diff --git a/containers/open-webui/docker-compose.yml b/containers/open-webui/docker-compose.yml index b10c93a..f5d86ce 100644 --- a/containers/open-webui/docker-compose.yml +++ b/containers/open-webui/docker-compose.yml @@ -2,6 +2,7 @@ services: openwebui: image: ghcr.io/open-webui/open-webui:main container_name: open-webui + restart: unless-stopped ports: - "4080:8080" volumes: @@ -9,6 +10,7 @@ services: env_file: - .env environment: + WEBUI_URL: "https://${DOMAIN}" ENABLE_OPENAI_API: true OPENAI_API_BASE_URL: "http://litellm:4000" ENABLE_OLLAMA_API: false @@ -37,6 +39,7 @@ services: litellm: container_name: litellm image: ghcr.io/berriai/litellm:main-stable + restart: unless-stopped volumes: - ./litellm-config.yaml:/app/config.yaml command: @@ -65,7 +68,7 @@ services: db: image: postgres:16 - restart: always + restart: unless-stopped container_name: litellm_db environment: POSTGRES_DB: litellm diff --git a/hosts/default.nix b/hosts/default.nix index 060829d..a7f2328 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -234,17 +234,6 @@ in # specialArgs = { }; }; - open-webui = nixpkgs-unstable.lib.nixosSystem { - pkgs = pkgs-unstable "x86_64-linux"; - modules = [ - nodeBaseModules - proxmoxModule - ./open-webui/docker.nix - agenix.nixosModules.default - ]; - # specialArgs = { }; - }; - paperless = nixpkgs-unstable.lib.nixosSystem { pkgs = pkgs-unstable "x86_64-linux"; modules = [ diff --git a/hosts/deployments.nix b/hosts/deployments.nix index d0245cf..665d4a7 100644 --- a/hosts/deployments.nix +++ b/hosts/deployments.nix @@ -146,15 +146,6 @@ in ]; }; - open-webui.deployment = { - targetHost = hosts.open-webui; - tags = [ - "lxc" - "bacco" - "open-webui" - ]; - }; - paperless.deployment = { targetHost = hosts.paperless; tags = [ diff --git a/hosts/open-webui/default.nix b/hosts/open-webui/default.nix deleted file mode 100644 index 7c99e2f..0000000 --- a/hosts/open-webui/default.nix +++ /dev/null @@ -1,165 +0,0 @@ -{ config, pkgs, ... }: -let - litellmSettings = { - - general_settings = { - proxy_batch_write_at = 60; # Batch write spend updates every 60s - database_connection_pool_limit = 10; # Limit the number of database connections - disable_spend_logs = true; # Turn off writing each transaction to the DB - disable_error_logs = true; # Turn off writing LLM exceptions to DB - allow_requests_on_db_unavailable = true; # Allow requests if DB is unavailable - }; - - environment_variables = { - LITELLM_MODE = "Production"; - }; - - credential_list = [ - { - credential_name = "dp_azure_openai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_OPENAI"; - api_key = "os.environ/AZURE_API_KEY_OPENAI"; - }; - credential_info = { - description = "Azure OpenAI credentials for DP"; - }; - } - { - credential_name = "dp_azure_ai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_AI"; - api_key = "os.environ/AZURE_API_KEY_AI"; - }; - credential_info = { - description = "Azure AI credentials for DP"; - }; - } - ]; - - model_list = [ - { - model_name = "text-embedding-3-large"; - litellm_params = { - model = "azure/text-embedding-3-large"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "text-embedding-3-small"; - litellm_params = { - model = "azure/text-embedding-3-small"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "GPT-3.5 Turbo"; - litellm_params = { - model = "azure/gpt-35-turbo"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o"; - litellm_params = { - model = "azure/gpt-4o"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4.1"; - litellm_params = { - model = "azure/gpt-4.1"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4.1 Mini"; - litellm_params = { - model = "azure/gpt-4.1-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT o3 Mini"; - litellm_params = { - model = "azure/o3-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o Mini"; - litellm_params = { - model = "azure/gpt-4o-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "Dall-e 3"; - litellm_params = { - model = "azure/dall-e-3"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "image_generation"; - }; - } - { - model_name = "azure-openai-4o-audio"; - litellm_params = { - litellm_credential_name = "dp_azure_openai_credential"; - model = "azure/gpt-4o-audio-preview"; - }; - } - { - model_name = "DeepSeek-R1"; - litellm_params = { - litellm_credential_name = "dp_azure_ai_credential"; - model = "azure_ai/deepseek-r1"; - }; - } - ]; - }; -in -{ - - age.secrets = { - open-webui.file = ../../secrets/open-webui.age; - }; - - my = { - - services.open-webui = { - enable = true; - port = 4000; - environmentSecretsPath = config.age.secrets.open-webui.path; - environment = { - OAUTH_PROVIDER_NAME = "authentik"; - OPENID_PROVIDER_URL = "https://auth.pasetto.me/application/o/openwebui/.well-known/openid-configuration"; - OPENID_REDIRECT_URI = "https://ai.pasetto.me/oauth/oidc/callback"; - ENABLE_OAUTH_SIGNUP = "true"; - ENABLE_LOGIN_FORM = "false"; - }; - litellm = { - enable = true; - settings = litellmSettings; - }; - }; - - utils = { - commons.enable = true; - commons.gc.enable = true; - lxc-standard.enable = true; - }; - - virtualisation.proxmox.enable = true; - }; - - system.stateVersion = "24.11"; -} diff --git a/hosts/open-webui/docker.nix b/hosts/open-webui/docker.nix deleted file mode 100644 index cb4e87f..0000000 --- a/hosts/open-webui/docker.nix +++ /dev/null @@ -1,136 +0,0 @@ -{ config, pkgs, ... }: -let - litellmSettings = { - - general_settings = { - proxy_batch_write_at = 60; # Batch write spend updates every 60s - database_connection_pool_limit = 10; # Limit the number of database connections - disable_spend_logs = true; # Turn off writing each transaction to the DB - disable_error_logs = true; # Turn off writing LLM exceptions to DB - allow_requests_on_db_unavailable = true; # Allow requests if DB is unavailable - }; - - environment_variables = { - LITELLM_MODE = "Production"; - }; - - credential_list = [ - { - credential_name = "dp_azure_openai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_OPENAI"; - api_key = "os.environ/AZURE_API_KEY_OPENAI"; - }; - credential_info = { - description = "Azure OpenAI credentials for DP"; - }; - } - { - credential_name = "dp_azure_ai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_AI"; - api_key = "os.environ/AZURE_API_KEY_AI"; - }; - credential_info = { - description = "Azure AI credentials for DP"; - }; - } - ]; - - model_list = [ - { - model_name = "text-embedding-3-large"; - litellm_params = { - model = "azure/text-embedding-3-large"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "text-embedding-3-small"; - litellm_params = { - model = "azure/text-embedding-3-small"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "GPT-3.5 Turbo"; - litellm_params = { - model = "azure/gpt-35-turbo"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o"; - litellm_params = { - model = "azure/gpt-4o"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT o3 Mini"; - litellm_params = { - model = "azure/o3-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o Mini"; - litellm_params = { - model = "azure/gpt-4o-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "Dall-e 3"; - litellm_params = { - model = "azure/dall-e-3"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "image_generation"; - }; - } - { - model_name = "azure-openai-4o-audio"; - litellm_params = { - litellm_credential_name = "dp_azure_openai_credential"; - model = "azure/gpt-4o-audio-preview"; - }; - } - { - model_name = "DeepSeek-R1"; - litellm_params = { - litellm_credential_name = "dp_azure_ai_credential"; - model = "azure_ai/deepseek-r1"; - }; - } - ]; - }; -in -{ - - age.secrets = { - open-webui.file = ../../secrets/open-webui.age; - }; - - my = { - - virtualisation.docker.enable = true; - - utils = { - commons.enable = true; - commons.gc.enable = true; - lxc-standard.enable = true; - }; - - virtualisation.proxmox.enable = true; - }; - - system.stateVersion = "24.11"; -} diff --git a/hosts/open-webui/service.nix b/hosts/open-webui/service.nix deleted file mode 100644 index 045086d..0000000 --- a/hosts/open-webui/service.nix +++ /dev/null @@ -1,145 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - p = import ../parameters.nix; - litellm-port = 12345; -in -{ - - age.secrets = { - azure-ai.file = ../../secrets/azure-ai.age; - }; - - my = { - - utils = { - commons.enable = true; - commons.gc.enable = true; - lxc-standard.enable = true; - }; - - virtualisation.proxmox.enable = true; - }; - - services.litellm = { - enable = true; - environmentFile = config.age.secrets.azure-ai.path; - host = "0.0.0.0"; - openFirewall = true; - port = litellm-port; - settings = { - - general_settings = { - proxy_batch_write_at = 60; # Batch write spend updates every 60s - }; - - environment_variables = { - LITELLM_MODE = "Production"; - }; - - credential_list = [ - { - credential_name = "dp_azure_openai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_OPENAI"; - api_key = "os.environ/AZURE_API_KEY_OPENAI"; - }; - credential_info = { - description = "Azure OpenAI credentials for DP"; - }; - } - { - credential_name = "dp_azure_ai_credential"; - credential_values = { - api_base = "os.environ/AZURE_API_BASE_AI"; - api_key = "os.environ/AZURE_API_KEY_AI"; - }; - credential_info = { - description = "Azure AI credentials for DP"; - }; - } - ]; - - model_list = [ - { - model_name = "text-embedding-3-large"; - litellm_params = { - model = "azure/text-embedding-3-large"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "text-embedding-3-small"; - litellm_params = { - model = "azure/text-embedding-3-small"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "embedding"; - }; - } - { - model_name = "GPT-3.5 Turbo"; - litellm_params = { - model = "azure/gpt-35-turbo"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o"; - litellm_params = { - model = "azure/gpt-4o"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT o3 Mini"; - litellm_params = { - model = "azure/o3-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "GPT-4o Mini"; - litellm_params = { - model = "azure/gpt-4o-mini"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - } - { - model_name = "Dall-e 3"; - litellm_params = { - model = "azure/dall-e-3"; - litellm_credential_name = "dp_azure_openai_credential"; - }; - model_info = { - mode = "image_generation"; - }; - } - { - model_name = "azure-openai-4o-audio"; - litellm_params = { - litellm_credential_name = "dp_azure_openai_credential"; - model = "azure/gpt-4o-audio-preview"; - }; - } - { - model_name = "DeepSeek-R1"; - litellm_params = { - litellm_credential_name = "dp_azure_ai_credential"; - model = "azure_ai/deepseek-r1"; - }; - } - ]; - }; - }; - - system.stateVersion = "24.11"; -} diff --git a/hosts/parameters.nix b/hosts/parameters.nix index 3ed50bc..e08f4e8 100644 --- a/hosts/parameters.nix +++ b/hosts/parameters.nix @@ -18,7 +18,6 @@ librechat = "librechat.internal"; immich = "immich.internal"; firefly-iii = "firefly-iii.internal"; - open-webui = "open-webui.home"; paperless = "paperless.internal"; zigbee2mqtt = "zigbee2mqtt.home"; }; diff --git a/modules/services/open-webui.nix b/modules/services/open-webui.nix deleted file mode 100644 index 4aa460d..0000000 --- a/modules/services/open-webui.nix +++ /dev/null @@ -1,203 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: -let - cfg = config.my.services.open-webui; - dbPort = 5432; - settingsFormat = pkgs.formats.yaml { }; - inherit (lib) types; -in -{ - - options.my.services.open-webui = { - - enable = lib.mkEnableOption "Enable Open Webui, alternative OpenAI frontend module"; - - port = lib.mkOption { - type = lib.types.int; - default = 8080; - description = '' - The port on which the Open Webui service will listen. - ''; - }; - - environmentSecretsPath = lib.mkOption { - type = lib.types.path; - default = ""; - description = '' - Path to the environment file containing secrets. - ''; - }; - - environment = lib.mkOption { - type = lib.types.attrsOf lib.types.str; - default = { }; - description = "Environment variables to set for Open Webui"; - }; - - litellm = { - - enable = lib.mkEnableOption "Enable LiteLLM OpenAI proxy module"; - - port = lib.mkOption { - type = lib.types.int; - default = 12345; - description = '' - The port on which the LiteLLM service will listen. - ''; - }; - - settings = lib.mkOption { - type = types.submodule { - freeformType = settingsFormat.type; - options = { - model_list = lib.mkOption { - type = settingsFormat.type; - description = '' - List of supported models on the server, with model-specific configs. - ''; - default = [ ]; - }; - router_settings = lib.mkOption { - type = settingsFormat.type; - description = '' - LiteLLM Router settings - ''; - default = { }; - }; - - litellm_settings = lib.mkOption { - type = settingsFormat.type; - description = '' - LiteLLM Module settings - ''; - default = { }; - }; - - general_settings = lib.mkOption { - type = settingsFormat.type; - description = '' - LiteLLM Server settings - ''; - default = { }; - }; - - environment_variables = lib.mkOption { - type = settingsFormat.type; - description = '' - Environment variables to pass to the Lite - ''; - default = { }; - }; - }; - }; - default = { }; - description = '' - Configuration for LiteLLM. - See for more. - ''; - }; - }; - - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.enable { - # Enable Podman as the container runtime - virtualisation.podman = { - enable = true; - autoPrune = { - enable = true; - flags = [ "--all" ]; - }; - }; - - virtualisation.oci-containers = { - backend = "podman"; - containers = { - open-webui = { - image = "ghcr.io/open-webui/open-webui:main"; - ports = [ - "${toString cfg.port}:8080" - ]; - environmentFiles = [ cfg.environmentSecretsPath ]; - environment = - cfg.environment - // { - ENABLE_OPENAI_API = "true"; - ENABLE_OLLAMA_API = "false"; - ENABLE_WEB_SEARCH = "true"; - WEB_SEARCH_ENGINE = "searxng"; - SEARXNG_QUERY_URL = "https://search.pasetto.me/search?q="; - } - // (lib.optionalAttrs cfg.litellm.enable { - OPENAI_API_BASE_URL = "http://host.containers.internal:${toString cfg.litellm.port}"; - }); - volumes = [ "open-webui:/app/backend/data" ]; - labels = { - "io.containers.autoupdate" = "registry"; - }; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ cfg.port ]; - - }) - - (lib.mkIf cfg.litellm.enable { - - virtualisation.oci-containers.containers = { - - litellm = - let - litellmSettings = cfg.litellm.settings; - configFile = settingsFormat.generate "config.yaml" litellmSettings; - in - { - image = "ghcr.io/berriai/litellm:main-stable"; - volumes = [ "${configFile}:/app/config.yaml" ]; - cmd = [ "--config=/app/config.yaml" ]; - ports = [ "${toString cfg.litellm.port}:4000" ]; - environmentFiles = [ cfg.environmentSecretsPath ]; - environment = { - DATABASE_URL = "postgresql://llmproxy:llmproxypwd@host.containers.internal:5432/litellm"; - STORE_MODEL_IN_DB = "True"; - USE_PRISMA_MIGRATE = "True"; - }; - labels = { - "io.containers.autoupdate" = "registry"; - }; - }; - - litellm_db = { - image = "docker.io/library/postgres:16"; - hostname = "db"; - ports = [ "5432:5432" ]; - environment = { - POSTGRES_DB = "litellm"; - POSTGRES_USER = "llmproxy"; - POSTGRES_PASSWORD = "llmproxypwd"; - }; - volumes = [ "litellm_postgres_data:/var/lib/postgresql/data" ]; - labels = { - "io.containers.autoupdate" = "registry"; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ - cfg.litellm.port - dbPort - ]; - - systemd.services."podman-litellm".after = [ "podman-litellm_db.service" ]; - systemd.services."podman-litellm".requires = [ "podman-litellm_db.service" ]; - - }) - - ]; -} diff --git a/secrets.nix b/secrets.nix index 97bc7c1..f68b1bf 100644 --- a/secrets.nix +++ b/secrets.nix @@ -30,7 +30,6 @@ let shadowsocks-password = [ machines.shadowsocks ]; firefly-iii-app-key = [ machines.firefly-iii ]; firefly-iii-mailgun-key = [ machines.firefly-iii ]; - open-webui = [ machines.open-webui ]; paperless-admin = [ machines.paperless ]; paperless-oauth2-client-secret = [ machines.paperless ]; zigbee2mqtt-password = [ machines.zigbee2mqtt ]; diff --git a/secrets/open-webui.age b/secrets/open-webui.age deleted file mode 100644 index 29d8f98..0000000 Binary files a/secrets/open-webui.age and /dev/null differ diff --git a/ssh-keys.nix b/ssh-keys.nix index c010d81..9a73d28 100644 --- a/ssh-keys.nix +++ b/ssh-keys.nix @@ -21,7 +21,6 @@ rec { dns02 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+HIq6/ebjiv71xDozdOTn5AdnXgr1fGqIzXnH7Not+"; shadowsocks = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQ4qYaS5ccciH7BNyrF5+J3d4JtHJNr1R256/ulEtxl"; firefly-iii = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYkXjRqmuTMg56EmAx8s1M/VQojM7akF/ao+jJLYgFB"; - open-webui = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOkm9z19sFGEs7aexOfnvyxEgehydSbeLjrYo0srFKV"; paperless = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRNgDyk3TuMooG4ZCv7SOgXh0ql1/1hhhng7uSnsLeK"; zigbee2mqtt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN0z+RxfAIARVMFgtF9olJrL5lt95IoC0Mtzg0MKd3g"; };