npm - @lobehub/chat - Versions diffs - 1.20.4 → 1.20.6 - Mend

@lobehub/chat 1.20.4 → 1.20.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md +34 -0
package/Dockerfile +37 -49
package/Dockerfile.database +37 -53
package/README.md +8 -8
package/README.zh-CN.md +8 -8
package/docs/self-hosting/server-database/docker-compose.mdx +9 -9
package/docs/self-hosting/server-database/docker-compose.zh-CN.mdx +9 -9
package/docs/self-hosting/server-database/docker.zh-CN.mdx +6 -3
package/package.json +1 -1
package/scripts/serverLauncher/startServer.js +197 -0

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,40 @@
 # Changelog
+### [Version 1.20.6](https://github.com/lobehub/lobe-chat/compare/v1.20.5...v1.20.6)
+<sup>Released on **2024-09-29**</sup>
+<br/>
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+</details>
+<div align="right">
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+</div>
+### [Version 1.20.5](https://github.com/lobehub/lobe-chat/compare/v1.20.4...v1.20.5)
+<sup>Released on **2024-09-29**</sup>
+<br/>
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+</details>
+<div align="right">
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+</div>
 ### [Version 1.20.4](https://github.com/lobehub/lobe-chat/compare/v1.20.3...v1.20.4)
 <sup>Released on **2024-09-28**</sup>

package/Dockerfile CHANGED Viewed

@@ -1,4 +1,4 @@
-## Base image for all the stages
+## Base image for all building stages
 FROM node:20-slim AS base
 ARG USE_CN_MIRROR
@@ -10,19 +10,22 @@ RUN \
     if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
         sed -i "s/deb.debian.org/mirrors.ustc.edu.cn/g" "/etc/apt/sources.list.d/debian.sources"; \
     fi \
-    # Add required package & update base package
+    # Add required package
     && apt update \
-    && apt install busybox proxychains-ng -qy \
-    && apt full-upgrade -qy \
-    && apt autoremove -qy --purge \
-    && apt clean -qy \
-    # Configure BusyBox
-    && busybox --install -s \
-    # Add nextjs:nodejs to run the app
-    && addgroup --system --gid 1001 nodejs \
-    && adduser --system --home "/app" --gid 1001 -uid 1001 nextjs \
-    # Set permission for nextjs:nodejs
-    && chown -R nextjs:nodejs "/etc/proxychains4.conf" \
+    && apt install ca-certificates proxychains-ng -qy \
+    # Prepare required package to distroless
+    && mkdir -p /distroless/bin /distroless/etc /distroless/etc/ssl/certs /distroless/lib \
+    # Copy proxychains to distroless
+    && cp /usr/lib/$(arch)-linux-gnu/libproxychains.so.4 /distroless/lib/libproxychains.so.4 \
+    && cp /usr/lib/$(arch)-linux-gnu/libdl.so.2 /distroless/lib/libdl.so.2 \
+    && cp /usr/bin/proxychains4 /distroless/bin/proxychains \
+    && cp /etc/proxychains4.conf /distroless/etc/proxychains4.conf \
+    # Copy node to distroless
+    && cp /usr/lib/$(arch)-linux-gnu/libstdc++.so.6 /distroless/lib/libstdc++.so.6 \
+    && cp /usr/lib/$(arch)-linux-gnu/libgcc_s.so.1 /distroless/lib/libgcc_s.so.1 \
+    && cp /usr/local/bin/node /distroless/bin/node \
+    # Copy CA certificates to distroless
+    && cp /etc/ssl/certs/ca-certificates.crt /distroless/etc/ssl/certs/ca-certificates.crt \
     # Cleanup temp files
     && rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/*
@@ -61,6 +64,7 @@ RUN \
     if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
         export SENTRYCLI_CDNURL="https://npmmirror.com/mirrors/sentry-cli"; \
         npm config set registry "https://registry.npmmirror.com/"; \
+        echo 'canvas_binary_host_mirror=https://npmmirror.com/mirrors/canvas' >> .npmrc; \
     fi \
     # Set the registry for corepack
     && export COREPACK_NPM_REGISTRY=$(npm config get registry | sed 's/\/$//') \
@@ -80,7 +84,9 @@ COPY . .
 RUN npm run build:docker
 ## Application image, copy all the files for production
-FROM scratch AS app
+FROM busybox:latest AS app
+COPY --from=base /distroless/ /
 COPY --from=builder /app/public /app/public
@@ -90,13 +96,25 @@ COPY --from=builder /app/.next/standalone /app/
 COPY --from=builder /app/.next/static /app/.next/static
 COPY --from=builder /deps/node_modules/.pnpm /app/node_modules/.pnpm
+# Copy server launcher
+COPY --from=builder /app/scripts/serverLauncher/startServer.js /app/startServer.js
+RUN \
+    # Add nextjs:nodejs to run the app
+    addgroup -S -g 1001 nodejs \
+    && adduser -D -G nodejs -H -S -h /app -u 1001 nextjs \
+    # Set permission for nextjs:nodejs
+    && chown -R nextjs:nodejs /app /etc/proxychains4.conf
 ## Production image, copy all the files and run next
-FROM base
+FROM scratch
 # Copy all the files from app, set the correct permission for prerender cache
-COPY --from=app --chown=nextjs:nodejs /app /app
+COPY --from=app / /
 ENV NODE_ENV="production" \
+    NODE_OPTIONS="--use-openssl-ca" \
+    NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt" \
     NODE_TLS_REJECT_UNAUTHORIZED=""
 # set hostname to localhost
@@ -176,36 +194,6 @@ USER nextjs
 EXPOSE 3210/tcp
-CMD \
-    if [ -n "$PROXY_URL" ]; then \
-        # Set regex for IPv4
-        IP_REGEX="^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$"; \
-        # Set proxychains command
-        PROXYCHAINS="proxychains -q"; \
-        # Parse the proxy URL
-        host_with_port="${PROXY_URL#*//}"; \
-        host="${host_with_port%%:*}"; \
-        port="${PROXY_URL##*:}"; \
-        protocol="${PROXY_URL%%://*}"; \
-        # Resolve to IP address if the host is a domain
-        if ! [[ "$host" =~ "$IP_REGEX" ]]; then \
-            nslookup=$(nslookup -q="A" "$host" | tail -n +3 | grep 'Address:'); \
-            if [ -n "$nslookup" ]; then \
-                host=$(echo "$nslookup" | tail -n 1 | awk '{print $2}'); \
-            fi; \
-        fi; \
-        # Generate proxychains configuration file
-        printf "%s\n" \
-            'localnet 127.0.0.0/255.0.0.0' \
-            'localnet ::1/128' \
-            'proxy_dns' \
-            'remote_dns_subnet 224' \
-            'strict_chain' \
-            'tcp_connect_time_out 8000' \
-            'tcp_read_time_out 15000' \
-            '[ProxyList]' \
-            "$protocol $host $port" \
-        > "/etc/proxychains4.conf"; \
-    fi; \
-    # Run the server
-    ${PROXYCHAINS} node "/app/server.js";
+ENTRYPOINT ["/bin/node"]
+CMD ["/app/startServer.js"]

package/Dockerfile.database CHANGED Viewed

@@ -1,4 +1,4 @@
-## Base image for all the stages
+## Base image for all building stages
 FROM node:20-slim AS base
 ARG USE_CN_MIRROR
@@ -10,19 +10,22 @@ RUN \
     if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
         sed -i "s/deb.debian.org/mirrors.ustc.edu.cn/g" "/etc/apt/sources.list.d/debian.sources"; \
     fi \
-    # Add required package & update base package
+    # Add required package
     && apt update \
-    && apt install busybox proxychains-ng -qy \
-    && apt full-upgrade -qy \
-    && apt autoremove -qy --purge \
-    && apt clean -qy \
-    # Configure BusyBox
-    && busybox --install -s \
-    # Add nextjs:nodejs to run the app
-    && addgroup --system --gid 1001 nodejs \
-    && adduser --system --home "/app" --gid 1001 -uid 1001 nextjs \
-    # Set permission for nextjs:nodejs
-    && chown -R nextjs:nodejs "/etc/proxychains4.conf" \
+    && apt install ca-certificates proxychains-ng -qy \
+    # Prepare required package to distroless
+    && mkdir -p /distroless/bin /distroless/etc /distroless/etc/ssl/certs /distroless/lib \
+    # Copy proxychains to distroless
+    && cp /usr/lib/$(arch)-linux-gnu/libproxychains.so.4 /distroless/lib/libproxychains.so.4 \
+    && cp /usr/lib/$(arch)-linux-gnu/libdl.so.2 /distroless/lib/libdl.so.2 \
+    && cp /usr/bin/proxychains4 /distroless/bin/proxychains \
+    && cp /etc/proxychains4.conf /distroless/etc/proxychains4.conf \
+    # Copy node to distroless
+    && cp /usr/lib/$(arch)-linux-gnu/libstdc++.so.6 /distroless/lib/libstdc++.so.6 \
+    && cp /usr/lib/$(arch)-linux-gnu/libgcc_s.so.1 /distroless/lib/libgcc_s.so.1 \
+    && cp /usr/local/bin/node /distroless/bin/node \
+    # Copy CA certificates to distroless
+    && cp /etc/ssl/certs/ca-certificates.crt /distroless/etc/ssl/certs/ca-certificates.crt \
     # Cleanup temp files
     && rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/*
@@ -65,6 +68,7 @@ RUN \
     if [ "${USE_CN_MIRROR:-false}" = "true" ]; then \
         export SENTRYCLI_CDNURL="https://npmmirror.com/mirrors/sentry-cli"; \
         npm config set registry "https://registry.npmmirror.com/"; \
+        echo 'canvas_binary_host_mirror=https://npmmirror.com/mirrors/canvas' >> .npmrc; \
     fi \
     # Set the registry for corepack
     && export COREPACK_NPM_REGISTRY=$(npm config get registry | sed 's/\/$//') \
@@ -84,7 +88,9 @@ COPY . .
 RUN npm run build:docker
 ## Application image, copy all the files for production
-FROM scratch AS app
+FROM busybox:latest AS app
+COPY --from=base /distroless/ /
 COPY --from=builder /app/public /app/public
@@ -103,13 +109,25 @@ COPY --from=builder /app/src/database/server/migrations /app/migrations
 COPY --from=builder /app/scripts/migrateServerDB/docker.cjs /app/docker.cjs
 COPY --from=builder /app/scripts/migrateServerDB/errorHint.js /app/errorHint.js
+# Copy server launcher
+COPY --from=builder /app/scripts/serverLauncher/startServer.js /app/startServer.js
+RUN \
+    # Add nextjs:nodejs to run the app
+    addgroup -S -g 1001 nodejs \
+    && adduser -D -G nodejs -H -S -h /app -u 1001 nextjs \
+    # Set permission for nextjs:nodejs
+    && chown -R nextjs:nodejs /app /etc/proxychains4.conf
 ## Production image, copy all the files and run next
-FROM base
+FROM scratch
 # Copy all the files from app, set the correct permission for prerender cache
-COPY --from=app --chown=nextjs:nodejs /app /app
+COPY --from=app / /
 ENV NODE_ENV="production" \
+    NODE_OPTIONS="--use-openssl-ca" \
+    NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt" \
     NODE_TLS_REJECT_UNAUTHORIZED=""
 # set hostname to localhost
@@ -208,40 +226,6 @@ USER nextjs
 EXPOSE 3210/tcp
-CMD \
-    if [ -n "$PROXY_URL" ]; then \
-        # Set regex for IPv4
-        IP_REGEX="^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$"; \
-        # Set proxychains command
-        PROXYCHAINS="proxychains -q"; \
-        # Parse the proxy URL
-        host_with_port="${PROXY_URL#*//}"; \
-        host="${host_with_port%%:*}"; \
-        port="${PROXY_URL##*:}"; \
-        protocol="${PROXY_URL%%://*}"; \
-        # Resolve to IP address if the host is a domain
-        if ! [[ "$host" =~ "$IP_REGEX" ]]; then \
-            nslookup=$(nslookup -q="A" "$host" | tail -n +3 | grep 'Address:'); \
-            if [ -n "$nslookup" ]; then \
-                host=$(echo "$nslookup" | tail -n 1 | awk '{print $2}'); \
-            fi; \
-        fi; \
-        # Generate proxychains configuration file
-        printf "%s\n" \
-            'localnet 127.0.0.0/255.0.0.0' \
-            'localnet ::1/128' \
-            'proxy_dns' \
-            'remote_dns_subnet 224' \
-            'strict_chain' \
-            'tcp_connect_time_out 8000' \
-            'tcp_read_time_out 15000' \
-            '[ProxyList]' \
-            "$protocol $host $port" \
-        > "/etc/proxychains4.conf"; \
-    fi; \
-    # Run migration
-    node "/app/docker.cjs"; \
-    if [ "$?" -eq "0" ]; then \
-      # Run the server
-      ${PROXYCHAINS} node "/app/server.js"; \
-    fi;
+ENTRYPOINT ["/bin/node"]
+CMD ["/app/startServer.js"]

package/README.md CHANGED Viewed

@@ -285,14 +285,14 @@ Our marketplace is not just a showcase platform but also a collaborative space.
 <!-- AGENT LIST -->
-| Recent Submits                                                                                                                                                                           | Description                                                                                                                                                                                                             |
-| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [Contract Clause Refiner v1.0](https://chat-preview.lobehub.com/market?agent=business-contract)<br/><sup>By **[houhoufm](https://github.com/houhoufm)** on **2024-09-24**</sup>          | Output: {Optimize contract clauses for professional and concise expression}<br/>`contract-optimization` `legal-consultation` `copywriting` `terminology` `project-management`                                           |
-| [Meeting Assistant v1.0](https://chat-preview.lobehub.com/market?agent=meeting)<br/><sup>By **[houhoufm](https://github.com/houhoufm)** on **2024-09-24**</sup>                          | Professional meeting report assistant, distilling meeting key points into report sentences<br/>`meeting-reports` `writing` `communication` `workflow` `professional-skills`                                             |
-| [Stable Album Cover Prompter](https://chat-preview.lobehub.com/market?agent=title-bpm-stimmung)<br/><sup>By **[MellowTrixX](https://github.com/MellowTrixX)** on **2024-09-24**</sup>    | Professional graphic designer for front cover design specializing in creating visual concepts and designs for melodic techno music albums.<br/>`album-cover` `prompt` `stable-diffusion` `cover-design` `cover-prompts` |
-| [Advertising Copywriting Master](https://chat-preview.lobehub.com/market?agent=advertising-copywriting-master)<br/><sup>By **[leter](https://github.com/leter)** on **2024-09-23**</sup> | Specializing in product function analysis and advertising copywriting that resonates with user values<br/>`advertising-copy` `user-values` `marketing-strategy`                                                         |
-> 📊 Total agents: [<kbd>**392**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
+| Recent Submits                                                                                                                                                                              | Description                                                                                                                                                                                                                            |
+| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [Birthday Invitation Messages](https://chat-preview.lobehub.com/market?agent=birthday-invitation-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup> | Specializes in crafting engaging and personalized Birthday Invitation messages, catering to various themes and tones.<br/>`message-composition` `personalization` `tone-versatility` `event-detail-integration` `interaction-approach` |
+| [Death Anniversary Messages](https://chat-preview.lobehub.com/market?agent=death-anniversary-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>     | Specializes in crafting sensitive and heartfelt Death Anniversary messages with compassion and empathy.<br/>`condolences` `message-composition` `grief-support` `cultural-awareness` `emotional-sensitivity`                           |
+| [Flux Prompt Generator](https://chat-preview.lobehub.com/market?agent=flux-prompt-generator)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>              | Flux Prompt Generation Assistant: Expert in crafting detailed, creative prompts for high-quality image outputs from the Flux model.<br/>`prompt-generation` `image-generation` `art-style` `creativity` `crafting`                     |
+| [God Bless You Messages](https://chat-preview.lobehub.com/market?agent=god-bless-you-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>             | Expert in crafting personalized "God Bless You" messages with spiritual sensitivity and language mastery.<br/>`message-composition` `personalization` `spiritual-sensitivity` `language-mastery` `interaction-approach`                |
+> 📊 Total agents: [<kbd>**403**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
  <!-- AGENT LIST -->

package/README.zh-CN.md CHANGED Viewed

@@ -273,14 +273,14 @@ LobeChat 的插件生态系统是其核心功能的重要扩展，它极大地
 <!-- AGENT LIST -->
-| 最近新增                                                                                                                                                                         | 助手说明                                                                                                              |
-| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
-| [合同条款精炼师 v1.0](https://chat-preview.lobehub.com/market?agent=business-contract)<br/><sup>By **[houhoufm](https://github.com/houhoufm)** on **2024-09-24**</sup>           | 输出: {优化合同条款，专业简洁表达}<br/>`合同优化` `法律咨询` `文案撰写` `专业术语` `项目管理`                         |
-| [会议助手 v1.0](https://chat-preview.lobehub.com/market?agent=meeting)<br/><sup>By **[houhoufm](https://github.com/houhoufm)** on **2024-09-24**</sup>                           | 专业会议汇报助手，提炼会议要点成汇报句子<br/>`会议汇报` `撰写` `沟通` `工作流程` `专业技能`                           |
-| [稳定专辑封面提示生成器](https://chat-preview.lobehub.com/market?agent=title-bpm-stimmung)<br/><sup>By **[MellowTrixX](https://github.com/MellowTrixX)** on **2024-09-24**</sup> | 专业的平面设计师，专注于为旋律科技音乐专辑创建视觉概念和设计。<br/>`专辑封面` `提示` `稳定扩散` `封面设计` `封面提示` |
-| [广告文案创作大师](https://chat-preview.lobehub.com/market?agent=advertising-copywriting-master)<br/><sup>By **[leter](https://github.com/leter)** on **2024-09-23**</sup>       | 擅长产品功能分析与用户价值观广告文案创作<br/>`广告文案` `用户价值观` `营销策略`                                       |
-> 📊 Total agents: [<kbd>**392**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
+| 最近新增                                                                                                                                                                    | 助手说明                                                                                                                               |
+| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
+| [生日邀请信息](https://chat-preview.lobehub.com/market?agent=birthday-invitation-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup> | 专注于制作引人入胜和个性化的生日邀请信息，适应各种主题和语气。<br/>`信息构成` `个性化` `语气多样性` `活动细节整合` `互动方式`          |
+| [忌日信息](https://chat-preview.lobehub.com/market?agent=death-anniversary-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>       | 专注于以同情和共情的方式撰写敏感且发自内心的忌日信息。<br/>`慰问` `信息撰写` `悲伤支持` `文化意识` `情感敏感性`                        |
+| [Flux 提示生成器](https://chat-preview.lobehub.com/market?agent=flux-prompt-generator)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>    | Flux 提示生成助手：专注于为 Flux 模型生成高质量图像输出而创作详细、创意提示的专家。<br/>`提示生成` `图像生成` `艺术风格` `创意` `创作` |
+| [上帝保佑你的信息](https://chat-preview.lobehub.com/market?agent=god-bless-you-message)<br/><sup>By **[tcmonster](https://github.com/tcmonster)** on **2024-09-29**</sup>   | 擅长以灵性敏感和语言掌握来创作个性化的 “上帝保佑你” 信息。<br/>`信息创作` `个性化` `灵性敏感` `语言掌握` `互动方式`                    |
+> 📊 Total agents: [<kbd>**403**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
  <!-- AGENT LIST -->

package/docs/self-hosting/server-database/docker-compose.mdx CHANGED Viewed

@@ -88,7 +88,7 @@ docker compose up -d
    - `Redirect URI` should be `http://localhost:3210/api/auth/callback/logto`
    - `Post sign-out redirect URI` should be `http://localhost:3210/`
-3. Obtain the `App ID` and `App secrets`, and fill them into your `.env` file corresponding to `LOGTO_CLIENT_ID` and `LOGTO_CLIENT_SECRET`.
+3. Obtain the `App ID` and `App secrets`, and fill them into your `.env` file corresponding to `AUTH_LOGTO_ID` and `AUTH_LOGTO_SECRET`.
 ### Configure MinIO S3
@@ -258,9 +258,9 @@ You need to first access the WebUI for configuration:
      src="https://github.com/user-attachments/assets/5b816379-c07b-40ea-bde4-df16e2e4e523"
    />
-5. Obtain `App ID` and `App secrets`, and fill them into your `.env` file under `LOGTO_CLIENT_ID` and `LOGTO_CLIENT_SECRET`.
+5. Obtain `App ID` and `App secrets`, and fill them into your `.env` file under `AUTH_LOGTO_ID` and `AUTH_LOGTO_SECRET`.
-6. Set `LOGTO_ISSUER` in your `.env` file to `https://lobe-auth-api.example.com/oidc`.
+6. Set `AUTH_LOGTO_ISSUER` in your `.env` file to `https://lobe-auth-api.example.com/oidc`.
    <Image
      alt="Configure environment variables"
@@ -349,8 +349,8 @@ To facilitate one-click copying, here are the example configuration files needed
 ```sh
 # Logto secret
-LOGTO_CLIENT_ID=
-LOGTO_CLIENT_SECRET=
+AUTH_LOGTO_ID=
+AUTH_LOGTO_SECRET=
 # MinIO S3 configuration
 MINIO_ROOT_USER=YOUR_MINIO_USER
@@ -467,7 +467,7 @@ services:
       - 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
       - 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
       - 'NEXTAUTH_URL=http://localhost:${LOBE_PORT}/api/auth'
-      - 'LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
+      - 'AUTH_LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
       - 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
       - 'S3_ENDPOINT=http://localhost:${MINIO_PORT}'
       - 'S3_BUCKET=${MINIO_LOBE_BUCKET}'
@@ -519,9 +519,9 @@ NEXTAUTH_URL=https://lobe.example.com/api/auth
 # NextAuth providers configuration (example using Logto)
 # For other providers, see: https://lobehub.com/docs/self-hosting/environment-variables/auth
-LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
-LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
-LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
+AUTH_LOGTO_ID=YOUR_LOGTO_CLIENT_ID
+AUTH_LOGTO_SECRET=YOUR_LOGTO_CLIENT_SECRET
+AUTH_LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
 # Proxy settings (if needed, e.g., when using GitHub as an auth provider)
 # HTTP_PROXY=http://localhost:7890

package/docs/self-hosting/server-database/docker-compose.zh-CN.mdx CHANGED Viewed

@@ -86,7 +86,7 @@ docker compose up -d
    - `Redirect URI` 为 `http://localhost:3210/api/auth/callback/logto`
    - `Post sign-out redirect URI` 为 `http://localhost:3210/`
-3. 获取 `App ID` 和 `App secrets`，填入 `.env` 文件中对应的 `LOGTO_CLIENT_ID` 、 `LOGTO_CLIENT_SECRETT`
+3. 获取 `App ID` 和 `App secrets`，填入 `.env` 文件中对应的 `AUTH_LOGTO_ID` 、 `AUTH_LOGTO_SECRET`
 ### 配置 MinIO S3
@@ -256,9 +256,9 @@ docker compose up -d # 重新启动
      src="https://github.com/user-attachments/assets/5b816379-c07b-40ea-bde4-df16e2e4e523"
    />
-5. 获取 `App ID` 和 `App secrets`，填入你的 `.env` 文件中的 `LOGTO_CLIENT_ID` 和 `LOGTO_CLIENT_SECRETT` 中
+5. 获取 `App ID` 和 `App secrets`，填入你的 `.env` 文件中的 `AUTH_LOGTO_ID` 和 `AUTH_LOGTO_SECRET` 中
-6. 配置你的 `.env` 文件中 `LOGTO_ISSUER` 为 `https://lobe-auth-api.example.com/oidc`
+6. 配置你的 `.env` 文件中 `AUTH_LOGTO_ISSUER` 为 `https://lobe-auth-api.example.com/oidc`
    <Image
      alt="配置 Logto 环境变量"
@@ -346,8 +346,8 @@ docker compose up -d # 重新启动
 ```sh
 # Logto secret
-LOGTO_CLIENT_ID=
-LOGTO_CLIENT_SECRET=
+AUTH_LOGTO_ID=
+AUTH_LOGTO_SECRET=
 # MinIO S3 配置
 MINIO_ROOT_USER=YOUR_MINIO_USER
@@ -464,7 +464,7 @@ services:
       - 'KEY_VAULTS_SECRET=Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ='
       - 'NEXT_AUTH_SECRET=NX2kaPE923dt6BL2U8e9oSre5RfoT7hg'
       - 'NEXTAUTH_URL=http://localhost:${LOBE_PORT}/api/auth'
-      - 'LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
+      - 'AUTH_LOGTO_ISSUER=http://localhost:${LOGTO_PORT}/oidc'
       - 'DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgresql:5432/${LOBE_DB_NAME}'
       - 'S3_ENDPOINT=http://localhost:${MINIO_PORT}'
       - 'S3_BUCKET=${MINIO_LOBE_BUCKET}'
@@ -515,9 +515,9 @@ NEXTAUTH_URL=https://lobe.example.com/api/auth
 # NextAuth 鉴权服务提供商部分，以 Logto 为例
 # 其他鉴权服务提供商所需的环境变量，请参考：https://lobehub.com/zh/docs/self-hosting/environment-variables/auth
-LOGTO_CLIENT_ID=YOUR_LOGTO_CLIENT_ID
-LOGTO_CLIENT_SECRET=YOUR_LOGTO_CLIENT_SECRET
-LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
+AUTH_LOGTO_ID=YOUR_LOGTO_CLIENT_ID
+AUTH_LOGTO_SECRET=YOUR_LOGTO_CLIENT_SECRET
+AUTH_LOGTO_ISSUER=https://lobe-auth-api.example.com/oidc
 # 代理相关，如果你需要的话（比如你使用 GitHub 作为鉴权服务提供商）
 # HTTP_PROXY=http://localhost:7890

package/docs/self-hosting/server-database/docker.zh-CN.mdx CHANGED Viewed

@@ -22,7 +22,8 @@ tags:
 <Callout type="info">
   本文已经假定你了解了 LobeChat 服务端数据库版本（下简称 DB
   版）的部署基本原理和流程，因此只包含核心环境变量配置的内容。如果你还不了解 LobeChat DB
-  版的部署原理，请先查阅 [使用服务端数据库部署](/zh/docs/self-hosting/server-database) 。
+  版的部署原理，请先查阅 [使用服务端数据库部署](https://lobehub.com/zh/docs/self-hosting/advanced/s3/tencent-cloud) 。
+  此外，针对国内的腾讯云储存桶用户，可查询[配置腾讯云 COS 存储服务](https://lobehub.com/zh/docs/self-hosting/advanced/s3/tencent-cloud)。
 </Callout>
 <Callout type="warning">
@@ -83,9 +84,11 @@ AUTH0_ISSUER=https://lobe-chat-demo.us.auth0.com
 # S3 相关
 S3_ACCESS_KEY_ID=xxxxxxxxxx
 S3_SECRET_ACCESS_KEY=xxxxxxxxxx
-S3_ENDPOINT=https://xxxxxxxxxx.r2.cloudflarestorage.com # 用于 S3 API 访问的域名
+# 用于 S3 API 访问的域名
+S3_ENDPOINT=https://xxxxxxxxxx.r2.cloudflarestorage.com
 S3_BUCKET=lobechat
-S3_PUBLIC_DOMAIN=https://s3-for-lobechat.your-domain.com # 用于外网访问 S3 的公共域名，需配置 CORS
+# 用于外网访问 S3 的公共域名，需配置 CORS
+S3_PUBLIC_DOMAIN=https://s3-for-lobechat.your-domain.com
 # S3_REGION=ap-chengdu # 如果需要指定地域
 # 其他环境变量，视需求而定

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.20.4",
+  "version": "1.20.6",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",

package/scripts/serverLauncher/startServer.js ADDED Viewed

@@ -0,0 +1,197 @@
+const dns = require('dns').promises;
+const fs = require('fs').promises;
+const tls = require('tls');
+const { spawn } = require('child_process');
+// Set file paths
+const DB_MIGRATION_SCRIPT_PATH = '/app/docker.cjs';
+const SERVER_SCRIPT_PATH = '/app/server.js';
+const PROXYCHAINS_CONF_PATH = '/etc/proxychains4.conf';
+// Function to check if a string is a valid IP address
+const isValidIP = (ip, version = 4) => {
+  const ipv4Regex = /^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/;
+  const ipv6Regex = /^(([0-9a-f]{1,4}:){7,7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$/;
+  switch (version) {
+    case 4:
+      return ipv4Regex.test(ip);
+    case 6:
+      return ipv6Regex.test(ip);
+    default:
+      return ipv4Regex.test(ip) || ipv6Regex.test(ip);
+  }
+};
+// Function to check TLS validity of a URL
+const isValidTLS = (url = '') => {
+  if (!url) {
+    console.log('⚠️ TLS Check: No URL provided. Skipping TLS check. Ensure correct setting ENV.');
+    console.log('-------------------------------------');
+    return Promise.resolve();
+  }
+  const { protocol, host, port } = parseUrl(url);
+  if (protocol !== 'https') {
+    console.log(`⚠️ TLS Check: Non-HTTPS protocol (${protocol}). Skipping TLS check for ${url}.`);
+    console.log('-------------------------------------');
+    return Promise.resolve();
+  }
+  const options = { host, port, servername: host };
+  return new Promise((resolve, reject) => {
+    const socket = tls.connect(options, () => {
+      if (socket.authorized) {
+        console.log(`✅ TLS Check: Valid certificate for ${host}:${port}.`);
+        console.log('-------------------------------------');
+        resolve();
+      }
+      socket.end();
+    });
+    socket.on('error', (err) => {
+      const errMsg = `❌ TLS Check: Error for ${host}:${port}. Details:`;
+      switch (err.code) {
+        case 'CERT_HAS_EXPIRED':
+        case 'DEPTH_ZERO_SELF_SIGNED_CERT':
+          console.error(`${errMsg} Certificate is not valid. Consider setting NODE_TLS_REJECT_UNAUTHORIZED="0" or mapping /etc/ssl/certs/ca-certificates.crt.`);
+          break;
+        case 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY':
+          console.error(`${errMsg} Unable to verify issuer. Ensure correct mapping of /etc/ssl/certs/ca-certificates.crt.`);
+          break;
+        default:
+          console.error(`${errMsg} Network issue. Check firewall or DNS.`);
+          break;
+      }
+      reject(err);
+    });
+  });
+};
+// Function to check TLS connections for OSS and Auth Issuer
+const checkTLSConnections = async () => {
+  await Promise.all([
+    isValidTLS(process.env.S3_ENDPOINT),
+    isValidTLS(process.env.S3_PUBLIC_DOMAIN),
+    isValidTLS(getEnvVarsByKeyword('_ISSUER')),
+  ]);
+};
+// Function to get environment variable by keyword
+const getEnvVarsByKeyword = (keyword) => {
+  return Object.entries(process.env)
+    .filter(([key, value]) => key.includes(keyword) && value)
+    .map(([, value]) => value)[0] || null;
+};
+// Function to parse protocol, host and port from a URL
+const parseUrl = (url) => {
+  const { protocol, hostname: host, port } = new URL(url);
+  return { protocol: protocol.replace(':', ''), host, port: port || 443 };
+};
+// Function to resolve host IP via DNS
+const resolveHostIP = async (host, version = 4) => {
+  try {
+    const { address } = await dns.lookup(host, { family: version });
+    if (!isValidIP(address, version)) {
+      console.error(`❌ DNS Error: Invalid resolved IP: ${address}. IP address must be IPv${version}.`);
+      process.exit(1);
+    }
+    return address;
+  } catch (err) {
+    console.error(`❌ DNS Error: Could not resolve ${host}. Check DNS server:`);
+    console.error(err);
+    process.exit(1);
+  }
+};
+// Function to generate proxychains configuration
+const runProxyChainsConfGenerator = async (url) => {
+  const { protocol, host, port } = parseUrl(url);
+  if (!['http', 'socks4', 'socks5'].includes(protocol)) {
+    console.error(`❌ ProxyChains: Invalid protocol (${protocol}). Protocol must be 'http', 'socks4' and 'socks5'.`);
+    process.exit(1);
+  }
+  const validPort = parseInt(port, 10);
+  if (isNaN(validPort) || validPort <= 0 || validPort > 65535) {
+    console.error(`❌ ProxyChains: Invalid port (${port}). Port must be a number between 1 and 65535.`);
+    process.exit(1);
+  }
+  let ip = isValidIP(host, 4) ? host : await resolveHostIP(host, 4);
+  const configContent = `
+localnet 127.0.0.0/255.0.0.0
+localnet ::1/128
+proxy_dns
+remote_dns_subnet 224
+strict_chain
+tcp_connect_time_out 8000
+tcp_read_time_out 15000
+[ProxyList]
+${protocol} ${ip} ${port}
+`.trim();
+  await fs.writeFile(PROXYCHAINS_CONF_PATH, configContent);
+  console.log(`✅ ProxyChains: All outgoing traffic routed via ${protocol}://${ip}:${port}.`);
+  console.log('-------------------------------------');
+};
+// Function to execute a script with child process spawn
+const runScript = (scriptPath, useProxy = false) => {
+  const command = useProxy ? ['/bin/proxychains', '-q', '/bin/node', scriptPath] : ['/bin/node', scriptPath];
+  return new Promise((resolve, reject) => {
+    const process = spawn(command.shift(), command, { stdio: 'inherit' });
+    process.on('close', (code) => (code === 0 ? resolve() : reject(new Error(`🔴 Process exited with code ${code}`))));
+  });
+};
+// Main function to run the server with optional proxy
+const runServer = async () => {
+  const PROXY_URL = process.env.PROXY_URL || ''; // Default empty string to avoid undefined errors
+  if (PROXY_URL) {
+    await runProxyChainsConfGenerator(PROXY_URL);
+    return runScript(SERVER_SCRIPT_PATH, true);
+  }
+  return runScript(SERVER_SCRIPT_PATH);
+};
+// Main execution block
+(async () => {
+  console.log('🌐 DNS Server:', dns.getServers());
+  console.log('-------------------------------------');
+  if (process.env.DATABASE_DRIVER) {
+    try {
+      try {
+        await fs.access(DB_MIGRATION_SCRIPT_PATH);
+        await runScript(DB_MIGRATION_SCRIPT_PATH);
+      } catch (err) {
+        if (err.code === 'ENOENT') {
+          console.log(`⚠️ DB Migration: Not found ${DB_MIGRATION_SCRIPT_PATH}. Skipping DB migration. Ensure to migrate database manually.`);
+          console.log('-------------------------------------');
+        } else {
+          console.error('❌ Error during DB migration:');
+          console.error(err);
+          process.exit(1);
+        }
+      }
+      await checkTLSConnections();
+    } catch (err) {
+      console.error('❌ Error during TLS connection check:');
+      console.error(err);
+      process.exit(1);
+    }
+  }
+  // Run the server in either database or non-database mode
+  await runServer();
+})();