@lobehub/chat 1.14.7 → 1.14.9

package/CHANGELOG.md

@@ -2,6 +2,48 @@
 
 # Changelog
 
+### [Version 1.14.9](https://github.com/lobehub/lobe-chat/compare/v1.14.8...v1.14.9)
+
+<sup>Released on **2024-08-29**</sup>
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
+### [Version 1.14.8](https://github.com/lobehub/lobe-chat/compare/v1.14.7...v1.14.8)
+
+<sup>Released on **2024-08-29**</sup>
+
+#### 🐛 Bug Fixes
+
+- **misc**: Fix whisper-1 typo.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### What's fixed
+
+- **misc**: Fix whisper-1 typo, closes [#3665](https://github.com/lobehub/lobe-chat/issues/3665) ([084c971](https://github.com/lobehub/lobe-chat/commit/084c971))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ### [Version 1.14.7](https://github.com/lobehub/lobe-chat/compare/v1.14.6...v1.14.7)
 
 <sup>Released on **2024-08-28**</sup>

package/docker-compose/local/.env.example

@@ -1,35 +1,33 @@
-# LobeChat domain
-APP_URL=https://localhost:3210
+# Logto secret
+LOGTO_CLIENT_ID=
+LOGTO_CLIENT_SECRET=
 
-# Postgres related, which are the necessary environment variables for DB
-# Key used to encrypt sensitive information; can be generated using openssl rand -base64 32
-KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
-# Postgres database connection string
-# Format: postgres://username:password@host:port/dbname; if your pg instance is a Docker container, use the container name
-DATABASE_URL=postgresql://postgres:uWNZugjBqixf8dxC@postgresql:5432/postgres
-
-# NEXT_AUTH related; can use auth0, Azure AD, GitHub, Authentik, Zitadel, Logto, etc. If you have other integration requests, feel free to submit a PR.
-# Here we take Logto as an example
-NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
-NEXT_AUTH_SSO_PROVIDERS=logto
-NEXTAUTH_URL=http://localhost:3210/api/auth
-LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
-LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
-LOGTO_ISSUER=http://localhost:3001/oidc
-# Note: If you have ACCESS_CODE, be sure to clear it. We use NEXT_AUTH as the only authentication source.
-# Proxy, if you need it (e.g., if you use GitHub as an authentication service provider)
+# MinIO S3 configuration
+MINIO_ROOT_USER=YOUR_MINIO_USER
+MINIO_ROOT_PASSWORD=YOUR_MINIO_PASSWORD
+
+# 在下方配置 minio 中添加的桶
+MINIO_LOBE_BUCKET=lobe
+S3_ACCESS_KEY_ID=
+S3_SECRET_ACCESS_KEY=
+
+# Proxy, if you need it
 # HTTP_PROXY=http://localhost:7890
 # HTTPS_PROXY=http://localhost:7890
 
-# MinIO S3 configuration
-S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID         # Invalid until manually created in MinIO UI
-S3_SECRET_ACCESS_KEY=YOUR_S3_SECRET_ACCESS_KEY # Invalid until manually created in MinIO UI
-S3_ENDPOINT=http://localhost:9000
-S3_BUCKET=lobe # Invalid until manually created in MinIO UI
-S3_ENDPOINT=http://localhost:9000
-S3_ENABLE_PATH_STYLE=1
 
 # Other environment variables, as needed. You can refer to the environment variables configuration for the client version, making sure not to have ACCESS_CODE.
 # OPEANAI_API_KEY=sk-xxxx
 # OPENAI_PROXY_URL=https://api.openai.com/v1
 # OPENAI_MODEL_LIST=...
+
+
+# ----- Other config -----
+# if no special requirements, no need to change
+LOBE_PORT=3210
+LOGTO_PORT=3001
+MINIO_PORT=9000
+
+# Postgres related, which are the necessary environment variables for DB
+LOBE_DB_NAME=lobechat
+POSTGRES_PASSWORD=uWNZugjBqixf8dxC

package/docker-compose/local/.env.zh-CN.example

@@ -1,35 +1,33 @@
-# LobeChat 域名
-APP_URL=https://localhost:3210
+# Logto secret
+LOGTO_CLIENT_ID=
+LOGTO_CLIENT_SECRET=
+
+# MinIO S3 配置
+MINIO_ROOT_USER=YOUR_MINIO_USER
+MINIO_ROOT_PASSWORD=YOUR_MINIO_PASSWORD
+
+# 在下方配置 minio 中添加的桶
+MINIO_LOBE_BUCKET=lobe
+S3_ACCESS_KEY_ID=
+S3_SECRET_ACCESS_KEY=
+
 
-# Postgres 相关，也即 DB 必须的环境变量
-# 用于加密敏感信息的密钥，可以使用 openssl rand -base64 32 生成
-KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
-# Postgres 数据库连接字符串
-# 格式：postgres://username:password@host:port/dbname，如果你的 pg 实例与 LobeChat 服务在同一 Docker 网络中，可以使用容器名作为 host
-DATABASE_URL=postgresql://postgres:uWNZugjBqixf8dxC@localhost:5432/postgres
-
-# NEXT_AUTH 相关，可以使用 auth0、Azure AD、GitHub、Authentik、Zitadel、Logto 等，如有其他接入诉求欢迎提 PR
-# 这里以 Logto 为例
-NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg
-NEXT_AUTH_SSO_PROVIDERS=logto
-NEXTAUTH_URL=http://localhost:3210/api/auth
-LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
-LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
-LOGTO_ISSUER=http://localhost:3001/oidc
-# 注：如果你有 ACCESS_CODE，请务必清空，我们以 NEXT_AUTH 作为唯一鉴权来源
 # Proxy，如果你需要的话（比如你使用 GitHub 作为鉴权服务提供商）
 # HTTP_PROXY=http://localhost:7890
 # HTTPS_PROXY=http://localhost:7890
 
-# MinIO S3 配置
-S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID # 直到在 MinIO UI 中手动创建之前都是无效的
-S3_SECRET_ACCESS_KEY=YOUR_S3_SECRET_ACCESS_KEY # 直到在 MinIO UI 中手动创建之前都是无效的
-S3_ENDPOINT=http://localhost:9000
-S3_BUCKET=lobe # 直到在 MinIO UI 中手动创建之前都是无效的
-S3_PUBLIC_DOMAIN=http://localhost:9000
-S3_ENABLE_PATH_STYLE=1
-
 # 其他环境变量，视需求而定，可以参照客户端版本的环境变量配置，注意不要有 ACCESS_CODE
 # OPEANAI_API_KEY=sk-xxxx
 # OPENAI_PROXY_URL=https://api.openai.com/v1
 # OPENAI_MODEL_LIST=...
+
+
+# ----- 相关配置 start -----
+# 如没有特殊需要不用更改
+LOBE_PORT=3210
+LOGTO_PORT=3001
+MINIO_PORT=9000
+
+# Postgres 相关，也即 DB 必须的环境变量
+LOBE_DB_NAME=lobechat
+POSTGRES_PASSWORD=uWNZugjBqixf8dxC

package/docker-compose/local/docker-compose.yml

@@ -1,58 +1,92 @@
 services:
+  network-service:
+    image: alpine
+    container_name: lobe-network
+    ports:
+      - '${MINIO_PORT}:${MINIO_PORT}'  # MinIO API
+      - '9001:9001'  # MinIO Console
+      - '${LOGTO_PORT}:${LOGTO_PORT}' # Logto
+      - '3002:3002'  # Logto Admin
+      - '${LOBE_PORT}:3210' # LobeChat
+    command: tail -f /dev/null
+    networks:
+      - lobe-network
+
   postgresql:
     image: pgvector/pgvector:pg16
     container_name: lobe-postgres
-    network_mode: 'host'
+    ports:
+      - "5432:5432"
     volumes:
       - './data:/var/lib/postgresql/data'
     environment:
-      - 'POSTGRES_DB=lobe'
-      - 'POSTGRES_PASSWORD=uWNZugjBqixf8dxC'
+      - 'POSTGRES_DB=${LOBE_DB_NAME}'
+      - 'POSTGRES_PASSWORD=${POSTGRES_PASSWORD}'
     healthcheck:
       test: ['CMD-SHELL', 'pg_isready -U postgres']
       interval: 5s
       timeout: 5s
       retries: 5
     restart: always
+    networks:
+      - lobe-network
 
   minio:
     image: minio/minio
     container_name: lobe-minio
-    network_mode: 'host'
+    network_mode: 'service:network-service'
     volumes:
       - './s3_data:/etc/minio/data'
     environment:
-      - 'MINIO_ROOT_USER=YOUR_MINIO_USER'
-      - 'MINIO_ROOT_PASSWORD=YOUR_MINIO_PASSWORD'
-      - 'MINIO_DOMAIN=localhost:9000'
-      - 'MINIO_API_CORS_ALLOW_ORIGIN=http://localhost:3210'
+      - 'MINIO_ROOT_USER=${MINIO_ROOT_USER}'
+      - 'MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD}'
+      - 'MINIO_API_CORS_ALLOW_ORIGIN=http://localhost:${LOBE_PORT}'
     restart: always
     command: >
-      server /etc/minio/data --address ":9000" --console-address ":9001"
-
+      server /etc/minio/data --address ":${MINIO_PORT}" --console-address ":9001"
 
   logto:
     image: svhd/logto
     container_name: lobe-logto
-    network_mode: 'host'
+    network_mode: 'service:network-service'
     depends_on:
       postgresql:
         condition: service_healthy
     environment:
       - 'TRUST_PROXY_HEADER=1'
-      - 'DB_URL=postgresql://postgres:uWNZugjBqixf8dxC@localhost:5432/logto'
-      - 'ENDPOINT=http://localhost:3001'
+      - 'PORT=${LOGTO_PORT}'
+      - 'DB_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/logto'
+      - 'ENDPOINT=http://localhost:${LOGTO_PORT}'
       - 'ADMIN_ENDPOINT=http://localhost:3002'
     entrypoint: ['sh', '-c', 'npm run cli db seed -- --swe && npm start']
 
+
   lobe:
     image: lobehub/lobe-chat-database
     container_name: lobe-database
-    network_mode: 'host'
+    network_mode: 'service:network-service'
     depends_on:
-      - postgresql
-      - minio
-      - logto
+      postgresql:
+        condition: service_healthy
+      network-service:
+        condition: service_started
+      minio:
+        condition: service_started
+      logto:
+        condition: service_started
+
+    environment:
+      - 'APP_URL=http://localhost:3210'
+      - 'NEXT_AUTH_SSO_PROVIDERS=logto'
+      - 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
+      - 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
+      - 'NEXTAUTH_URL=http://localhost:${LOBE_PORT}/api/auth'
+      - 'LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
+      - 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
+      - 'S3_ENDPOINT=http://localhost:${MINIO_PORT}'
+      - 'S3_BUCKET=${MINIO_LOBE_BUCKET}'
+      - 'S3_PUBLIC_DOMAIN=http://localhost:${MINIO_PORT}'
+      - 'S3_ENABLE_PATH_STYLE=1'
     env_file:
       - .env
     restart: always
@@ -62,3 +96,7 @@ volumes:
     driver: local
   s3_data:
     driver: local
+
+networks:
+  lobe-network:
+    driver: bridge

package/docs/self-hosting/environment-variables/auth.mdx

@@ -137,22 +137,45 @@ LobeChat provides a complete authentication service capability when deployed. Th
 #### `CLOUDFLARE_ZERO_TRUST_CLIENT_ID`
 
 - Type: Required
-- Description: Client ID of the Cloudflare Zero Trust provider application. You can access it [here][auth0-client-page] and navigate to the application settings to view.
+- Description: Client ID of the Cloudflare Zero Trust provider application.
 - Default: `-`
-- Example: `lobe-chat`
+- Example: `711963a58df8c943cfd6c487cac99ce9f6ee0c88c0b7bf94584b8ff052fcb09c`
 
 #### `CLOUDFLARE_ZERO_TRUST_CLIENT_SECRET`
 
 - Type: Required
 - Description: The plaintext of the Client Secret for the Cloudflare Zero Trust provider
 - Default: `-`
-- Example: `insecure_secret`
+- Example: `8f26d4ef834a828045b401e032ae128dbb00471bca53f0d25332323f525dfa30`
 
 #### `CLOUDFLARE_ZERO_TRUST_ISSUER`
 
 - Type: Required
 - Description: Issuer of the Cloudflare Zero Trust provider application.
 - Default: `-`
+- Example: `https://example.cloudflareaccess.com/cdn-cgi/access/sso/oidc/711963a58df8c943cfd6c487cac99ce9f6ee0c88c0b7bf94584b8ff052fcb09c`
+
+### Generic OIDC
+
+#### `GENERIC_OIDC_CLIENT_ID`
+
+- Type: Required
+- Description: Client ID of the Generic OIDC provider application.
+- Default: `-`
+- Example: `_client_id_for_lobe_chat_`
+
+#### `GENERIC_OIDC_CLIENT_SECRET`
+
+- Type: Required
+- Description: The plaintext of the Client Secret for the Generic OIDC provider
+- Default: `-`
+- Example: `_client_secret_for_lobe_chat_`
+
+#### `GENERIC_OIDC_ISSUER`
+
+- Type: Required
+- Description: Issuer of the Generic OIDC provider application.
+- Default: `-`
 - Example: `https://sso.example.com`
 
 ### Github

package/docs/self-hosting/environment-variables/auth.zh-CN.mdx

@@ -137,20 +137,43 @@ LobeChat 在部署时提供了完善的身份验证服务能力，以下是相
 - 类型：必选
 - 描述: Cloudflare Zero Trust 提供程序的 Client ID
 - 默认值: `-`
-- 示例: `lobe-chat`
+- 示例: `711963a58df8c943cfd6c487cac99ce9f6ee0c88c0b7bf94584b8ff052fcb09c`
 
 #### `CLOUDFLARE_ZERO_TRUST_CLIENT_SECRET`
 
 - 类型：必选
 - 描述: Cloudflare Zero Trust 提供程序的 Client Secret 的明文
 - 默认值: `-`
-- 示例: `insecure_secret`
+- 示例: `8f26d4ef834a828045b401e032ae128dbb00471bca53f0d25332323f525dfa30`
 
 #### `CLOUDFLARE_ZERO_TRUST_ISSUER`
 
 - 类型：必选
 - 描述: Cloudflare Zero Trust 提供程序的 OpenID Connect 颁发者
 - 默认值: `-`
+- 示例: `https://example.cloudflareaccess.com/cdn-cgi/access/sso/oidc/711963a58df8c943cfd6c487cac99ce9f6ee0c88c0b7bf94584b8ff052fcb09c`
+
+### Generic OIDC
+
+#### `GENERIC_OIDC_CLIENT_ID`
+
+- 类型：必选
+- 描述: Generic OIDC 提供程序的 Client ID
+- 默认值: `-`
+- 示例: `_client_id_for_lobe_chat_`
+
+#### `GENERIC_OIDC_CLIENT_SECRET`
+
+- 类型：必选
+- 描述: Generic OIDC 提供程序的 Client Secret 的明文
+- 默认值: `-`
+- 示例: `_client_secret_for_lobe_chat_`
+
+#### `GENERIC_OIDC_ISSUER`
+
+- 类型：必选
+- 描述: Generic OIDC 提供程序的 OpenID Connect 颁发者
+- 默认值: `-`
 - 示例: `https://sso.example.com`
 
 ### Github

package/docs/self-hosting/server-database/docker-compose.mdx

@@ -36,32 +36,42 @@ If you do need Clerk as an authentication service, you might consider deploying
 
 </Callout>
 
+Generally speaking, to fully run the LobeChat database version, you need at least the following four services:
+
+- LobeChat database version itself
+- PostgreSQL database with PGVector plugin
+- Object storage service supporting S3 protocol
+- SSO authentication service supported by LobeChat
+
+These services can be combined through self-hosting or online cloud services to meet your needs.
+
+We provide a fully self-built Docker Compose configuration, which you can use directly to start the LobeChat database version or modify to suit your needs.
+
+We default to using [MinIO](https://github.com/minio/minio) as the local S3 object storage service and [Logto](https://github.com/logto-io/logto) as the local authentication service.
+
 ## Quick Start
 
-The following assumes that you choose to build all four required services for LobeChat, namely:
+To facilitate quick start, this chapter uses the docker-compose configuration file in the `docker-compose/local` directory. The LobeChat application runs at `http://localhost:3210` after startup and can be run locally.
 
-- LobeChat database version itself
-- PostgreSQL: with PGVector plugin
-- Logto: SSO authentication service
-- MinIO: local object storage service supporting S3 protocol
+<Callout type="warning">
+  To facilitate quick start, this docker-compose.yml omits a large number of Secret/Password configurations and is only suitable for quick demonstration or personal local use. Do not use it directly in a production environment! Otherwise, you will be responsible for any security issues!
+</Callout>
 
 <Steps>
   ### Create Configuration Files
 
+Create a new `lobe-chat-db` directory to store your configuration files and subsequent database files.
+
 ```sh
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/docker-compose.yml
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/.env.example > .env
+mkdir lobe-chat-db
 ```
 
-You can also copy these two example configuration files from the appendix below.
-
-Please modify your `.env` and `docker-compose.yml` files according to the comments.
-
-<Callout type="warning">
-
-Due to network reasons, when starting locally, we intentionally let all services use `network_mode: host` simultaneously. This can solve some network issues, but it may cause port conflicts, please resolve them yourself.
+Pull the configuration files into your directory:
 
-</Callout>
+```sh
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/docker-compose.yml > docker-compose.yml
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/.env.example > .env
+```
 
 ### Start Services
 
@@ -77,17 +87,14 @@ docker compose up -d
 
    - `Redirect URI` should be `http://localhost:3210/api/auth/callback/logto`
    - `Post sign-out redirect URI` should be `http://localhost:3210/`
-   - `CORS allowed origins` should be `http://localhost:3210`
 
 3. Obtain the `Client ID` and `Client Secret`, and fill them into your `.env` file corresponding to `LOGTO_CLIENT_ID` and `LOGTO_CLIENT_SECRET`.
 
-4. Set `LOGTO_ISSUER` in your `.env` file to `http://localhost:3001/oidc`.
-
 ### Configure MinIO S3
 
-1. Open `http://localhost:9001` to access the MinIO WebUI. The default admin account password is configured in `docker-compose.yml`.
+1. Open `http://localhost:9001` to access the MinIO WebUI. The default admin account password is configured in `.env`.
 
-2. Create a bucket that matches the `S3_BUCKET` field in your `.env` file, which defaults to `lobe`.
+2. Create a bucket that matches the `MINIO_LOBE_BUCKET` field in your `.env` file, which defaults to `lobe`.
 
 3. Choose a custom policy, copy the following content, and paste it in (if you modified the bucket name, please find and replace accordingly):
 
@@ -140,15 +147,6 @@ docker compose up -d
     At this point, do not use `docker compose restart lobe` to restart, as this method will not reload the environment variables, and your S3 configuration will not take effect.
  
 </Callout>
-</Steps>
-
-You have successfully deployed the LobeChat database version, and you can access your LobeChat service at `http://localhost:3210`.
-
-If you encounter issues, please check the Docker logs and console logs, and follow the detailed troubleshooting guide later in the document.
-
-```sh
-docker logs -f lobe-database
-```
 
 If you see the following logs in the container, it indicates that it has started successfully:
 
@@ -164,22 +162,15 @@ If you see the following logs in the container, it indicates that it has started
  ✓ Ready in 95ms
 ```
 
-## Deploying to Production
-
-Generally speaking, to fully run the LobeChat database version, you need at least the following four services:
-
-- LobeChat database version itself
-- PostgreSQL database with PGVector plugin
-- Object storage service supporting S3 protocol
-- SSO authentication service supported by LobeChat
+</Steps>
 
-These services can be combined through self-hosting or online cloud services to meet your needs.
+You have successfully deployed the LobeChat database version, and you can access your LobeChat service at `http://localhost:3210`.
 
-We provide a fully self-built Docker Compose configuration, which you can use directly to start the LobeChat database version or modify to suit your needs.
+If you encounter issues, please check the Docker logs and console logs, and follow the detailed troubleshooting guide later in the document.
 
-We default to using [MinIO](https://github.com/minio/minio) as the local S3 object storage service and [Logto](https://github.com/logto-io/logto) as the local authentication service.
+## Deploying to Production
 
-We also assume that you are running an Nginx layer for reverse proxy and SSL configuration outside of these services.
+The main difference between production and local operation is the need to use domain addresses instead of localhost. We assume that in addition to the above services, you are also running an Nginx layer for reverse proxy and SSL configuration.
 
 The domain names and corresponding service port descriptions are as follows:
 
@@ -203,7 +194,7 @@ If you need to configure SSL certificates, please configure them uniformly in th
 ### Configuration Files
 
 ```sh
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/docker-compose.yml
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/docker-compose.yml > docker-compose.yml
 curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/.env.example > .env
 ```
 
@@ -215,13 +206,6 @@ Refer to the example configurations in the appendix of this article.
 
 ### PostgreSQL Database Configuration
 
-<Callout type="warning">
-  Please note that on the first run of `docker compose up -d`, it may fail with a `Database migrate
-  failed` error and exit because the Postgres database has not yet been initialized while LobeChat
-  has already attempted to connect. In this case, you need to enter `docker compose restart lobe` to
-  restart LobeChat so that it connects to the correct database.
-</Callout>
-
 You can check the logs using the following command:
 
 ```sh
@@ -391,14 +375,13 @@ S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID         # Invalid until manually created
 S3_SECRET_ACCESS_KEY=YOUR_S3_SECRET_ACCESS_KEY # Invalid until manually created in MinIO UI
 S3_ENDPOINT=http://localhost:9000
 S3_BUCKET=lobe # Invalid until manually created in MinIO UI
-S3_ENDPOINT=http://localhost:9000
+S3_PUBLIC_DOMAIN=http://localhost:9000
 S3_ENABLE_PATH_STYLE=1
 
 # Other environment variables, as needed. You can refer to the environment variables configuration for the client version, making sure not to have ACCESS_CODE.
 # OPEANAI_API_KEY=sk-xxxx
 # OPENAI_PROXY_URL=https://api.openai.com/v1
 # OPENAI_MODEL_LIST=...
-
 ```
 
 #### `docker-compose.yml`
@@ -467,7 +450,6 @@ volumes:
     driver: local
   s3_data:
     driver: local
-
 ```
 
 ### Deploying to Production
@@ -584,7 +566,6 @@ volumes:
     driver: local
   s3_data:
     driver: local
-
 ```
 
 #### `minio-bucket-config.json`

package/docs/self-hosting/server-database/docker-compose.zh-CN.mdx

@@ -33,30 +33,43 @@ tags:
 
 </Callout>
 
+一般来讲，想要完整的运行 LobeChat 数据库版本，你需要至少拥有如下四个服务
+
+- LobeChat 数据库版本自身
+- 带有 PGVector 插件的 PostgreSQL 数据库
+- 支持 S3 协议的对象存储服务
+- 受 LobeChat 支持的 SSO 登录鉴权服务
+
+这些服务可以通过自建或者在线云服务组合搭配，以满足不同层次的部署需求。
+
+本文中，我们提供了完全基于开源自建服务的 Docker Compose 配置，你可以直接使用这份配置文件来启动 LobeChat 数据库版本，也可以对之进行修改以适应你的需求。
+
+我们默认使用 [MinIO](https://github.com/minio/minio) 作为本地 S3 对象存储服务，使用 [Logto](https://github.com/logto-io/logto) 作为本地鉴权服务。
+
 ## 快速启动
 
-以下假设你选择自建 LobeChat 全部四个所需服务，即：
+为方便快速上手，这一章使用 `docker-compose/local` 目录中的 docker-compose 配置文件，启动后的 LobeChat 应用运行在 `http://localhost:3210`，可在本地运行。
 
-- LobeChat 数据库版本自身
-- PostgreSQL：带有 PGVector 插件
-- Logto：SSO 登录鉴权服务
-- MinIO：支持 S3 协议的本地对象存储服务
+<Callout type="warning">
+  为了快速上手，此 docker-compose.yml内置掉了大量的 Secret/Password
+  的配置，仅适用于快速演示或个人本地使用。请勿直接用于线上生产环境！否则遇到安全问题请自行负责！
+</Callout>
 
 <Steps>
   ### 创建配置文件
 
+新建一个 `lobe-chat-db` 目录，用于存放你的配置文件和后续的数据库文件。
+
 ```sh
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/docker-compose.yml
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/.env.zh-CN.example > .env
+mkdir lobe-chat-db
 ```
 
-你也可以从下文的附录中复制得到这两份示例配置文件。
+拉取配置文件到你的目录中：
 
-请按照注释，修改你的 `.env` 和 `docker-compose.yml` 文件。
-
-<Callout type="warning">
-  出于网络原因，本地启动时，我们特意让所有服务都同时使用了 `network_mode: host`。这可以解决一些网络问题，但是有可能会导致端口冲突，请自行解决。
-</Callout>
+```sh
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/docker-compose.yml > docker-compose.yml
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/local/.env.zh-CN.example > .env
+```
 
 ### 启动服务
 
@@ -72,19 +85,16 @@ docker compose up -d
 
    - `Redirect URI` 为 `http://localhost:3210/api/auth/callback/logto`
    - `Post sign-out redirect URI` 为 `http://localhost:3210/`
-   - `CORS allowed origins` 为 `http://localhost:3210`
-
-3. 获取 `Client ID` 和 `Client Secret`，填入你的 `.env` 文件中对应的 `LOGTO_CLIENT_ID` 、 `LOGTO_CLIENT_SECRETT`
 
-4. 配置你的 `.env` 文件中的 `LOGTO_ISSUER` 为 `http://localhost:3001/oidc`
+3. 获取 `Client ID` 和 `Client Secret`，填入 `.env` 文件中对应的 `LOGTO_CLIENT_ID` 、 `LOGTO_CLIENT_SECRETT`
 
 ### 配置 MinIO S3
 
-1. 打开 `http://localhost:9001`，访问 MinIO WebUI，默认管理员账号密码在 `docker-compose.yml` 中配置
+1. 打开 `http://localhost:9001`，访问 MinIO WebUI，默认管理员账号密码在 `.env` 中配置
 
-2. 创建符合你的 `.env` 文件中 `S3_BUCKET` 字段的桶，默认为 `lobe`
+2. 创建符合你的 `.env` 文件中 `MINIO_LOBE_BUCKET` 字段的桶，默认为 `lobe`
 
-3. 选择自定义策略，复制如下内容，粘贴之（如果你修改了桶名，请自行查找替换）
+3. 选择自定义策略，复制并粘贴如下内容（如果你修改了桶名，请自行查找替换）
 
    ```json
    {
@@ -131,20 +141,11 @@ docker compose up -d
 docker compose up -d
 ```
 
-  <Callout typr="warning">
-    此时，请勿使用 `docker compose restart lobe` 来重启，因为这种重启方式不会重新加载环境变量，你的
-    S3 配置将不会生效。
- 
-</Callout>
-</Steps>
+<Callout typr="warning">
+  此时，请勿使用 `docker compose restart lobe` 来重启，因为这种重启方式不会重新加载环境变量，你的
+  S3 配置将不会生效。
 
-至此，你已经成功部署了 LobeChat 数据库版本，你可以通过 `http://localhost:3210` 访问你的 LobeChat 服务。
-
-如果你遇到问题，请尝试查看 Docker 日志和控制台日志，并根据后文的详细指引进行排查。
-
-```sh
-docker logs -f lobe-database
-```
+</Callout>
 
 如果你在容器中看到了以下日志，则说明已经启动成功：
 
@@ -160,22 +161,16 @@ docker logs -f lobe-database
  ✓ Ready in 95ms
 ```
 
-## 发布到生产
-
-一般来讲，想要完整的运行 LobeChat 数据库版本，你需要至少拥有如下四个服务
+</Steps>
 
-- LobeChat 数据库版本自身
-- 带有 PGVector 插件的 PostgreSQL 数据库
-- 支持 S3 协议的对象存储服务
-- 受 LobeChat 支持的 SSO 登录鉴权服务
+至此，你已经成功部署了 LobeChat 数据库版本，你可以通过 `http://localhost:3210` 访问你的 LobeChat 服务。
 
-这些服务可以通过自建或者在线云服务组合搭配，以满足你的需求。
+如果你遇到问题，请尝试查看 Docker 日志和控制台日志，并根据后文的详细指引进行排查。
 
-我们提供了一份完全基于自建的 Docker Compose 配置，你可以直接使用这份配置文件来启动 LobeChat 数据库版本，也可以对之进行修改以适应你的需求。
 
-我们默认使用 [MinIO](https://github.com/minio/minio) 作为本地 S3 对象存储服务，使用 [Logto](https://github.com/logto-io/logto) 作为本地鉴权服务。
+## 发布到生产
 
-我们同时假设在这些服务之外，你还运行了一层 Nginx 来进行反向代理、配置 SSL。
+生产和本地运行存在一个很大的差别，就是在于需要使用域名地址而不是 localhost。我们假设在上述服务之外，你还运行了一层 Nginx 来进行反向代理、配置 SSL。
 
 域名和配套服务端口说明如下：
 
@@ -199,7 +194,7 @@ docker logs -f lobe-database
 ### 配置文件
 
 ```sh
-curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/docker-compose.yml
+curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/docker-compose.yml > docker-compose.yml
 curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compose/production/.env.zh-CN.example > .env
 ```
 
@@ -211,12 +206,6 @@ curl -fsSL https://raw.githubusercontent.com/lobehub/lobe-chat/HEAD/docker-compo
 
 ### Postgres 数据库配置
 
-<Callout type="warning">
-  请注意，首次运行 `docker compose up -d` 时，可能会因为 Postgres 数据库尚未初始化完毕，而 LobeChat
-  已经尝试连接而失败，出现 `Database migrate failed` 错误并退出。此时，你需要输入 `docker compose
-  restart lobe` 来重启 LobeChat，从而使其连接到正确的数据库。
-</Callout>
-
 你可以使用下述指令检查日志：
 
 ```sh
@@ -380,7 +369,7 @@ LOGTO_ISSUER=http://localhost:3001/oidc
 # HTTPS_PROXY=http://localhost:7890
 
 # MinIO S3 配置
-S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID # 直到在 MinIO UI 中手动创建之前都是无效的
+S3_ACCESS_KEY_ID=YOUR_S3_ACCESS_KEY_ID         # 直到在 MinIO UI 中手动创建之前都是无效的
 S3_SECRET_ACCESS_KEY=YOUR_S3_SECRET_ACCESS_KEY # 直到在 MinIO UI 中手动创建之前都是无效的
 S3_ENDPOINT=http://localhost:9000
 S3_BUCKET=lobe # 直到在 MinIO UI 中手动创建之前都是无效的
@@ -391,7 +380,6 @@ S3_ENABLE_PATH_STYLE=1
 # OPEANAI_API_KEY=sk-xxxx
 # OPENAI_PROXY_URL=https://api.openai.com/v1
 # OPENAI_MODEL_LIST=...
-
 ```
 
 #### `docker-compose.yml`
@@ -429,6 +417,7 @@ services:
     command: >
       server /etc/minio/data --address ":9000" --console-address ":9001"
 
+
   logto:
     image: svhd/logto
     container_name: lobe-logto
@@ -460,7 +449,6 @@ volumes:
     driver: local
   s3_data:
     driver: local
-
 ```
 
 ### 发布到生产
@@ -503,7 +491,6 @@ S3_ENABLE_PATH_STYLE=1
 # OPEANAI_API_KEY=sk-xxxx
 # OPENAI_PROXY_URL=https://api.openai.com/v1
 # OPENAI_MODEL_LIST=...
-
 ```
 
 #### `docker-compose.yml`
@@ -544,6 +531,7 @@ services:
     command: >
       server /etc/minio/data --address ":9000" --console-address ":9001"
 
+
   logto:
     image: svhd/logto
     container_name: lobe-logto
@@ -578,7 +566,6 @@ volumes:
     driver: local
   s3_data:
     driver: local
-
 ```
 
 #### `minio-bucket-config.json`

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.14.7",
+  "version": "1.14.9",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",

package/src/app/(main)/settings/tts/features/const.tsx

@@ -16,7 +16,7 @@ export const opeanaiTTSOptions: SelectProps['options'] = [
 
 export const opeanaiSTTOptions: SelectProps['options'] = [
   {
-    label: <LabelRenderer Icon={OpenAI.Avatar} label={'stt-1'} />,
+    label: <LabelRenderer Icon={OpenAI.Avatar} label={'whisper-1'} />,
     value: 'whisper-1',
   },
 ];

package/src/config/auth.ts

@@ -90,6 +90,11 @@ export const getAuthConfig = () => {
       CLOUDFLARE_ZERO_TRUST_CLIENT_ID: z.string().optional(),
       CLOUDFLARE_ZERO_TRUST_CLIENT_SECRET: z.string().optional(),
       CLOUDFLARE_ZERO_TRUST_ISSUER: z.string().optional(),
+
+      // Generic OIDC
+      GENERIC_OIDC_CLIENT_ID: z.string().optional(),
+      GENERIC_OIDC_CLIENT_SECRET: z.string().optional(),
+      GENERIC_OIDC_ISSUER: z.string().optional(),
       
       // ZITADEL
       ZITADEL_CLIENT_ID: z.string().optional(),
@@ -142,6 +147,11 @@ export const getAuthConfig = () => {
       CLOUDFLARE_ZERO_TRUST_CLIENT_ID: process.env.CLOUDFLARE_ZERO_TRUST_CLIENT_ID,
       CLOUDFLARE_ZERO_TRUST_CLIENT_SECRET: process.env.CLOUDFLARE_ZERO_TRUST_CLIENT_SECRET,
       CLOUDFLARE_ZERO_TRUST_ISSUER: process.env.CLOUDFLARE_ZERO_TRUST_ISSUER,
+
+      // Generic OIDC
+      GENERIC_OIDC_CLIENT_ID: process.env.GENERIC_OIDC_CLIENT_ID,
+      GENERIC_OIDC_CLIENT_SECRET: process.env.GENERIC_OIDC_CLIENT_SECRET,
+      GENERIC_OIDC_ISSUER: process.env.GENERIC_OIDC_ISSUER,
       
       // ZITADEL
       ZITADEL_CLIENT_ID: process.env.ZITADEL_CLIENT_ID,

package/src/libs/next-auth/sso-providers/generic-oidc.ts

@@ -0,0 +1,40 @@
+import type { OIDCConfig } from '@auth/core/providers';
+
+import { authEnv } from '@/config/auth';
+
+import { CommonProviderConfig } from './sso.config';
+
+export type GenericOIDCProfile = {
+  email: string;
+  id?: string;
+  name?: string;
+  picture?: string;
+  sub: string;
+  username?: string;
+};
+
+const provider = {
+  id: 'generic-oidc',
+  provider: {
+    ...CommonProviderConfig,
+    authorization: { params: { scope: 'email openid profile' } },
+    checks: ['state', 'pkce'],
+    clientId: authEnv.GENERIC_OIDC_CLIENT_ID,
+    clientSecret: authEnv.GENERIC_OIDC_CLIENT_SECRET,
+    id: 'generic-oidc',
+    issuer: authEnv.GENERIC_OIDC_ISSUER,
+    name: 'Generic OIDC',
+    profile(profile) {
+      return {
+        email: profile.email,
+        id: profile.sub,
+        image: profile.picture,
+        name: profile.name ?? profile.username ?? profile.email,
+        providerAccountId: profile.sub,
+      };
+    },
+    type: 'oidc',
+  } satisfies OIDCConfig<GenericOIDCProfile>,
+};
+
+export default provider;

package/src/libs/next-auth/sso-providers/index.ts

@@ -3,8 +3,9 @@ import Authelia from './authelia';
 import Authentik from './authentik';
 import AzureAD from './azure-ad';
 import CloudflareZeroTrust from './cloudflare-zero-trust';
+import GenericOIDC from './generic-oidc';
 import Github from './github';
 import Logto from './logto';
 import Zitadel from './zitadel';
 
-export const ssoProviders = [Auth0, Authentik, AzureAD, Github, Zitadel, Authelia, Logto, CloudflareZeroTrust];
+export const ssoProviders = [Auth0, Authentik, AzureAD, GenericOIDC, Github, Zitadel, Authelia, Logto, CloudflareZeroTrust];