Merge branch 'main' of https://github.com/lobehub/lobe-chat

CHANGELOG.md

@@ -2,6 +2,56 @@
 
 # Changelog
 
+### [Version 1.12.4](https://github.com/lobehub/lobe-chat/compare/v1.12.3...v1.12.4)
+
+<sup>Released on **2024-08-22**</sup>
+
+#### 💄 Styles
+
+- **misc**: Fix link style.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### Styles
+
+- **misc**: Fix link style, closes [#3552](https://github.com/lobehub/lobe-chat/issues/3552) ([aa936c8](https://github.com/lobehub/lobe-chat/commit/aa936c8))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
+### [Version 1.12.3](https://github.com/lobehub/lobe-chat/compare/v1.12.2...v1.12.3)
+
+<sup>Released on **2024-08-22**</sup>
+
+#### 💄 Styles
+
+- **misc**: Hide settings in repo.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### Styles
+
+- **misc**: Hide settings in repo, closes [#3540](https://github.com/lobehub/lobe-chat/issues/3540) ([86c1165](https://github.com/lobehub/lobe-chat/commit/86c1165))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ### [Version 1.12.2](https://github.com/lobehub/lobe-chat/compare/v1.12.1...v1.12.2)
 
 <sup>Released on **2024-08-22**</sup>

docs/self-hosting/advanced/auth.mdx

@@ -1,27 +1,24 @@
 ---
-title: LobeChat Authorization Service
-description: >-
-  Learn about LobeChat's support for configuring external identity verification
-  services for centralized user authorization within enterprises/organizations.
-  Explore supported services like Auth0, Microsoft Entra ID, Authentik, Github,
-  and ZITADEL.
+title: LobeChat Authentication Service Configuration
+description: Learn how to configure external authentication services using Clerk or Next Auth for centralized user authorization management. Supported authentication services include Auth0, Azure ID, etc.
 tags:
-  - SSO Providers
+  - Authentication Service
   - Next Auth
+  - SSO
   - Clerk
 ---
 
-# LobeChat Authorization
+# Authentication Service
 
-LobeChat supports the configuration of external identity verification services for internal use within enterprises/organizations to centrally manage user authorization.
+LobeChat supports the configuration of external authentication services using Clerk or Next Auth for internal use within enterprises/organizations to centrally manage user authorization.
 
 ## Clerk
 
 Clerk is a comprehensive identity verification solution that has recently gained popularity. It provides a simple yet powerful API and services to handle user authentication and session management. Clerk's design philosophy is to offer a concise and modern authentication solution that enables developers to easily integrate and use it.
 
 LobeChat has deeply integrated with Clerk to provide users with a more secure and convenient login and registration experience. It also relieves developers from the burden of managing authentication logic. Clerk's concise and modern design philosophy aligns perfectly with LobeChat's goals, making user management on the entire platform more efficient and reliable.
 
-By setting the environment variables NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY and CLERK_SECRET_KEY in LobeChat's environment, you can enable and use Clerk.
+By setting the environment variables `NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY` and `CLERK_SECRET_KEY` in LobeChat's environment, you can enable and use Clerk.
 
 ## Next Auth
 
@@ -45,6 +42,7 @@ Currently supported identity verification services include:
   <Card href={'/docs/self-hosting/advanced/sso-providers/github'} title={'Github'} />
   <Card href={'/docs/self-hosting/advanced/sso-providers/zitadel'} title={'ZITADEL'} />
 </Cards>
+
 Click on the links to view the corresponding platform's configuration documentation.
 
 ## Advanced Configuration

docs/self-hosting/advanced/s3.mdx

@@ -18,6 +18,45 @@ The best practice in this area is to use a file storage service (S3) to store im
 In this documentation, S3 refers to a compatible S3 storage solution, which supports the Amazon S3 API for object storage systems. Common examples include Cloudflare R2, Alibaba Cloud OSS, and self-deployable Minio, all of which support the S3 compatible API.
 </Callout>
 
+## Core Environment Variables
+
+<Steps>
+  ### `S3_ACCESS_KEY_ID` and `S3_SECRET_ACCESS_KEY`
+
+  These are the two keys required by all S3 compatible storage services to access the S3 storage service, not detailed here.
+
+  ### `S3_ENDPOINT`
+
+  The request endpoint of the storage bucket. Note that this link should not contain the name of the storage bucket.
+
+  <Callout type={'warning'}>`S3_ENDPOINT` must remove the suffix path, otherwise the uploaded files will not be accessible</Callout>
+
+  For example, for Cloudflare:
+
+  ```shell
+  S3_ENDPOINT=https://0b33a03b5c993fd2f453379dc36558e5.r2.cloudflarestorage.com
+  ```
+
+  ### `S3_BUCKET` and `S3_REGION`
+
+  The name and region of the storage bucket. `S3_BUCKET` is required to specify the name of the storage bucket. `S3_REGION` is optional and is used to specify the region of the storage bucket. Generally, it does not need to be added, but some service providers may require configuration.
+
+  ### `S3_SET_ACL`
+
+  Whether to set the ACL to `public-read` when uploading files. This option is enabled by default. If the service provider does not support setting individual ACLs for files (i.e., all files inherit the ACL of the storage bucket), enabling this option may cause request errors. Set `S3_SET_ACL` to `0` to disable it.
+
+  ### `NEXT_PUBLIC_S3_DOMAIN`
+
+  The public access domain of the storage bucket, used to access files in the storage bucket. This address needs to be **publicly readable**. The reason is that when OpenAI's gpt-4o and other vision models recognize images, OpenAI will try to download this image link on their servers. Therefore, this link must be publicly accessible. If it is a private link, OpenAI will not be able to access the image and thus will not be able to recognize the image content properly.
+
+  <Callout type={'warning'}>
+    Additionally, since this access domain is often a separate URL, it needs to be configured to allow cross-origin access to the site. Otherwise, cross-origin issues will occur in the browser.
+  </Callout>
+
+</Steps>
+
+## S3 Configuration Guide
+
 Currently, the S3 configuration tutorials included in the documentation are:
 
 <Cards>

docs/self-hosting/server-database.mdx

@@ -36,7 +36,9 @@ Before deployment, make sure you have a Postgres database instance ready. You ca
 - `A.` Use Serverless Postgres instances like Vercel/Neon;
 - `B.` Use self-deployed Postgres instances like Docker/Railway/Zeabur, collectively referred to as Node Postgres instances;
 
-There is a slight difference in the way they are configured in terms of environment variables.
+<Callout>There is a slight difference in the way they are configured in terms of environment variables.</Callout>
+
+Since we support file-based conversations/knowledge base conversations, we need to install the `pgvector` plugin for Postgres. This plugin provides vector search capabilities and is a key component for LobeChat to implement RAG.
 
 <Steps>
 ### `NEXT_PUBLIC_SERVICE_MODE`
@@ -49,6 +51,12 @@ For server-side database deployment scenarios, you need to set `NEXT_PUBLIC_SERV
 In the official `lobe-chat-database` Docker image, this environment variable is already set to `server` by default. Therefore, if you deploy using the Docker image, you do not need to configure this environment variable again.
 </Callout>
 
+<Callout type={'tip'}>
+Since environment variables starting with `NEXT_PUBLIC` take effect in the front-end code, they cannot be modified through container runtime injection. (Refer to the `next.js` documentation [Configuring: Environment Variables | Next.js (nextjs.org)](https://nextjs.org/docs/pages/building-your-application/configuring/environment-variables)). This is why we chose to create a separate DB version image.
+
+If you need to modify variables with the `NEXT_PUBLIC` prefix in a Docker deployment, you must build the image yourself and inject your own `NEXT_PUBLIC` prefixed environment variables during the build.
+</Callout>
+
 ### `DATABASE_URL`
 
 The core of configuring the database is to add the `DATABASE_URL` environment variable and fill in the Postgres database connection URL you have prepared. The typical format of the database connection URL is `postgres://username:password@host:port/database`.
@@ -87,7 +95,7 @@ In the server-side database mode, we need an authentication service to distingui
 
 ### Clerk
 
-[Clerk](https://clerk.com?utm_source=lobehub\&utm_medium=docs) is an authentication SaaS service that provides out-of-the-box authentication capabilities with high productization, low integration costs, and a great user experience. For those who offer SaaS products, Clerk is a good choice. Our official [LobeChat Cloud](https://lobechat.com) uses Clerk as the authentication service.
+[Clerk](https://clerk.com?utm_source=lobehub&utm_medium=docs) is an authentication SaaS service that provides out-of-the-box authentication capabilities with high productization, low integration costs, and a great user experience. For those who offer SaaS products, Clerk is a good choice. Our official [LobeChat Cloud](https://lobechat.com) uses Clerk as the authentication service.
 
 The integration of Clerk is relatively simple, requiring only the configuration of the `NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY`, `CLERK_SECRET_KEY`, and `CLERK_WEBHOOK_SECRET` environment variables, which can be obtained from the Clerk console.
 
@@ -123,45 +131,10 @@ The best practice in this area is to use a file storage service (S3) to store im
 In this documentation, S3 refers to a compatible S3 storage solution, which supports the Amazon S3 API-compatible object storage system. Common examples include Cloudflare R2, Alibaba Cloud OSS, and self-deployable Minio, all of which support the S3-compatible API.
 </Callout>
 
-<Steps>
-### `S3_ACCESS_KEY_ID` and `S3_SECRET_ACCESS_KEY`
-
-These are the two keys required by all S3-compatible storage services to access the S3 storage service, without going into detail.
-
-### `S3_ENDPOINT`
-
-The request endpoint of the bucket, note that the link here should not include the bucket's name.
-
-<Callout type={'warning'}>`S3_ENDPOINT` must remove the suffix path, otherwise the uploaded files will not be accessible.</Callout>
-
-For example, for Cloudflare:
-
-```shell
-S3_ENDPOINT=https://0b33a03b5c993fd2f453379dc36558e5.r2.cloudflarestorage.com
-```
-
-### `S3_BUCKET` and `S3_REGION`
-
-The name and region of the bucket. `S3_BUCKET` is mandatory for specifying the bucket's name. `S3_REGION` is optional for specifying the bucket's region, generally not required to add, but some service providers may need to configure it.
-
-### `S3_SET_ACL`
-Whether to set the ACL to `public-read` when uploading files. This option is enabled by default. If the service provider does not support setting individual ACLs for files (i.e., all files inherit the bucket's ACL), enabling this option may result in a request error. You can disable it by setting `S3_SET_ACL` to `0`.
-
-### `NEXT_PUBLIC_S3_DOMAIN`
-
-The public access domain of the bucket, used to access files in the bucket. This address needs to be **internet-readable**. The reason is that when OpenAI's GPT-4o and other visual models recognize images, OpenAI will try to download the image link on their servers. Therefore, this link must be publicly accessible. If it is a private link, OpenAI will not be able to access the image and will not be able to recognize the image content properly.
-
-<Callout type={'warning'}>
-In addition, since this access domain is often an independent URL, it needs to be configured to allow cross-origin access to the site, otherwise cross-origin issues will occur in the browser.
-</Callout>
-
-</Steps>
-
 For detailed configuration guidelines on S3, please refer to [S3 Object Storage](/en/docs/self-hosting/advanced/s3) for more information.
 
 ## Getting Started with Deployment
 
 The above is a detailed explanation of configuring LobeChat with a server-side database. You can configure it according to your actual situation and then choose a deployment platform that suits you to start deployment:
 
 <PlatformCards urlPrefix={'server-database'} />
-

docs/self-hosting/server-database/docker.mdx

@@ -32,26 +32,35 @@ Here is the process for deploying the LobeChat server database version on a Linu
 
 ### Create a Postgres Database Instance
 
-Create a Postgres database instance according to your needs, for example:
+Please create a Postgres database instance with the PGVector plugin according to your needs, for example:
 
 ```sh
-docker run --name my-postgres --network pg -e POSTGRES_PASSWORD=mysecretpassword -p 5432:5432 -d postgres
+docker network create pg
+
+docker run --name my-postgres --network pg -e POSTGRES_PASSWORD=mysecretpassword -p 5432:5432 -d pgvector/pgvector:pg16
 ```
 
-<Callout type="warning">
-The above command is only for testing/demonstration purposes because this pg instance does not include a persistent part.
+The above command will create a PG instance named `my-postgres` on the network `pg`, where `pgvector/pgvector:pg16` is a Postgres 16 image with the pgvector plugin installed by default.
+
+<Callout type="info">
+The pgvector plugin provides vector search capabilities for Postgres, which is an important component for LobeChat to implement RAG.
 </Callout>
 
-The above command will create a PG instance named `my-postgres` on the network `pg`.
+<Callout type="warning">
+The above command does not specify a persistent storage location for the pg instance, so it is only for testing/demonstration purposes. Please configure persistent storage for production environments.
+</Callout>
 
 ### Create a file named `lobe-chat.env` to store environment variables:
 
 ```shell
-# DB required
+# Website domain
+APP_URL=https://your-prod-domain.com
+
+# DB required environment variables
 KEY_VAULTS_SECRET=jgwsK28dspyVQoIf8/M3IIHl1h6LYYceSYNXeLpy6uk=
 DATABASE_URL=postgres://postgres:mysecretpassword@my-postgres:5432/postgres
 
-# NEXT_AUTH related
+# NEXT_AUTH related, can use auth0, Azure AD, GitHub, Authentik, zitadel, etc. If you have other access requirements, feel free to submit a PR
 NEXT_AUTH_SECRET=3904039cd41ea1bdf6c93db0db96e250
 NEXT_AUTH_SSO_PROVIDERS=auth0
 NEXTAUTH_URL=https://your-prod-domain.com/api/auth
@@ -103,20 +112,21 @@ The script command you need to execute is:
 
 ```shell
 $ docker run -it -d --name lobe-chat-database -p 3210:3210 \
--e DATABASE_URL=postgres://postgres:mysecretpassword@host.docker.internal:5432/postgres \
--e KEY_VAULTS_SECRET=jgwsK28dspyVQoIf8/M3IIHl1h6LYYceSYNXeLpy6uk= \
--e NEXT_AUTH_SECRET=3904039cd41ea1bdf6c93db0db96e250 \
--e NEXT_AUTH_SSO_PROVIDERS=auth0 \
--e AUTH0_CLIENT_ID=xxxxxx \
--e AUTH0_CLIENT_SECRET=cSX_xxxxx \
--e AUTH0_ISSUER=https://lobe-chat-demo.us.auth0.com \
--e NEXTAUTH_URL=http://localhost:3210/api/auth \
--e S3_ACCESS_KEY_ID=xxxxxxxxxx \
--e S3_SECRET_ACCESS_KEY=xxxxxxxxxx \
--e S3_ENDPOINT=https://xxxxxxxxxx.r2.cloudflarestorage.com \
--e S3_BUCKET=lobechat \
--e NEXT_PUBLIC_S3_DOMAIN=https://s3-for-lobechat.your-domain.com \
-lobehub/lobe-chat-database
+  -e DATABASE_URL=postgres://postgres:mysecretpassword@host.docker.internal:5432/postgres \
+  -e KEY_VAULTS_SECRET=jgwsK28dspyVQoIf8/M3IIHl1h6LYYceSYNXeLpy6uk= \
+  -e NEXT_AUTH_SECRET=3904039cd41ea1bdf6c93db0db96e250 \
+  -e NEXT_AUTH_SSO_PROVIDERS=auth0 \
+  -e AUTH0_CLIENT_ID=xxxxxx \
+  -e AUTH0_CLIENT_SECRET=cSX_xxxxx \
+  -e AUTH0_ISSUER=https://lobe-chat-demo.us.auth0.com \
+  -e APP_URL=http://localhost:3210 \
+  -e NEXTAUTH_URL=http://localhost:3210/api/auth \
+  -e S3_ACCESS_KEY_ID=xxxxxxxxxx \
+  -e S3_SECRET_ACCESS_KEY=xxxxxxxxxx \
+  -e S3_ENDPOINT=https://xxxxxxxxxx.r2.cloudflarestorage.com \
+  -e S3_BUCKET=lobechat \
+  -e NEXT_PUBLIC_S3_DOMAIN=https://s3-for-lobechat.your-domain.com \
+  lobehub/lobe-chat-database
 ```
 
 <Callout type="tip">

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.12.2",
+  "version": "1.12.4",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",
@@ -164,7 +164,7 @@
     "mammoth": "^1.8.0",
     "modern-screenshot": "^4.4.39",
     "nanoid": "^5.0.7",
-    "next": "^14.2.4",
+    "next": "^14.2.6",
     "next-auth": "5.0.0-beta.15",
     "next-sitemap": "^4.2.3",
     "numeral": "^2.0.6",

src/app/(main)/repos/[id]/@menu/Menu/index.tsx

@@ -1,7 +1,7 @@
 'use client';
 
 import { Icon } from '@lobehub/ui';
-import { FileText, Settings2Icon } from 'lucide-react';
+import { FileText } from 'lucide-react';
 import Link from 'next/link';
 import { usePathname } from 'next/navigation';
 import { memo, useMemo, useState } from 'react';
@@ -29,11 +29,11 @@ const FileMenu = memo<{ id: string }>(({ id }) => {
       //   key: `/repos/${id}/testing`,
       //   label: <Link href={`/repos/${id}/testing`}>{t('tab.testing')}</Link>,
       // },
-      {
-        icon: <Icon icon={Settings2Icon} />,
-        key: `/repos/${id}/settings`,
-        label: <Link href={`/repos/${id}/settings`}>{t('tab.settings')}</Link>,
-      },
+      // {
+      //   icon: <Icon icon={Settings2Icon} />,
+      //   key: `/repos/${id}/settings`,
+      //   label: <Link href={`/repos/${id}/settings`}>{t('tab.settings')}</Link>,
+      // },
     ],
     [t],
   );