services: ollama: image: ollama/ollama:latest container_name: ollama restart: unless-stopped volumes: - ollama_data:/root/.ollama networks: - iieasy-ai deploy: resources: reservations: devices: - driver: nvidia count: all capabilities: [gpu] environment: - NVIDIA_VISIBLE_DEVICES=${NVIDIA_VISIBLE_DEVICES:-all} healthcheck: test: ["CMD", "ollama", "list"] interval: 30s timeout: 10s retries: 3 qdrant: image: qdrant/qdrant:latest container_name: qdrant restart: unless-stopped volumes: - qdrant_data:/qdrant/storage ports: - "6333:6333" # gRPC API - "6334:6334" # HTTP API (только внутри сети) networks: - iieasy-ai environment: - QDRANT_API_KEY=${QDRANT_API_KEY} healthcheck: test: ["CMD-SHELL", "timeout 1 bash -c '&format=json - ENABLE_WEB_SEARCH=true - WEB_SEARCH_RESULT_COUNT=5 - WEB_SEARCH_TRUST_ENV=true - WEB_SEARCH_CONCURRENT_REQUESTS=1 - USER_AGENT=Open-WebUI-RAG-Bot # Ollama API для работы с изображениями - OLLAMA_BASE_URL=http://ollama:11434 # Authentik OIDC SSO - OAUTH_CLIENT_ID=${OAUTH_CLIENT_ID} - OAUTH_CLIENT_SECRET=${OAUTH_CLIENT_SECRET} - OAUTH_PROVIDER_NAME=iiEasy ID # Правильный формат для Authentik: полный URL до .well-known/openid-configuration - OPENID_PROVIDER_URL=${OPENID_CONNECT_ISSUER}.well-known/openid-configuration - OPENID_REDIRECT_URI=${DOMAIN_OPENWEBUI}/oauth/oidc/callback - ENABLE_OAUTH_SIGNUP=true - ENABLE_LOGIN_FORM=true # Форма входа включена как fallback, если OAuth не работает # Можно отключить после полной настройки OAuth: ENABLE_LOGIN_FORM=false - OAUTH_MERGE_ACCOUNTS_BY_EMAIL=true # Bitwarden CLI интеграция (подготовка) - BW_CLIENTID=${BW_CLIENTID} - BW_CLIENTSECRET=${BW_CLIENTSECRET} # Отключение проверки обновлений и аналитики - ENABLE_PERSISTENT_CONFIG=true healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/health"] interval: 30s timeout: 10s retries: 3 volumes: ollama_data: driver: local qdrant_data: driver: local searxng_cache: driver: local openwebui_data: driver: local networks: iieasy-ai: driver: bridge