William Gill
def27087c1
Floating tags (`latest`, `main`) made deploys non-deterministic — a
container recreate could pull a newer Open WebUI, Ollama, or Anubis at
any time. Wrapped every image: src in a ${VAR:-default} substitution
and surfaced the full set in .env.example with a header explaining
where to find current versions and bumped COMFYUI_IMAGE_TAG default
to 0.2.1 (the just-tagged version with the transformers pin).
Vars added: CADDY_TAG, OLLAMA_TAG, OPEN_WEBUI_TAG, ALPINE_TAG,
ANUBIS_TAG (COMFYUI_IMAGE_TAG already existed). Defaults match the
previous floating-tag behaviour for ones I'm not confident which
specific version to pin (Ollama, Open WebUI, Anubis) — operator should
update those to verified versions for production deploys.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
55 lines
2.5 KiB
Plaintext
55 lines
2.5 KiB
Plaintext
# Copy to .env and fill in. docker compose picks .env up automatically.
|
|
# Never commit the populated .env — it's in .gitignore at repo root.
|
|
|
|
# Public URL Open WebUI is reached at, with scheme. Used for auth redirects
|
|
# and email-link generation.
|
|
WEBUI_URL=https://chat.example.com
|
|
|
|
# Bare hostname (no scheme) for the same Open WebUI host. Used as the cookie
|
|
# domain by the Anubis sidecar so its session cookie scopes correctly.
|
|
LLM_URL=chat.example.com
|
|
|
|
# Cookie-signing key for Open WebUI sessions. Generate once with:
|
|
# openssl rand -hex 32
|
|
# Must stay stable across restarts — rotating it logs every user out.
|
|
WEBUI_SECRET_KEY=replace-with-32-byte-hex
|
|
|
|
# Ed25519 private key (hex) for the Anubis PoW sidecar. Generate with:
|
|
# openssl rand -hex 32
|
|
# Only needed if you uncomment the anubis-owui service in docker-compose.yml.
|
|
ANUBIS_OWUI_KEY=replace-with-32-byte-hex
|
|
|
|
# ─── Image tags ─────────────────────────────────────────────────────────────
|
|
# Pin to specific versions for reproducible deploys. The defaults below are
|
|
# the last set verified to work end-to-end for this stack — change only when
|
|
# you've tested a newer combination. `latest` / `main` is fine for local
|
|
# experimentation but means deploys are non-deterministic.
|
|
#
|
|
# Find current tags at:
|
|
# ComfyUI git.anomalous.dev/alphacentri/comfyui-nvidia/-/tags
|
|
# Caddy https://hub.docker.com/_/caddy/tags
|
|
# Ollama https://hub.docker.com/r/ollama/ollama/tags
|
|
# Open WebUI https://github.com/open-webui/open-webui/pkgs/container/open-webui
|
|
# Alpine https://hub.docker.com/_/alpine/tags
|
|
# Anubis https://github.com/TecharoHQ/anubis/pkgs/container/anubis
|
|
|
|
COMFYUI_IMAGE_TAG=0.2.1
|
|
CADDY_TAG=2-alpine
|
|
OLLAMA_TAG=latest
|
|
OPEN_WEBUI_TAG=main
|
|
ALPINE_TAG=3.20
|
|
ANUBIS_TAG=latest
|
|
|
|
# HuggingFace access token. Only needed if comfyui-init-models.sh references
|
|
# gated repos (Flux-dev, SD3, etc.). Generate a read token at
|
|
# https://huggingface.co/settings/tokens. Leave empty for public-only.
|
|
HF_TOKEN=
|
|
|
|
# HTTPS base URL of an S3 bucket / CDN that hosts mirrored Ollama model
|
|
# tarballs (created by mirror-ollama-model.sh). Files under this base are
|
|
# fetched by init-models.sh's s3_pull instead of registry.ollama.ai —
|
|
# faster and immune to upstream rate-limiting / removal. Example:
|
|
# S3_OLLAMA_BASE=https://your-bucket.s3.amazonaws.com/ollama-models
|
|
# Leave empty to fall back to plain `ollama pull` for everything.
|
|
S3_OLLAMA_BASE=
|