pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Removed open-webui. Better with docker

Browse source
This commit is contained in:
pazpi 2025-08-22 18:11:57 +02:00
parent deb99c4598
commit 00574c51b3
11 changed files with 4 additions and 673 deletions
Download patch file Download diff file Expand all files Collapse all files

5
containers/open-webui/docker-compose.yml
View file

@ -2,6 +2,7 @@ services:
openwebui:
image: ghcr.io/open-webui/open-webui:main
container_name: open-webui
restart: unless-stopped
ports:
- "4080:8080"
volumes:
@ -9,6 +10,7 @@ services:
env_file:
- .env
environment:
WEBUI_URL: "https://${DOMAIN}"
ENABLE_OPENAI_API: true
OPENAI_API_BASE_URL: "http://litellm:4000"
ENABLE_OLLAMA_API: false
@ -37,6 +39,7 @@ services:
litellm:
container_name: litellm
image: ghcr.io/berriai/litellm:main-stable
restart: unless-stopped
volumes:
- ./litellm-config.yaml:/app/config.yaml
command:
@ -65,7 +68,7 @@ services:
db:
image: postgres:16
restart: always
restart: unless-stopped
container_name: litellm_db
environment:
POSTGRES_DB: litellm

11
hosts/default.nix
View file

@ -234,17 +234,6 @@ in
# specialArgs = { };
};
open-webui = nixpkgs-unstable.lib.nixosSystem {
pkgs = pkgs-unstable "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./open-webui/docker.nix
agenix.nixosModules.default
];
# specialArgs = { };
};
paperless = nixpkgs-unstable.lib.nixosSystem {
pkgs = pkgs-unstable "x86_64-linux";
modules = [

9
hosts/deployments.nix
View file

@ -146,15 +146,6 @@ in
];
};
open-webui.deployment = {
targetHost = hosts.open-webui;
tags = [
"lxc"
"bacco"
"open-webui"
];
};
paperless.deployment = {
targetHost = hosts.paperless;
tags = [

165
hosts/open-webui/default.nix
View file

@ -1,165 +0,0 @@
{ config, pkgs, ... }:
let
litellmSettings = {
general_settings = {
proxy_batch_write_at = 60; # Batch write spend updates every 60s
database_connection_pool_limit = 10; # Limit the number of database connections
disable_spend_logs = true; # Turn off writing each transaction to the DB
disable_error_logs = true; # Turn off writing LLM exceptions to DB
allow_requests_on_db_unavailable = true; # Allow requests if DB is unavailable
};
environment_variables = {
LITELLM_MODE = "Production";
};
credential_list = [
{
credential_name = "dp_azure_openai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_OPENAI";
api_key = "os.environ/AZURE_API_KEY_OPENAI";
};
credential_info = {
description = "Azure OpenAI credentials for DP";
};
}
{
credential_name = "dp_azure_ai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_AI";
api_key = "os.environ/AZURE_API_KEY_AI";
};
credential_info = {
description = "Azure AI credentials for DP";
};
}
];
model_list = [
{
model_name = "text-embedding-3-large";
litellm_params = {
model = "azure/text-embedding-3-large";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "text-embedding-3-small";
litellm_params = {
model = "azure/text-embedding-3-small";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "GPT-3.5 Turbo";
litellm_params = {
model = "azure/gpt-35-turbo";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o";
litellm_params = {
model = "azure/gpt-4o";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4.1";
litellm_params = {
model = "azure/gpt-4.1";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4.1 Mini";
litellm_params = {
model = "azure/gpt-4.1-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT o3 Mini";
litellm_params = {
model = "azure/o3-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o Mini";
litellm_params = {
model = "azure/gpt-4o-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "Dall-e 3";
litellm_params = {
model = "azure/dall-e-3";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "image_generation";
};
}
{
model_name = "azure-openai-4o-audio";
litellm_params = {
litellm_credential_name = "dp_azure_openai_credential";
model = "azure/gpt-4o-audio-preview";
};
}
{
model_name = "DeepSeek-R1";
litellm_params = {
litellm_credential_name = "dp_azure_ai_credential";
model = "azure_ai/deepseek-r1";
};
}
];
};
in
{
age.secrets = {
open-webui.file = ../../secrets/open-webui.age;
};
my = {
services.open-webui = {
enable = true;
port = 4000;
environmentSecretsPath = config.age.secrets.open-webui.path;
environment = {
OAUTH_PROVIDER_NAME = "authentik";
OPENID_PROVIDER_URL = "https://auth.pasetto.me/application/o/openwebui/.well-known/openid-configuration";
OPENID_REDIRECT_URI = "https://ai.pasetto.me/oauth/oidc/callback";
ENABLE_OAUTH_SIGNUP = "true";
ENABLE_LOGIN_FORM = "false";
};
litellm = {
enable = true;
settings = litellmSettings;
};
};
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
system.stateVersion = "24.11";
}

136
hosts/open-webui/docker.nix
View file

@ -1,136 +0,0 @@
{ config, pkgs, ... }:
let
litellmSettings = {
general_settings = {
proxy_batch_write_at = 60; # Batch write spend updates every 60s
database_connection_pool_limit = 10; # Limit the number of database connections
disable_spend_logs = true; # Turn off writing each transaction to the DB
disable_error_logs = true; # Turn off writing LLM exceptions to DB
allow_requests_on_db_unavailable = true; # Allow requests if DB is unavailable
};
environment_variables = {
LITELLM_MODE = "Production";
};
credential_list = [
{
credential_name = "dp_azure_openai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_OPENAI";
api_key = "os.environ/AZURE_API_KEY_OPENAI";
};
credential_info = {
description = "Azure OpenAI credentials for DP";
};
}
{
credential_name = "dp_azure_ai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_AI";
api_key = "os.environ/AZURE_API_KEY_AI";
};
credential_info = {
description = "Azure AI credentials for DP";
};
}
];
model_list = [
{
model_name = "text-embedding-3-large";
litellm_params = {
model = "azure/text-embedding-3-large";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "text-embedding-3-small";
litellm_params = {
model = "azure/text-embedding-3-small";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "GPT-3.5 Turbo";
litellm_params = {
model = "azure/gpt-35-turbo";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o";
litellm_params = {
model = "azure/gpt-4o";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT o3 Mini";
litellm_params = {
model = "azure/o3-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o Mini";
litellm_params = {
model = "azure/gpt-4o-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "Dall-e 3";
litellm_params = {
model = "azure/dall-e-3";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "image_generation";
};
}
{
model_name = "azure-openai-4o-audio";
litellm_params = {
litellm_credential_name = "dp_azure_openai_credential";
model = "azure/gpt-4o-audio-preview";
};
}
{
model_name = "DeepSeek-R1";
litellm_params = {
litellm_credential_name = "dp_azure_ai_credential";
model = "azure_ai/deepseek-r1";
};
}
];
};
in
{
age.secrets = {
open-webui.file = ../../secrets/open-webui.age;
};
my = {
virtualisation.docker.enable = true;
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
system.stateVersion = "24.11";
}

145
hosts/open-webui/service.nix
View file

@ -1,145 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
p = import ../parameters.nix;
litellm-port = 12345;
in
{
age.secrets = {
azure-ai.file = ../../secrets/azure-ai.age;
};
my = {
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
services.litellm = {
enable = true;
environmentFile = config.age.secrets.azure-ai.path;
host = "0.0.0.0";
openFirewall = true;
port = litellm-port;
settings = {
general_settings = {
proxy_batch_write_at = 60; # Batch write spend updates every 60s
};
environment_variables = {
LITELLM_MODE = "Production";
};
credential_list = [
{
credential_name = "dp_azure_openai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_OPENAI";
api_key = "os.environ/AZURE_API_KEY_OPENAI";
};
credential_info = {
description = "Azure OpenAI credentials for DP";
};
}
{
credential_name = "dp_azure_ai_credential";
credential_values = {
api_base = "os.environ/AZURE_API_BASE_AI";
api_key = "os.environ/AZURE_API_KEY_AI";
};
credential_info = {
description = "Azure AI credentials for DP";
};
}
];
model_list = [
{
model_name = "text-embedding-3-large";
litellm_params = {
model = "azure/text-embedding-3-large";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "text-embedding-3-small";
litellm_params = {
model = "azure/text-embedding-3-small";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "embedding";
};
}
{
model_name = "GPT-3.5 Turbo";
litellm_params = {
model = "azure/gpt-35-turbo";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o";
litellm_params = {
model = "azure/gpt-4o";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT o3 Mini";
litellm_params = {
model = "azure/o3-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "GPT-4o Mini";
litellm_params = {
model = "azure/gpt-4o-mini";
litellm_credential_name = "dp_azure_openai_credential";
};
}
{
model_name = "Dall-e 3";
litellm_params = {
model = "azure/dall-e-3";
litellm_credential_name = "dp_azure_openai_credential";
};
model_info = {
mode = "image_generation";
};
}
{
model_name = "azure-openai-4o-audio";
litellm_params = {
litellm_credential_name = "dp_azure_openai_credential";
model = "azure/gpt-4o-audio-preview";
};
}
{
model_name = "DeepSeek-R1";
litellm_params = {
litellm_credential_name = "dp_azure_ai_credential";
model = "azure_ai/deepseek-r1";
};
}
];
};
};
system.stateVersion = "24.11";
}

1
hosts/parameters.nix
View file

@ -18,7 +18,6 @@
librechat = "librechat.internal";
immich = "immich.internal";
firefly-iii = "firefly-iii.internal";
open-webui = "open-webui.home";
paperless = "paperless.internal";
zigbee2mqtt = "zigbee2mqtt.home";
};

203
modules/services/open-webui.nix
View file

@ -1,203 +0,0 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.my.services.open-webui;
dbPort = 5432;
settingsFormat = pkgs.formats.yaml { };
inherit (lib) types;
in
{
options.my.services.open-webui = {
enable = lib.mkEnableOption "Enable Open Webui, alternative OpenAI frontend module";
port = lib.mkOption {
type = lib.types.int;
default = 8080;
description = ''
The port on which the Open Webui service will listen.
'';
};
environmentSecretsPath = lib.mkOption {
type = lib.types.path;
default = "";
description = ''
Path to the environment file containing secrets.
'';
};
environment = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
description = "Environment variables to set for Open Webui";
};
litellm = {
enable = lib.mkEnableOption "Enable LiteLLM OpenAI proxy module";
port = lib.mkOption {
type = lib.types.int;
default = 12345;
description = ''
The port on which the LiteLLM service will listen.
'';
};
settings = lib.mkOption {
type = types.submodule {
freeformType = settingsFormat.type;
options = {
model_list = lib.mkOption {
type = settingsFormat.type;
description = ''
List of supported models on the server, with model-specific configs.
'';
default = [ ];
};
router_settings = lib.mkOption {
type = settingsFormat.type;
description = ''
LiteLLM Router settings
'';
default = { };
};
litellm_settings = lib.mkOption {
type = settingsFormat.type;
description = ''
LiteLLM Module settings
'';
default = { };
};
general_settings = lib.mkOption {
type = settingsFormat.type;
description = ''
LiteLLM Server settings
'';
default = { };
};
environment_variables = lib.mkOption {
type = settingsFormat.type;
description = ''
Environment variables to pass to the Lite
'';
default = { };
};
};
};
default = { };
description = ''
Configuration for LiteLLM.
See <https://docs.litellm.ai/docs/proxy/configs> for more.
'';
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
# Enable Podman as the container runtime
virtualisation.podman = {
enable = true;
autoPrune = {
enable = true;
flags = [ "--all" ];
};
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
open-webui = {
image = "ghcr.io/open-webui/open-webui:main";
ports = [
"${toString cfg.port}:8080"
];
environmentFiles = [ cfg.environmentSecretsPath ];
environment =
cfg.environment
// {
ENABLE_OPENAI_API = "true";
ENABLE_OLLAMA_API = "false";
ENABLE_WEB_SEARCH = "true";
WEB_SEARCH_ENGINE = "searxng";
SEARXNG_QUERY_URL = "https://search.pasetto.me/search?q=<query>";
}
// (lib.optionalAttrs cfg.litellm.enable {
OPENAI_API_BASE_URL = "http://host.containers.internal:${toString cfg.litellm.port}";
});
volumes = [ "open-webui:/app/backend/data" ];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
};
networking.firewall.allowedTCPPorts = [ cfg.port ];
})
(lib.mkIf cfg.litellm.enable {
virtualisation.oci-containers.containers = {
litellm =
let
litellmSettings = cfg.litellm.settings;
configFile = settingsFormat.generate "config.yaml" litellmSettings;
in
{
image = "ghcr.io/berriai/litellm:main-stable";
volumes = [ "${configFile}:/app/config.yaml" ];
cmd = [ "--config=/app/config.yaml" ];
ports = [ "${toString cfg.litellm.port}:4000" ];
environmentFiles = [ cfg.environmentSecretsPath ];
environment = {
DATABASE_URL = "postgresql://llmproxy:llmproxypwd@host.containers.internal:5432/litellm";
STORE_MODEL_IN_DB = "True";
USE_PRISMA_MIGRATE = "True";
};
labels = {
"io.containers.autoupdate" = "registry";
};
};
litellm_db = {
image = "docker.io/library/postgres:16";
hostname = "db";
ports = [ "5432:5432" ];
environment = {
POSTGRES_DB = "litellm";
POSTGRES_USER = "llmproxy";
POSTGRES_PASSWORD = "llmproxypwd";
};
volumes = [ "litellm_postgres_data:/var/lib/postgresql/data" ];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
networking.firewall.allowedTCPPorts = [
cfg.litellm.port
dbPort
];
systemd.services."podman-litellm".after = [ "podman-litellm_db.service" ];
systemd.services."podman-litellm".requires = [ "podman-litellm_db.service" ];
})
];
}

1
secrets.nix
View file

@ -30,7 +30,6 @@ let
shadowsocks-password = [ machines.shadowsocks ];
firefly-iii-app-key = [ machines.firefly-iii ];
firefly-iii-mailgun-key = [ machines.firefly-iii ];
open-webui = [ machines.open-webui ];
paperless-admin = [ machines.paperless ];
paperless-oauth2-client-secret = [ machines.paperless ];
zigbee2mqtt-password = [ machines.zigbee2mqtt ];

BIN
secrets/open-webui.age
View file

Binary file not shown.

1
ssh-keys.nix
View file

@ -21,7 +21,6 @@ rec {
dns02 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ+HIq6/ebjiv71xDozdOTn5AdnXgr1fGqIzXnH7Not+";
shadowsocks = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINQ4qYaS5ccciH7BNyrF5+J3d4JtHJNr1R256/ulEtxl";
firefly-iii = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYkXjRqmuTMg56EmAx8s1M/VQojM7akF/ao+jJLYgFB";
open-webui = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOkm9z19sFGEs7aexOfnvyxEgehydSbeLjrYo0srFKV";
paperless = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRNgDyk3TuMooG4ZCv7SOgXh0ql1/1hhhng7uSnsLeK";
zigbee2mqtt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN0z+RxfAIARVMFgtF9olJrL5lt95IoC0Mtzg0MKd3g";
};