +FACEBOOK_APP_SECRET= + +YOUTUBE_CLIENT_ID= +YOUTUBE_CLIENT_SECRET= + +TIKTOK_CLIENT_ID= +TIKTOK_CLIENT_SECRET= + +PINTEREST_CLIENT_ID= +PINTEREST_CLIENT_SECRET= + +DRIBBBLE_CLIENT_ID= +DRIBBBLE_CLIENT_SECRET= + +DISCORD_CLIENT_ID= +DISCORD_CLIENT_SECRET= +DISCORD_BOT_TOKEN_ID= + +SLACK_ID= +SLACK_SECRET= +SLACK_SIGNING_SECRET= + +MASTODON_URL=https://mastodon.social +MASTODON_CLIENT_ID= +MASTODON_CLIENT_SECRET= diff --git a/Caddyfile b/Caddyfile index 68b11e4..9cff214 100644 --- a/Caddyfile +++ b/Caddyfile @@ -68,6 +68,9 @@ # Postiz {$POSTIZ_HOSTNAME} { + basic_auth { + {$POSTIZ_USERNAME} {$POSTIZ_PASSWORD_HASH} + } reverse_proxy postiz:5000 } diff --git a/docker-compose.yml b/docker-compose.yml index c3df1f5..b1aae27 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -201,32 +201,34 @@ services: - caddy-data:/data:rw - caddy-config:/config:rw environment: - - N8N_HOSTNAME=${N8N_HOSTNAME} - - WEBUI_HOSTNAME=${WEBUI_HOSTNAME} - - FLOWISE_HOSTNAME=${FLOWISE_HOSTNAME} + - COMFYUI_HOSTNAME=${COMFYUI_HOSTNAME} + - COMFYUI_PASSWORD_HASH=${COMFYUI_PASSWORD_HASH} + - COMFYUI_USERNAME=${COMFYUI_USERNAME} - DIFY_HOSTNAME=${DIFY_HOSTNAME} - - RAGAPP_HOSTNAME=${RAGAPP_HOSTNAME} - - RAGAPP_USERNAME=${RAGAPP_USERNAME} - - RAGAPP_PASSWORD_HASH=${RAGAPP_PASSWORD_HASH} - - SUPABASE_HOSTNAME=${SUPABASE_HOSTNAME} - - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME} - - LANGFUSE_HOSTNAME=${LANGFUSE_HOSTNAME} - - WEAVIATE_HOSTNAME=${WEAVIATE_HOSTNAME} - - QDRANT_HOSTNAME=${QDRANT_HOSTNAME} - - NEO4J_HOSTNAME=${NEO4J_HOSTNAME} - - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL:-internal} - - PROMETHEUS_HOSTNAME=${PROMETHEUS_HOSTNAME} + - FLOWISE_HOSTNAME=${FLOWISE_HOSTNAME} - GRAFANA_HOSTNAME=${GRAFANA_HOSTNAME} + - LANGFUSE_HOSTNAME=${LANGFUSE_HOSTNAME} + - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL:-internal} - LETTA_HOSTNAME=${LETTA_HOSTNAME} - - PROMETHEUS_USERNAME=${PROMETHEUS_USERNAME} - - PROMETHEUS_PASSWORD_HASH=${PROMETHEUS_PASSWORD_HASH} - - SEARXNG_USERNAME=${SEARXNG_USERNAME} - - SEARXNG_PASSWORD_HASH=${SEARXNG_PASSWORD_HASH} + - N8N_HOSTNAME=${N8N_HOSTNAME} + - NEO4J_HOSTNAME=${NEO4J_HOSTNAME} - PORTAINER_HOSTNAME=${PORTAINER_HOSTNAME} - POSTIZ_HOSTNAME=${POSTIZ_HOSTNAME} - - COMFYUI_HOSTNAME=${COMFYUI_HOSTNAME} - - COMFYUI_USERNAME=${COMFYUI_USERNAME} - - COMFYUI_PASSWORD_HASH=${COMFYUI_PASSWORD_HASH} + - POSTIZ_PASSWORD_HASH=${POSTIZ_PASSWORD_HASH} + - POSTIZ_USERNAME=${POSTIZ_USERNAME} + - PROMETHEUS_HOSTNAME=${PROMETHEUS_HOSTNAME} + - PROMETHEUS_PASSWORD_HASH=${PROMETHEUS_PASSWORD_HASH} + - PROMETHEUS_USERNAME=${PROMETHEUS_USERNAME} + - QDRANT_HOSTNAME=${QDRANT_HOSTNAME} + - RAGAPP_HOSTNAME=${RAGAPP_HOSTNAME} + - RAGAPP_PASSWORD_HASH=${RAGAPP_PASSWORD_HASH} + - RAGAPP_USERNAME=${RAGAPP_USERNAME} + - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME} + - SEARXNG_PASSWORD_HASH=${SEARXNG_PASSWORD_HASH} + - SEARXNG_USERNAME=${SEARXNG_USERNAME} + - SUPABASE_HOSTNAME=${SUPABASE_HOSTNAME} + - WEAVIATE_HOSTNAME=${WEAVIATE_HOSTNAME} + - WEBUI_HOSTNAME=${WEBUI_HOSTNAME} cap_drop: - ALL cap_add: @@ -613,6 +615,39 @@ services: - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres?schema=postiz - REDIS_URL=redis://redis:6379 - JWT_SECRET=${JWT_SECRET} + - DISABLE_REGISTRATION=true + # Social Media API Settings + - X_API_KEY=${X_API_KEY} + - X_API_SECRET=${X_API_SECRET} + - LINKEDIN_CLIENT_ID=${LINKEDIN_CLIENT_ID} + - LINKEDIN_CLIENT_SECRET=${LINKEDIN_CLIENT_SECRET} + - REDDIT_CLIENT_ID=${REDDIT_CLIENT_ID} + - REDDIT_CLIENT_SECRET=${REDDIT_CLIENT_SECRET} + - GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID} + - GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET} + - BEEHIIVE_API_KEY=${BEEHIIVE_API_KEY} + - BEEHIIVE_PUBLICATION_ID=${BEEHIIVE_PUBLICATION_ID} + - THREADS_APP_ID=${THREADS_APP_ID} + - THREADS_APP_SECRET=${THREADS_APP_SECRET} + - FACEBOOK_APP_ID=${FACEBOOK_APP_ID} + - FACEBOOK_APP_SECRET=${FACEBOOK_APP_SECRET} + - YOUTUBE_CLIENT_ID=${YOUTUBE_CLIENT_ID} + - YOUTUBE_CLIENT_SECRET=${YOUTUBE_CLIENT_SECRET} + - TIKTOK_CLIENT_ID=${TIKTOK_CLIENT_ID} + - TIKTOK_CLIENT_SECRET=${TIKTOK_CLIENT_SECRET} + - PINTEREST_CLIENT_ID=${PINTEREST_CLIENT_ID} + - PINTEREST_CLIENT_SECRET=${PINTEREST_CLIENT_SECRET} + - DRIBBBLE_CLIENT_ID=${DRIBBBLE_CLIENT_ID} + - DRIBBBLE_CLIENT_SECRET=${DRIBBBLE_CLIENT_SECRET} + - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} + - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} + - DISCORD_BOT_TOKEN_ID=${DISCORD_BOT_TOKEN_ID} + - SLACK_ID=${SLACK_ID} + - SLACK_SECRET=${SLACK_SECRET} + - SLACK_SIGNING_SECRET=${SLACK_SIGNING_SECRET} + - MASTODON_URL=${MASTODON_URL} + - MASTODON_CLIENT_ID=${MASTODON_CLIENT_ID} + - MASTODON_CLIENT_SECRET=${MASTODON_CLIENT_SECRET} depends_on: postgres: condition: service_healthy diff --git a/scripts/03_generate_secrets.sh b/scripts/03_generate_secrets.sh index 296242c..b26e675 100755 --- a/scripts/03_generate_secrets.sh +++ b/scripts/03_generate_secrets.sh @@ -53,6 +53,7 @@ declare -A VARS_TO_GENERATE=( ["DIFY_SECRET_KEY"]="secret:64" # Dify application secret key (maps to SECRET_KEY in Dify) ["COMFYUI_PASSWORD"]="password:32" # Added ComfyUI basic auth password ["RAGAPP_PASSWORD"]="password:32" # Added RAGApp basic auth password + ["POSTIZ_PASSWORD"]="password:32" # Added Postiz basic auth password ) # Initialize existing_env_vars and attempt to read .env if it exists @@ -372,6 +373,7 @@ generated_values["N8N_WORKER_COUNT"]="$N8N_WORKER_COUNT" generated_values["WEAVIATE_USERNAME"]="$USER_EMAIL" # Set Weaviate username for Caddy generated_values["COMFYUI_USERNAME"]="$USER_EMAIL" # Set ComfyUI username for Caddy generated_values["RAGAPP_USERNAME"]="$USER_EMAIL" # Set RAGApp username for Caddy +generated_values["POSTIZ_USERNAME"]="$USER_EMAIL" # Set Postiz username for Caddy if [[ -n "$OPENAI_API_KEY" ]]; then generated_values["OPENAI_API_KEY"]="$OPENAI_API_KEY" @@ -397,6 +399,7 @@ found_vars["WEAVIATE_USERNAME"]=0 found_vars["NEO4J_AUTH_USERNAME"]=0 found_vars["COMFYUI_USERNAME"]=0 found_vars["RAGAPP_USERNAME"]=0 +found_vars["POSTIZ_USERNAME"]=0 # Read template, substitute domain, generate initial values while IFS= read -r line || [[ -n "$line" ]]; do @@ -443,7 +446,7 @@ while IFS= read -r line || [[ -n "$line" ]]; do # This 'else' block is for lines from template not covered by existing values or VARS_TO_GENERATE. # Check if it is one of the user input vars - these are handled by found_vars later if not in template. is_user_input_var=0 # Reset for each line - user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME") + user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME" "POSTIZ_USERNAME") for uivar in "${user_input_vars[@]}"; do if [[ "$varName" == "$uivar" ]]; then is_user_input_var=1 @@ -525,7 +528,7 @@ if [[ -z "${generated_values[SERVICE_ROLE_KEY]}" ]]; then fi # Add any custom variables that weren't found in the template -for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME"; do +for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME" "POSTIZ_USERNAME"; do if [[ ${found_vars["$var"]} -eq 0 && -v generated_values["$var"] ]]; then # Before appending, check if it's already in TMP_ENV_FILE to avoid duplicates if ! grep -q -E "^${var}=" "$TMP_ENV_FILE"; then @@ -661,6 +664,18 @@ fi _update_or_add_env_var "RAGAPP_PASSWORD_HASH" "$FINAL_RAGAPP_HASH" +# --- POSTIZ --- +POSTIZ_PLAIN_PASS="${generated_values["POSTIZ_PASSWORD"]}" +FINAL_POSTIZ_HASH="${generated_values[POSTIZ_PASSWORD_HASH]}" +if [[ -z "$FINAL_POSTIZ_HASH" && -n "$POSTIZ_PLAIN_PASS" ]]; then + NEW_HASH=$(_generate_and_get_hash "$POSTIZ_PLAIN_PASS") + if [[ -n "$NEW_HASH" ]]; then + FINAL_POSTIZ_HASH="$NEW_HASH" + generated_values["POSTIZ_PASSWORD_HASH"]="$NEW_HASH" + fi +fi +_update_or_add_env_var "POSTIZ_PASSWORD_HASH" "$FINAL_POSTIZ_HASH" + if [ $? -eq 0 ]; then # This $? reflects the status of the last mv command from the last _update_or_add_env_var call. # For now, assuming if we reached here and mv was fine, primary operations were okay. echo ".env file generated successfully in the project root ($OUTPUT_FILE)." diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index b4c6b11..74741cf 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -140,7 +140,9 @@ if is_profile_active "postiz"; then echo "================================= Postiz ==============================" echo echo "Host: ${POSTIZ_HOSTNAME:-}" - echo "Note: Configure Postgres/Redis in /config/.env inside the container on first run." + echo "Internal Access (from other containers): http://postiz:5000" + echo "User: ${POSTIZ_USERNAME:-}" + echo "Password: ${POSTIZ_PASSWORD:-}" fi if is_profile_active "ragapp"; then From 658b3a75eb2985fad976a526d280dfeaa763310e Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:30:24 -0600 Subject: [PATCH 13/19] Add additional environment variables for Postiz service in docker-compose.yml - Introduced FRONTEND_URL, NEXT_PUBLIC_BACKEND_URL, BACKEND_INTERNAL_URL, MAIN_URL, and STORAGE_PROVIDER variables to enhance service configuration. - These additions improve the flexibility and connectivity of the Postiz service within the Docker environment. --- docker-compose.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index b1aae27..c8f86db 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -616,6 +616,11 @@ services: - REDIS_URL=redis://redis:6379 - JWT_SECRET=${JWT_SECRET} - DISABLE_REGISTRATION=true + - FRONTEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} + - NEXT_PUBLIC_BACKEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} + - BACKEND_INTERNAL_URL=http://postiz:3000 + - MAIN_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} + - STORAGE_PROVIDER=local # Social Media API Settings - X_API_KEY=${X_API_KEY} - X_API_SECRET=${X_API_SECRET} From b81ddff4bfaa8d7ade414f1c1c360a7b69dada7b Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:36:28 -0600 Subject: [PATCH 14/19] Update Postiz environment variables for registration control - Added POSTIZ_DISABLE_REGISTRATION variable to .env.example to manage user registration settings. - Updated docker-compose.yml to utilize the new environment variable for controlling registration behavior in the Postiz service, enhancing configuration flexibility. --- .env.example | 1 + docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.env.example b/.env.example index c4ee19d..82569a6 100644 --- a/.env.example +++ b/.env.example @@ -332,6 +332,7 @@ RAGAPP_PASSWORD_HASH= POSTIZ_USERNAME= POSTIZ_PASSWORD= POSTIZ_PASSWORD_HASH= +POSTIZ_DISABLE_REGISTRATION=false ############ # Postiz Social Media Integrations diff --git a/docker-compose.yml b/docker-compose.yml index c8f86db..60217bd 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -615,7 +615,7 @@ services: - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres?schema=postiz - REDIS_URL=redis://redis:6379 - JWT_SECRET=${JWT_SECRET} - - DISABLE_REGISTRATION=true + - DISABLE_REGISTRATION=${POSTIZ_DISABLE_REGISTRATION} - FRONTEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} - NEXT_PUBLIC_BACKEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} - BACKEND_INTERNAL_URL=http://postiz:3000 From 50584698d2381e5f4aeee45884f0ff8e1cd0b909 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 14:58:51 -0600 Subject: [PATCH 15/19] Refactor Postiz service configuration in docker-compose.yml - Changed restart policy to 'always' for improved service reliability. - Updated environment variable syntax for consistency and added new variables for self-hosting and upload directory. - Ensured proper volume configuration for Postiz service. - Adjusted service dependencies to reflect new naming conventions for PostgreSQL and Redis services. --- docker-compose.yml | 96 +++++++++++++++++++++++----------------------- 1 file changed, 49 insertions(+), 47 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 60217bd..e0f309e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -606,57 +606,59 @@ services: postiz: image: ghcr.io/gitroomhq/postiz-app:latest container_name: postiz - profiles: ["postiz"] - restart: unless-stopped - volumes: - - postiz-config:/config - - postiz-uploads:/uploads + restart: always environment: - - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres?schema=postiz - - REDIS_URL=redis://redis:6379 - - JWT_SECRET=${JWT_SECRET} - - DISABLE_REGISTRATION=${POSTIZ_DISABLE_REGISTRATION} - - FRONTEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} - - NEXT_PUBLIC_BACKEND_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} - - BACKEND_INTERNAL_URL=http://postiz:3000 - - MAIN_URL=${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} - - STORAGE_PROVIDER=local + BACKEND_INTERNAL_URL: http://postiz:3000 + DATABASE_URL: "postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres?schema=postiz" + DISABLE_REGISTRATION: ${POSTIZ_DISABLE_REGISTRATION} + FRONTEND_URL: ${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} + IS_GENERAL: "true" # Required for self-hosting. + JWT_SECRET: ${JWT_SECRET} + MAIN_URL: ${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME} + NEXT_PUBLIC_BACKEND_URL: ${POSTIZ_HOSTNAME:+https://}${POSTIZ_HOSTNAME}/api + NEXT_PUBLIC_UPLOAD_DIRECTORY: "/uploads" + REDIS_URL: "redis://redis:6379" + STORAGE_PROVIDER: "local" + UPLOAD_DIRECTORY: "/uploads" # Social Media API Settings - - X_API_KEY=${X_API_KEY} - - X_API_SECRET=${X_API_SECRET} - - LINKEDIN_CLIENT_ID=${LINKEDIN_CLIENT_ID} - - LINKEDIN_CLIENT_SECRET=${LINKEDIN_CLIENT_SECRET} - - REDDIT_CLIENT_ID=${REDDIT_CLIENT_ID} - - REDDIT_CLIENT_SECRET=${REDDIT_CLIENT_SECRET} - - GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID} - - GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET} - - BEEHIIVE_API_KEY=${BEEHIIVE_API_KEY} - - BEEHIIVE_PUBLICATION_ID=${BEEHIIVE_PUBLICATION_ID} - - THREADS_APP_ID=${THREADS_APP_ID} - - THREADS_APP_SECRET=${THREADS_APP_SECRET} - - FACEBOOK_APP_ID=${FACEBOOK_APP_ID} - - FACEBOOK_APP_SECRET=${FACEBOOK_APP_SECRET} - - YOUTUBE_CLIENT_ID=${YOUTUBE_CLIENT_ID} - - YOUTUBE_CLIENT_SECRET=${YOUTUBE_CLIENT_SECRET} - - TIKTOK_CLIENT_ID=${TIKTOK_CLIENT_ID} - - TIKTOK_CLIENT_SECRET=${TIKTOK_CLIENT_SECRET} - - PINTEREST_CLIENT_ID=${PINTEREST_CLIENT_ID} - - PINTEREST_CLIENT_SECRET=${PINTEREST_CLIENT_SECRET} - - DRIBBBLE_CLIENT_ID=${DRIBBBLE_CLIENT_ID} - - DRIBBBLE_CLIENT_SECRET=${DRIBBBLE_CLIENT_SECRET} - - DISCORD_CLIENT_ID=${DISCORD_CLIENT_ID} - - DISCORD_CLIENT_SECRET=${DISCORD_CLIENT_SECRET} - - DISCORD_BOT_TOKEN_ID=${DISCORD_BOT_TOKEN_ID} - - SLACK_ID=${SLACK_ID} - - SLACK_SECRET=${SLACK_SECRET} - - SLACK_SIGNING_SECRET=${SLACK_SIGNING_SECRET} - - MASTODON_URL=${MASTODON_URL} - - MASTODON_CLIENT_ID=${MASTODON_CLIENT_ID} - - MASTODON_CLIENT_SECRET=${MASTODON_CLIENT_SECRET} + X_API_KEY: ${X_API_KEY} + X_API_SECRET: ${X_API_SECRET} + LINKEDIN_CLIENT_ID: ${LINKEDIN_CLIENT_ID} + LINKEDIN_CLIENT_SECRET: ${LINKEDIN_CLIENT_SECRET} + REDDIT_CLIENT_ID: ${REDDIT_CLIENT_ID} + REDDIT_CLIENT_SECRET: ${REDDIT_CLIENT_SECRET} + GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID} + GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET} + BEEHIIVE_API_KEY: ${BEEHIIVE_API_KEY} + BEEHIIVE_PUBLICATION_ID: ${BEEHIIVE_PUBLICATION_ID} + THREADS_APP_ID: ${THREADS_APP_ID} + THREADS_APP_SECRET: ${THREADS_APP_SECRET} + FACEBOOK_APP_ID: ${FACEBOOK_APP_ID} + FACEBOOK_APP_SECRET: ${FACEBOOK_APP_SECRET} + YOUTUBE_CLIENT_ID: ${YOUTUBE_CLIENT_ID} + YOUTUBE_CLIENT_SECRET: ${YOUTUBE_CLIENT_SECRET} + TIKTOK_CLIENT_ID: ${TIKTOK_CLIENT_ID} + TIKTOK_CLIENT_SECRET: ${TIKTOK_CLIENT_SECRET} + PINTEREST_CLIENT_ID: ${PINTEREST_CLIENT_ID} + PINTEREST_CLIENT_SECRET: ${PINTEREST_CLIENT_SECRET} + DRIBBBLE_CLIENT_ID: ${DRIBBBLE_CLIENT_ID} + DRIBBBLE_CLIENT_SECRET: ${DRIBBBLE_CLIENT_SECRET} + DISCORD_CLIENT_ID: ${DISCORD_CLIENT_ID} + DISCORD_CLIENT_SECRET: ${DISCORD_CLIENT_SECRET} + DISCORD_BOT_TOKEN_ID: ${DISCORD_BOT_TOKEN_ID} + SLACK_ID: ${SLACK_ID} + SLACK_SECRET: ${SLACK_SECRET} + SLACK_SIGNING_SECRET: ${SLACK_SIGNING_SECRET} + MASTODON_URL: ${MASTODON_URL} + MASTODON_CLIENT_ID: ${MASTODON_CLIENT_ID} + MASTODON_CLIENT_SECRET: ${MASTODON_CLIENT_SECRET} + volumes: + - postiz-config:/config/ + - postiz-uploads:/uploads/ depends_on: - postgres: + postiz-postgres: condition: service_healthy - redis: + postiz-redis: condition: service_healthy comfyui: From a8dd9dcf378cd39eb4c92a917efa5ccee9b0732e Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 15:00:10 -0600 Subject: [PATCH 16/19] Update service dependencies in docker-compose.yml - Renamed service dependencies for PostgreSQL and Redis to align with updated naming conventions. - Ensured that service health checks are maintained for proper startup order and reliability. --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index e0f309e..078c353 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -656,9 +656,9 @@ services: - postiz-config:/config/ - postiz-uploads:/uploads/ depends_on: - postiz-postgres: + postgres: condition: service_healthy - postiz-redis: + redis: condition: service_healthy comfyui: From 3324d1e8e62d2393ddfe1d8b7c7a7f20cb4cb1d9 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 16:12:02 -0600 Subject: [PATCH 17/19] Remove Postiz authentication variables and related configurations - Deleted POSTIZ_USERNAME, POSTIZ_PASSWORD, and POSTIZ_PASSWORD_HASH from .env.example and docker-compose.yml to streamline configuration. - Removed basic authentication setup from Caddyfile for the Postiz service. - Updated scripts to eliminate generation of Postiz-related secrets, enhancing security and simplifying setup. --- .env.example | 3 --- Caddyfile | 3 --- docker-compose.yml | 2 -- scripts/03_generate_secrets.sh | 17 +---------------- scripts/06_final_report.sh | 4 +--- 5 files changed, 2 insertions(+), 27 deletions(-) diff --git a/.env.example b/.env.example index 82569a6..dcbfe37 100644 --- a/.env.example +++ b/.env.example @@ -329,9 +329,6 @@ RAGAPP_PASSWORD_HASH= # To protect Postiz via Caddy basic auth (optional), set these: ############ -POSTIZ_USERNAME= -POSTIZ_PASSWORD= -POSTIZ_PASSWORD_HASH= POSTIZ_DISABLE_REGISTRATION=false ############ diff --git a/Caddyfile b/Caddyfile index 9cff214..68b11e4 100644 --- a/Caddyfile +++ b/Caddyfile @@ -68,9 +68,6 @@ # Postiz {$POSTIZ_HOSTNAME} { - basic_auth { - {$POSTIZ_USERNAME} {$POSTIZ_PASSWORD_HASH} - } reverse_proxy postiz:5000 } diff --git a/docker-compose.yml b/docker-compose.yml index 078c353..93f57b9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -214,8 +214,6 @@ services: - NEO4J_HOSTNAME=${NEO4J_HOSTNAME} - PORTAINER_HOSTNAME=${PORTAINER_HOSTNAME} - POSTIZ_HOSTNAME=${POSTIZ_HOSTNAME} - - POSTIZ_PASSWORD_HASH=${POSTIZ_PASSWORD_HASH} - - POSTIZ_USERNAME=${POSTIZ_USERNAME} - PROMETHEUS_HOSTNAME=${PROMETHEUS_HOSTNAME} - PROMETHEUS_PASSWORD_HASH=${PROMETHEUS_PASSWORD_HASH} - PROMETHEUS_USERNAME=${PROMETHEUS_USERNAME} diff --git a/scripts/03_generate_secrets.sh b/scripts/03_generate_secrets.sh index b26e675..3e083d2 100755 --- a/scripts/03_generate_secrets.sh +++ b/scripts/03_generate_secrets.sh @@ -53,7 +53,6 @@ declare -A VARS_TO_GENERATE=( ["DIFY_SECRET_KEY"]="secret:64" # Dify application secret key (maps to SECRET_KEY in Dify) ["COMFYUI_PASSWORD"]="password:32" # Added ComfyUI basic auth password ["RAGAPP_PASSWORD"]="password:32" # Added RAGApp basic auth password - ["POSTIZ_PASSWORD"]="password:32" # Added Postiz basic auth password ) # Initialize existing_env_vars and attempt to read .env if it exists @@ -373,7 +372,6 @@ generated_values["N8N_WORKER_COUNT"]="$N8N_WORKER_COUNT" generated_values["WEAVIATE_USERNAME"]="$USER_EMAIL" # Set Weaviate username for Caddy generated_values["COMFYUI_USERNAME"]="$USER_EMAIL" # Set ComfyUI username for Caddy generated_values["RAGAPP_USERNAME"]="$USER_EMAIL" # Set RAGApp username for Caddy -generated_values["POSTIZ_USERNAME"]="$USER_EMAIL" # Set Postiz username for Caddy if [[ -n "$OPENAI_API_KEY" ]]; then generated_values["OPENAI_API_KEY"]="$OPENAI_API_KEY" @@ -399,7 +397,6 @@ found_vars["WEAVIATE_USERNAME"]=0 found_vars["NEO4J_AUTH_USERNAME"]=0 found_vars["COMFYUI_USERNAME"]=0 found_vars["RAGAPP_USERNAME"]=0 -found_vars["POSTIZ_USERNAME"]=0 # Read template, substitute domain, generate initial values while IFS= read -r line || [[ -n "$line" ]]; do @@ -446,7 +443,7 @@ while IFS= read -r line || [[ -n "$line" ]]; do # This 'else' block is for lines from template not covered by existing values or VARS_TO_GENERATE. # Check if it is one of the user input vars - these are handled by found_vars later if not in template. is_user_input_var=0 # Reset for each line - user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME" "POSTIZ_USERNAME") + user_input_vars=("FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "OPENAI_API_KEY" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME") for uivar in "${user_input_vars[@]}"; do if [[ "$varName" == "$uivar" ]]; then is_user_input_var=1 @@ -664,18 +661,6 @@ fi _update_or_add_env_var "RAGAPP_PASSWORD_HASH" "$FINAL_RAGAPP_HASH" -# --- POSTIZ --- -POSTIZ_PLAIN_PASS="${generated_values["POSTIZ_PASSWORD"]}" -FINAL_POSTIZ_HASH="${generated_values[POSTIZ_PASSWORD_HASH]}" -if [[ -z "$FINAL_POSTIZ_HASH" && -n "$POSTIZ_PLAIN_PASS" ]]; then - NEW_HASH=$(_generate_and_get_hash "$POSTIZ_PLAIN_PASS") - if [[ -n "$NEW_HASH" ]]; then - FINAL_POSTIZ_HASH="$NEW_HASH" - generated_values["POSTIZ_PASSWORD_HASH"]="$NEW_HASH" - fi -fi -_update_or_add_env_var "POSTIZ_PASSWORD_HASH" "$FINAL_POSTIZ_HASH" - if [ $? -eq 0 ]; then # This $? reflects the status of the last mv command from the last _update_or_add_env_var call. # For now, assuming if we reached here and mv was fine, primary operations were okay. echo ".env file generated successfully in the project root ($OUTPUT_FILE)." diff --git a/scripts/06_final_report.sh b/scripts/06_final_report.sh index 74741cf..f69da17 100755 --- a/scripts/06_final_report.sh +++ b/scripts/06_final_report.sh @@ -140,9 +140,7 @@ if is_profile_active "postiz"; then echo "================================= Postiz ==============================" echo echo "Host: ${POSTIZ_HOSTNAME:-}" - echo "Internal Access (from other containers): http://postiz:5000" - echo "User: ${POSTIZ_USERNAME:-}" - echo "Password: ${POSTIZ_PASSWORD:-}" + echo "Internal Access (e.g., from n8n): http://postiz:5000" fi if is_profile_active "ragapp"; then From 0e8a446a6128edcafbdc2012c23f57166468cca0 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 19 Aug 2025 16:13:20 -0600 Subject: [PATCH 18/19] Remove POSTIZ_USERNAME from secret generation script to streamline configuration following the removal of Postiz service authentication variables. --- scripts/03_generate_secrets.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/03_generate_secrets.sh b/scripts/03_generate_secrets.sh index 3e083d2..296242c 100755 --- a/scripts/03_generate_secrets.sh +++ b/scripts/03_generate_secrets.sh @@ -525,7 +525,7 @@ if [[ -z "${generated_values[SERVICE_ROLE_KEY]}" ]]; then fi # Add any custom variables that weren't found in the template -for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME" "POSTIZ_USERNAME"; do +for var in "FLOWISE_USERNAME" "DASHBOARD_USERNAME" "LETSENCRYPT_EMAIL" "RUN_N8N_IMPORT" "OPENAI_API_KEY" "PROMETHEUS_USERNAME" "SEARXNG_USERNAME" "LANGFUSE_INIT_USER_EMAIL" "N8N_WORKER_COUNT" "WEAVIATE_USERNAME" "NEO4J_AUTH_USERNAME" "COMFYUI_USERNAME" "RAGAPP_USERNAME"; do if [[ ${found_vars["$var"]} -eq 0 && -v generated_values["$var"] ]]; then # Before appending, check if it's already in TMP_ENV_FILE to avoid duplicates if ! grep -q -E "^${var}=" "$TMP_ENV_FILE"; then From 184f8a79015c47d6602bd26e23351a023b3395c4 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Wed, 20 Aug 2025 12:11:20 -0600 Subject: [PATCH 19/19] Remove N8N_BINARY_DATA_TTL environment variable from docker-compose.yml to simplify configuration and enhance clarity. --- docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 93f57b9..df31e73 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -35,7 +35,6 @@ x-n8n: &service-n8n LANGCHAIN_ENDPOINT: ${LANGCHAIN_ENDPOINT} LANGCHAIN_TRACING_V2: ${LANGCHAIN_TRACING_V2} N8N_BINARY_DATA_MODE: filesystem - N8N_BINARY_DATA_TTL: 600 N8N_PAYLOAD_SIZE_MAX: 256 N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE: true N8N_DIAGNOSTICS_ENABLED: false