gmakstutis/openrag
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into rootless-podman-os-permissions

Browse source
This commit is contained in:
Sebastián Estévez 2026-01-13 09:36:12 -05:00 committed by GitHub
commit 197f9e49e0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 61 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
README.md
View file

@ -15,68 +15,20 @@ OpenRAG is a comprehensive Retrieval-Augmented Generation platform that enables
<a href="https://deepwiki.com/langflow-ai/openrag"><img src="https://deepwiki.com/badge.svg" alt="Ask DeepWiki"></a>
</div>
<div align="center">
<a href="#quickstart" style="color: #0366d6;">Quickstart</a> &nbsp;&nbsp;|&nbsp;&nbsp;
<a href="#install-python-package" style="color: #0366d6;">Python package</a> &nbsp;&nbsp;|&nbsp;&nbsp;
<a href="#docker-or-podman-installation" style="color: #0366d6;">Docker or Podman</a> &nbsp;&nbsp;|&nbsp;&nbsp;
<a href="#development" style="color: #0366d6;">Development</a> &nbsp;&nbsp;|&nbsp;&nbsp;
<a href="#troubleshooting" style="color: #0366d6;">Troubleshooting</a>
</div>
## Install OpenRAG
## Quickstart
To get started with OpenRAG, see the installation guides in the OpenRAG documentation:
To run OpenRAG without creating or modifying any project files, use `uvx`:
```bash
uvx openrag
```
This command runs OpenRAG without installing it to your project or globally.
To run a specific version of OpenRAG, run `uvx --from openrag==VERSION openrag`.
## Install Python package
To add the OpenRAG Python package to a Python project, use `uv`:
1. Create a new project with a virtual environment using `uv init`:
```bash
uv init YOUR_PROJECT_NAME
cd YOUR_PROJECT_NAME
```
The `(venv)` prompt doesn't change, but `uv` commands will automatically use the project's virtual environment.
For more information on virtual environments, see the [uv documentation](https://docs.astral.sh/uv/pip/environments).
2. Add OpenRAG to your project:
```bash
uv add openrag
```
To add a specific version of OpenRAG, run `uv add openrag==VERSION`.
3. Start the OpenRAG terminal user interface (TUI):
```bash
uv run openrag
```
4. Continue with the [Quickstart](https://docs.openr.ag/quickstart).
For all installation options, see the [OpenRAG installation guide](https://docs.openr.ag/install).
## Docker or Podman installation
By default, OpenRAG automatically starts the required containers and helps you manage them.
To install OpenRAG with self-managed containers, see the [OpenRAG installation guide](https://docs.openr.ag/docker).
* [Quickstart](https://docs.openr.ag/quickstart)
* [Install the OpenRAG Python package](https://docs.openr.ag/install-options)
* [Deploy self-managed services with Docker or Podman](https://docs.openr.ag/docker)
## Development
For developers wanting to contribute to OpenRAG or set up a development environment, see [CONTRIBUTING.md](CONTRIBUTING.md).
For developers who want to [contribute to OpenRAG](https://docs.openr.ag/support/contribute) or set up a development environment, see [CONTRIBUTING.md](CONTRIBUTING.md).
## Troubleshooting
For common issues and fixes, see [Troubleshoot OpenRAG](https://docs.openr.ag/support/troubleshoot).
For assistance with OpenRAG, see [Troubleshoot OpenRAG](https://docs.openr.ag/support/troubleshoot) and visit the [Discussions page](https://github.com/langflow-ai/openrag/discussions).
To report a bug or submit a feature request, visit the [Issues page](https://github.com/langflow-ai/openrag/issues).

2
docker-compose.yml
View file

@ -81,7 +81,7 @@ services:
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
volumes:
- ${OPENRAG_DOCUMENTS_PATH:-./openrag-documents}:/app/openrag-documents:Z
- ${OPENRAG_KEYS_PATH:-./keys}:/app/keys:Z
- ${OPENRAG_KEYS_PATH:-./keys}:/app/keys:U,z
- ${OPENRAG_FLOWS_PATH:-./flows}:/app/flows:U,z
- ${OPENRAG_CONFIG_PATH:-./config}:/app/config:Z
- ${OPENRAG_DATA_PATH:-./data}:/app/data:Z

52
src/tui/main.py
View file

@ -1,5 +1,7 @@
"""Main TUI application for OpenRAG."""
import os
import subprocess
import sys
from pathlib import Path
from typing import Iterable, Optional
@ -683,6 +685,51 @@ def migrate_legacy_data_directories():
logger.info("Data migration completed successfully")
def generate_jwt_keys(keys_dir: Path):
"""Generate RSA keys for JWT signing if they don't exist.
This pre-generates keys on the host so containers can read them,
avoiding permission issues with Podman rootless mode.
"""
private_key_path = keys_dir / "private_key.pem"
public_key_path = keys_dir / "public_key.pem"
if private_key_path.exists() and public_key_path.exists():
logger.debug("JWT keys already exist")
return
try:
# Generate private key
subprocess.run(
["openssl", "genrsa", "-out", str(private_key_path), "2048"],
check=True,
capture_output=True,
)
# Set restrictive permissions on private key (readable by owner only)
os.chmod(private_key_path, 0o600)
# Generate public key from private key
subprocess.run(
[
"openssl",
"rsa",
"-in", str(private_key_path),
"-pubout",
"-out", str(public_key_path),
],
check=True,
capture_output=True,
)
# Set permissions on public key (readable by all)
os.chmod(public_key_path, 0o644)
logger.info("Generated RSA keys for JWT signing")
except FileNotFoundError:
logger.warning("openssl not found, skipping JWT key generation (will be generated in container)")
except subprocess.CalledProcessError as e:
logger.error(f"Failed to generate RSA keys: {e}")
def setup_host_directories():
"""Initialize OpenRAG directory structure on the host.
@ -703,11 +750,14 @@ def setup_host_directories():
base_dir / "data",
base_dir / "data" / "opensearch-data",
]
for directory in directories:
directory.mkdir(parents=True, exist_ok=True)
logger.debug(f"Ensured directory exists: {directory}")
# Generate JWT keys on host to avoid container permission issues
generate_jwt_keys(base_dir / "keys")
def run_tui():
"""Run the OpenRAG TUI application."""