Merge pull request #257 from matthewhand/feature-nginx-clean

.github/workflows/gh-pages.yml

@@ -1,55 +0,0 @@
----
-name: Deploy site to Pages
-
-on:
-  # Runs on pushes targeting the default branch
-  push:
-    branches: ["main"]
-
-  # Allows you to run this workflow manually from the Actions tab
-  workflow_dispatch:
-
-# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
-# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
-# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
-concurrency:
-  group: "pages"
-  cancel-in-progress: false
-
-jobs:
-  # Build job
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Setup Node
-        uses: actions/setup-node@v4
-        with:
-          node-version-file: ".node-version"
-          cache: npm
-      - name: Install dependencies
-        run: npm ci
-      - name: Build
-        run: npm run build
-      - name: Upload artifact
-        uses: actions/upload-pages-artifact@v3
-        with:
-          path: ./build
-
-  # Deployment job
-  deploy:
-    environment:
-      name: github-pages
-      url: ${{ steps.deployment.outputs.page_url }}
-    runs-on: ubuntu-latest
-    needs: build
-    steps:
-      - name: Deploy to GitHub Pages
-        id: deployment
-        uses: actions/deploy-pages@v4

docs/tutorials/integrations/https-nginx.md

@@ -0,0 +1,40 @@
+:::warning
+This tutorial is a community contribution and is not supported by the OpenWebUI team. It serves only as a demonstration on how to customize OpenWebUI for your specific use case. Want to contribute? Check out the contributing tutorial.
+:::
+
+# HTTPS using Nginx
+
+Ensuring secure communication between your users and the Open WebUI is paramount. HTTPS (HyperText Transfer Protocol Secure) encrypts the data transmitted, protecting it from eavesdroppers and tampering. By configuring Nginx as a reverse proxy, you can seamlessly add HTTPS to your Open WebUI deployment, enhancing both security and trustworthiness.
+
+This guide provides two methods to set up HTTPS:
+- **Self-Signed Certificates**: Ideal for development and internal use.
+- **Let's Encrypt**: Perfect for production environments requiring trusted SSL certificates.
+
+Choose the method that best fits your deployment needs.
+
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+import SelfSigned from './tab-nginx/SelfSigned.md';
+import LetsEncrypt from './tab-nginx/LetsEncrypt.md';
+
+<Tabs>
+  <TabItem value="self-signed" label="Self-Signed Certificate">
+    <SelfSigned />
+  </TabItem>
+
+  <TabItem value="letsencrypt" label="Let's Encrypt">
+    <LetsEncrypt />
+  </TabItem>
+</Tabs>
+
+## Next Steps
+
+After setting up HTTPS, access Open WebUI securely at:
+
+- [https://localhost](https://localhost)
+
+Ensure that your DNS records are correctly configured if you're using a domain name. For production environments, it's recommended to use Let's Encrypt for trusted SSL certificates.
+
+---
+

docs/tutorials/integrations/tab-nginx/LetsEncrypt.md

@@ -0,0 +1,108 @@
+
+### Let's Encrypt
+
+Let's Encrypt provides free SSL certificates trusted by most browsers, ideal for production environments.
+
+#### Prerequisites
+
+- **Certbot** installed on your system.
+- DNS records properly configured to point to your server.
+
+#### Steps
+
+1. **Create Directories for Nginx Files:**
+
+    ```bash
+    mkdir -p conf.d ssl
+    ```
+
+2. **Create Nginx Configuration File:**
+
+    **`conf.d/open-webui.conf`:**
+
+    ```nginx
+    server {
+        listen 80;
+        server_name your_domain_or_IP;
+
+        location / {
+            proxy_pass http://host.docker.internal:3000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+    ```
+
+3. **Simplified Let's Encrypt Script:**
+
+    **`enable_letsencrypt.sh`:**
+
+    ```bash
+    #!/bin/bash
+
+    # Description: Simplified script to obtain and install Let's Encrypt SSL certificates using Certbot.
+
+    DOMAIN="your_domain_or_IP"
+    EMAIL="your_email@example.com"
+
+    # Install Certbot if not installed
+    if ! command -v certbot &> /dev/null; then
+        echo "Certbot not found. Installing..."
+        sudo apt-get update
+        sudo apt-get install -y certbot python3-certbot-nginx
+    fi
+
+    # Obtain SSL certificate
+    sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos -m "$EMAIL"
+
+    # Reload Nginx to apply changes
+    sudo systemctl reload nginx
+
+    echo "Let's Encrypt SSL certificate has been installed and Nginx reloaded."
+    ```
+
+    **Make the script executable:**
+
+    ```bash
+    chmod +x enable_letsencrypt.sh
+    ```
+
+4. **Update Docker Compose Configuration:**
+
+    Add the Nginx service to your `docker-compose.yml`:
+
+    ```yaml
+    services:
+      nginx:
+        image: nginx:alpine
+        ports:
+          - "80:80"
+          - "443:443"
+        volumes:
+          - ./conf.d:/etc/nginx/conf.d
+          - ./ssl:/etc/nginx/ssl
+        depends_on:
+          - open-webui
+    ```
+
+5. **Start Nginx Service:**
+
+    ```bash
+    docker compose up -d nginx
+    ```
+
+6. **Run the Let's Encrypt Script:**
+
+    Execute the script to obtain and install the SSL certificate:
+
+    ```bash
+    ./enable_letsencrypt.sh
+    ```
+
+#### Access the WebUI
+
+Access Open WebUI via HTTPS at:
+
+[https://your_domain_or_IP](https://your_domain_or_IP)

docs/tutorials/integrations/tab-nginx/SelfSigned.md

@@ -0,0 +1,74 @@
+### Self-Signed Certificate
+
+Using self-signed certificates is suitable for development or internal use where trust is not a critical concern.
+
+#### Steps
+
+1. **Create Directories for Nginx Files:**
+
+    ```bash
+    mkdir -p conf.d ssl
+    ```
+
+2. **Create Nginx Configuration File:**
+
+    **`conf.d/open-webui.conf`:**
+
+    ```nginx
+    server {
+        listen 443 ssl;
+        server_name your_domain_or_IP;
+
+        ssl_certificate /etc/nginx/ssl/nginx.crt;
+        ssl_certificate_key /etc/nginx/ssl/nginx.key;
+        ssl_protocols TLSv1.2 TLSv1.3;
+
+        location / {
+            proxy_pass http://host.docker.internal:3000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+    ```
+
+3. **Generate Self-Signed SSL Certificates:**
+
+    ```bash
+    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+    -keyout ssl/nginx.key \
+    -out ssl/nginx.crt \
+    -subj "/CN=your_domain_or_IP"
+    ```
+
+4. **Update Docker Compose Configuration:**
+
+    Add the Nginx service to your `docker-compose.yml`:
+
+    ```yaml
+    services:
+      nginx:
+        image: nginx:alpine
+        ports:
+          - "443:443"
+        volumes:
+          - ./conf.d:/etc/nginx/conf.d
+          - ./ssl:/etc/nginx/ssl
+        depends_on:
+          - open-webui
+    ```
+
+5. **Start Nginx Service:**
+
+    ```bash
+    docker compose up -d nginx
+    ```
+
+#### Access the WebUI
+
+Access Open WebUI via HTTPS at:
+
+[https://your_domain_or_IP](https://your_domain_or_IP)
+
+---

docusaurus.config.ts

@@ -51,6 +51,7 @@ const config: Config = {
 				blog: {
 					showReadingTime: true,
 					// Please change this to your repo.
+					exclude: ['**/tab-**/**'],
 					// Remove this to remove the "edit this page" links.
 					// editUrl:
 					// "https://github.com/facebook/docusaurus/tree/main/packages/create-docusaurus/templates/shared/",