Spaces:
Running
Running
| FROM ghcr.io/open-webui/open-webui:0.6.13 | |
| USER root | |
| # Install huggingface_hub for backup/restore | |
| RUN pip install --no-cache-dir huggingface_hub 2>/dev/null || true | |
| COPY startup.sh /app/startup.sh | |
| RUN chmod +x /app/startup.sh | |
| EXPOSE 8080 | |
| # ββ Core config ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ENV PORT=8080 | |
| ENV HOST=0.0.0.0 | |
| ENV DATA_DIR=/app/backend/data | |
| ENV WEBUI_NAME="Organat AI" | |
| ENV WEBUI_URL=https://ai.organat.vn | |
| ENV WEBUI_AUTH=true | |
| ENV ENABLE_API_KEY=true | |
| # ββ LLM Backend: TRIPRUT gateway βββββββββββββββββββββββββββββββββββββββββββββ | |
| # On HF Space: uses PROXY1/PROXY2 nodes (LOCAL not reachable from CF edge) | |
| ENV OPENAI_API_BASE_URL=https://triprut-edge.adminit-dbf.workers.dev/v1 | |
| ENV OPENAI_API_KEY=band-openwebui | |
| ENV OPENAI_API_BASE_URLS=https://triprut-edge.adminit-dbf.workers.dev/v1 | |
| # ββ RAG: hugfa96 (same HF datacenter β fast) βββββββββββββββββββββββββββββββββ | |
| ENV RAG_EMBEDDING_ENGINE=openai | |
| ENV RAG_OPENAI_API_BASE_URL=https://organatceo-hugfa96-rag.hf.space/v1 | |
| ENV RAG_OPENAI_API_KEY=rag-key | |
| # ββ Azure AD SSO ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| # OAUTH_CLIENT_ID, OAUTH_CLIENT_SECRET, OPENID_PROVIDER_URL β HF Space secrets | |
| ENV OAUTH_PROVIDER_NAME="Azure AD" | |
| ENV ENABLE_OAUTH_SIGNUP=true | |
| ENV OAUTH_SCOPES="openid email profile" | |
| ENV OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true | |
| ENV OAUTH_REDIRECT_URI=https://ai.organat.vn/oauth/oidc/callback | |
| # Force HTTPS β HF Space proxy strips SSL, app sees http internally | |
| ENV FORWARDED_ALLOW_IPS="*" | |
| ENV PROXY_HEADERS=true | |
| # ββ Security ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| # WEBUI_SECRET_KEY β HF Space secret (set separately) | |
| ENV ENABLE_SIGNUP=false | |
| CMD ["/app/startup.sh"] | |