Dify安装

下载源码

git clone https://github.com/langgenius/dify.git

修改配置

复制 .env.example 为 .env

# 修改数据库密码
DB_PASSWORD=difyai123456

# 修改Redis密码
REDIS_PASSWORD=difyai123456

# 链接信息也要对应修改
CELERY_BROKER_URL=redis://:difyai123456@redis:6379/1

启动服务

这里会启动一个默认的nginx需要80和443端口，如果系统已经有了，请参考下面的来修改配置

docker-compose up -d

使用nginx

停用dify的nginx

docker-compose down nginx

# The nginx reverse proxy.
  # used for reverse proxying the API service and Web service.
  # nginx:
  #   image: nginx:latest
  #   restart: always
  #   volumes:
  #     - ./nginx/nginx.conf.template:/etc/nginx/nginx.conf.template
  #     - ./nginx/proxy.conf.template:/etc/nginx/proxy.conf.template
  #     - ./nginx/https.conf.template:/etc/nginx/https.conf.template
  #     - ./nginx/conf.d:/etc/nginx/conf.d
  #     - ./nginx/docker-entrypoint.sh:/docker-entrypoint-mount.sh
  #     - ./nginx/ssl:/etc/ssl # cert dir (legacy)
  #     - ./volumes/certbot/conf/live:/etc/letsencrypt/live # cert dir (with certbot container)
  #     - ./volumes/certbot/conf:/etc/letsencrypt
  #     - ./volumes/certbot/www:/var/www/html
  #   entrypoint:
  #     [
  #       "sh",
  #       "-c",
  #       "cp /docker-entrypoint-mount.sh /docker-entrypoint.sh && sed -i 's/\r$$//' /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh && /docker-entrypoint.sh",
  #     ]
  #   environment:
  #     NGINX_SERVER_NAME: ${NGINX_SERVER_NAME:-_}
  #     NGINX_HTTPS_ENABLED: ${NGINX_HTTPS_ENABLED:-false}
  #     NGINX_SSL_PORT: ${NGINX_SSL_PORT:-443}
  #     NGINX_PORT: ${NGINX_PORT:-80}
  #     # You're required to add your own SSL certificates/keys to the `./nginx/ssl` directory
  #     # and modify the env vars below in .env if HTTPS_ENABLED is true.
  #     NGINX_SSL_CERT_FILENAME: ${NGINX_SSL_CERT_FILENAME:-dify.crt}
  #     NGINX_SSL_CERT_KEY_FILENAME: ${NGINX_SSL_CERT_KEY_FILENAME:-dify.key}
  #     NGINX_SSL_PROTOCOLS: ${NGINX_SSL_PROTOCOLS:-TLSv1.2 TLSv1.3}
  #     NGINX_WORKER_PROCESSES: ${NGINX_WORKER_PROCESSES:-auto}
  #     NGINX_CLIENT_MAX_BODY_SIZE: ${NGINX_CLIENT_MAX_BODY_SIZE:-100M}
  #     NGINX_KEEPALIVE_TIMEOUT: ${NGINX_KEEPALIVE_TIMEOUT:-65}
  #     NGINX_PROXY_READ_TIMEOUT: ${NGINX_PROXY_READ_TIMEOUT:-3600s}
  #     NGINX_PROXY_SEND_TIMEOUT: ${NGINX_PROXY_SEND_TIMEOUT:-3600s}
  #     NGINX_ENABLE_CERTBOT_CHALLENGE: ${NGINX_ENABLE_CERTBOT_CHALLENGE:-false}
  #     CERTBOT_DOMAIN: ${CERTBOT_DOMAIN:-}
  #   depends_on:
  #     - api
  #     - web
  #   ports:
  #     - "${EXPOSE_NGINX_PORT:-80}:${NGINX_PORT:-80}"
  #     - "${EXPOSE_NGINX_SSL_PORT:-443}:${NGINX_SSL_PORT:-443}"

修改相关服务端口

    # 数据库服务
    db_postgres:
      image: postgres:15-alpine
      profiles:
        - postgresql
      restart: always
      # 增加端口号
      ports:
        - 40001:5432
    
    # web服务
    web:
      image: langgenius/dify-web:1.11.4
      restart: always
      # 增加端口号
      ports:
        - 127.0.0.1:3000:3000
    
    # api服务
    api:
      image: langgenius/dify-api:1.11.4
      restart: always
      # 增加端口号
      ports:
        - 127.0.0.1:5001:5001

配置系统的nginx

nginx

# git仓库
server {
    listen 80;
    listen 443 ssl;
    server_name dify.gupaoedu.cn;

    # http自动跳转到https
    # if ($scheme = http) {
    #     return 302 https://$host$request_uri;
    # }

    access_log /var/log/nginx/dify.gupaoedu.cn.https.log;

    client_max_body_size 100m;

    ssl_certificate certs/dify.gupaoedu.cn.pem;
    ssl_certificate_key certs/dify.gupaoedu.cn.key;

    ssl_session_timeout 5m;
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    add_header Strict-Transport-Security "max-age=31536000";
    
    location /console/api {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }

    location /api {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }

    location /v1 {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }

    location /files {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }

    location /explore {
      proxy_pass http://127.0.0.1:3000;
      include proxy.conf;
    }

    location /e/ {
      proxy_pass http://127.0.0.1:5002;
      proxy_set_header Dify-Hook-Url $scheme://$host$request_uri;
      include proxy.conf;
    }

    location / {
      proxy_pass http://127.0.0.1:3000;
      include proxy.conf;
    }

    location /mcp {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }

    location /triggers {
      proxy_pass http://127.0.0.1:5001;
      include proxy.conf;
    }
}

proxy.conf

# Please do not directly edit this file. Instead, modify the .env variables related to NGINX configuration.

proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;