Add support for non-letsencrypt-based https in docker compose setup (#628)

deployment/docker_compose/docker-compose.prod-no-letsencrypt.yml

@@ -0,0 +1,106 @@
+version: '3'
+services:
+  api_server:
+    image: danswer/danswer-backend:latest
+    build:
+      context: ../../backend
+      dockerfile: Dockerfile
+    command: >
+      /bin/sh -c "alembic upgrade head &&
+      echo \"Starting Danswer Api Server\" &&
+      uvicorn danswer.main:app --host 0.0.0.0 --port 8080"
+    depends_on:
+      - relational_db
+      - document_index
+    restart: always
+    env_file:
+      - .env
+    environment:
+      - AUTH_TYPE=${AUTH_TYPE:-google_oauth}
+      - POSTGRES_HOST=relational_db
+      - VESPA_HOST=document_index
+    volumes:
+      - local_dynamic_storage:/home/storage
+      - file_connector_tmp_storage:/home/file_connector_storage
+      - model_cache_torch:/root/.cache/torch/
+      - model_cache_nltk:/root/nltk_data/
+      - model_cache_huggingface:/root/.cache/huggingface/
+  background:
+    image: danswer/danswer-backend:latest
+    build:
+      context: ../../backend
+      dockerfile: Dockerfile
+    command: /usr/bin/supervisord
+    depends_on:
+      - relational_db
+      - document_index
+    restart: always
+    env_file:
+      - .env
+    environment:
+      - AUTH_TYPE=${AUTH_TYPE:-google_oauth}
+      - POSTGRES_HOST=relational_db
+      - VESPA_HOST=document_index
+    volumes:
+      - local_dynamic_storage:/home/storage
+      - file_connector_tmp_storage:/home/file_connector_storage
+      - model_cache_torch:/root/.cache/torch/
+      - model_cache_nltk:/root/nltk_data/
+      - model_cache_huggingface:/root/.cache/huggingface/
+  web_server:
+    image: danswer/danswer-web-server:latest
+    build:
+      context: ../../web
+      dockerfile: Dockerfile
+      args:
+        - NEXT_PUBLIC_DISABLE_STREAMING=${NEXT_PUBLIC_DISABLE_STREAMING:-false}
+    depends_on:
+      - api_server
+    restart: always
+    env_file:
+      - .env
+    environment:
+      - INTERNAL_URL=http://api_server:8080
+  relational_db:
+    image: postgres:15.2-alpine
+    restart: always
+    # POSTGRES_USER and POSTGRES_PASSWORD should be set in .env file
+    env_file:
+      - .env
+    volumes:
+      - db_volume:/var/lib/postgresql/data
+  document_index:
+    image: vespaengine/vespa:8
+    restart: always
+    ports:
+      - "19071:19071"
+      - "8081:8081"
+    volumes:
+      - vespa_volume:/opt/vespa/var
+  nginx:
+    image: nginx:1.23.4-alpine
+    restart: always
+    # nginx will immediately crash with `nginx: [emerg] host not found in upstream`
+    # if api_server / web_server are not up 
+    depends_on:
+      - api_server
+      - web_server
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ../data/nginx:/etc/nginx/conf.d
+      - ../data/sslcerts:/etc/nginx/sslcerts
+    command: > 
+      /bin/sh -c "envsubst '$$\{DOMAIN\} $$\{SSL_CERT_FILE_NAME\} $$\{SSL_CERT_KEY_FILE_NAME\}' < /etc/nginx/conf.d/app.conf.template.no-letsencrypt > /etc/nginx/conf.d/app.conf 
+      && while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\""
+    env_file:
+      - .env.nginx
+volumes:
+  local_dynamic_storage:
+  file_connector_tmp_storage:  # used to store files uploaded by the user temporarily while we are indexing them
+  db_volume:
+  vespa_volume:
+  model_cache_torch:
+  model_cache_nltk:
+  model_cache_huggingface:

deployment/docker_compose/env.nginx.template

@@ -1,3 +1,11 @@
 # DOMAIN is necessary for https setup, EMAIL is optional
 DOMAIN=
 EMAIL=
+
+# If using the `no-letsencrypt` setup, the below are required.
+# They specify the path within /danswer/deployment/data/sslcerts directory
+# where the certificate / certificate key can be found. You can either
+# name your certificate / certificate key files to follow the convention
+# below or adjust these to match your naming conventions.
+SSL_CERT_FILE_NAME=ssl.cert
+SSL_CERT_KEY_FILE_NAME=ssl.key