Last active
February 8, 2025 19:46
-
-
Save gijigae/ae00c2c61146861f808d6973f329ccb8 to your computer and use it in GitHub Desktop.
Install dify with HTTPS setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Check if email and domain parameters are provided | |
| if [ $# -ne 2 ]; then | |
| echo "Usage: $0 <email> <domain>" | |
| exit 1 | |
| fi | |
| EMAIL=$1 | |
| DOMAIN=$2 | |
| # Install Docker | |
| curl -fsSL https://get.docker.com -o get-docker.sh | |
| sudo sh get-docker.sh | |
| sudo usermod -aG docker $USER | |
| # Clone Dify repository | |
| git clone https://github.com/langgenius/dify.git | |
| cd dify | |
| # Copy .env.example to .env | |
| cp docker/.env.example docker/.env | |
| # Update .env | |
| sed -i 's/^NGINX_SSL_CERT_FILENAME=.*/NGINX_SSL_CERT_FILENAME=fullchain.pem/' docker/.env | |
| sed -i 's/^NGINX_SSL_CERT_KEY_FILENAME=.*/NGINX_SSL_CERT_KEY_FILENAME=privkey.pem/' docker/.env | |
| sed -i 's/^NGINX_ENABLE_CERTBOT_CHALLENGE=.*/NGINX_ENABLE_CERTBOT_CHALLENGE=true/' docker/.env | |
| sed -i "s/^CERTBOT_DOMAIN=.*/CERTBOT_DOMAIN=$DOMAIN/" docker/.env | |
| sed -i "s/^CERTBOT_EMAIL=.*/CERTBOT_EMAIL=$EMAIL/" docker/.env | |
| # Update SERVICE_API_URL and APP_WEB_URL | |
| sed -i "s|^SERVICE_API_URL=.*|SERVICE_API_URL=https://$DOMAIN|" docker/.env | |
| sed -i "s|^APP_WEB_URL=.*|APP_WEB_URL=https://$DOMAIN|" docker/.env | |
| # Prune Docker networks and start containers | |
| sudo docker network prune -f | |
| sudo docker compose -f docker/docker-compose.yaml --profile certbot up --force-recreate -d | |
| # Run certbot | |
| sudo docker compose -f docker/docker-compose.yaml exec -T certbot /bin/sh /update-cert.sh | |
| # Enable HTTPS | |
| sed -i 's/^NGINX_HTTPS_ENABLED=.*/NGINX_HTTPS_ENABLED=true/' docker/.env | |
| # Recreate nginx container | |
| sudo docker compose -f docker/docker-compose.yaml --profile certbot up -d --no-deps --force-recreate nginx | |
| echo "Dify installation with SSL is complete. Please check https://$DOMAIN" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@gijigae
Hi, it looks like you're sharing the note to run this script with
sudo, but if a non-root user runs this withsudo, the 'dify' directory created bygit cloneends up being owned byroot. So, the non-root user won’t be able to do anything inside that 'dify' directory.Also, since
$USERis always root, I don’t really see the point of adding them to thedockergroup byusermod. I kinda think this script wasn’t really meant to be run withsudoin the first place 😃Just wanted to share that for your info; I wrote more about it on Discord. Thanks!