diff --git a/README.md b/README.md index 4e861740..57159567 100644 --- a/README.md +++ b/README.md @@ -15,68 +15,20 @@ OpenRAG is a comprehensive Retrieval-Augmented Generation platform that enables Ask DeepWiki - -
- Quickstart   |   - Python package   |   - Docker or Podman   |   - Development   |   - Troubleshooting -
+## Install OpenRAG -## Quickstart +To get started with OpenRAG, see the installation guides in the OpenRAG documentation: -To run OpenRAG without creating or modifying any project files, use `uvx`: - -```bash -uvx openrag -``` - -This command runs OpenRAG without installing it to your project or globally. - -To run a specific version of OpenRAG, run `uvx --from openrag==VERSION openrag`. - -## Install Python package - -To add the OpenRAG Python package to a Python project, use `uv`: - -1. Create a new project with a virtual environment using `uv init`: - - ```bash - uv init YOUR_PROJECT_NAME - cd YOUR_PROJECT_NAME - ``` - - The `(venv)` prompt doesn't change, but `uv` commands will automatically use the project's virtual environment. - For more information on virtual environments, see the [uv documentation](https://docs.astral.sh/uv/pip/environments). - -2. Add OpenRAG to your project: - - ```bash - uv add openrag - ``` - - To add a specific version of OpenRAG, run `uv add openrag==VERSION`. - -3. Start the OpenRAG terminal user interface (TUI): - - ```bash - uv run openrag - ``` - -4. Continue with the [Quickstart](https://docs.openr.ag/quickstart). - -For all installation options, see the [OpenRAG installation guide](https://docs.openr.ag/install). - -## Docker or Podman installation - -By default, OpenRAG automatically starts the required containers and helps you manage them. -To install OpenRAG with self-managed containers, see the [OpenRAG installation guide](https://docs.openr.ag/docker). +* [Quickstart](https://docs.openr.ag/quickstart) +* [Install the OpenRAG Python package](https://docs.openr.ag/install-options) +* [Deploy self-managed services with Docker or Podman](https://docs.openr.ag/docker) ## Development -For developers wanting to contribute to OpenRAG or set up a development environment, see [CONTRIBUTING.md](CONTRIBUTING.md). +For developers who want to [contribute to OpenRAG](https://docs.openr.ag/support/contribute) or set up a development environment, see [CONTRIBUTING.md](CONTRIBUTING.md). ## Troubleshooting -For common issues and fixes, see [Troubleshoot OpenRAG](https://docs.openr.ag/support/troubleshoot). \ No newline at end of file +For assistance with OpenRAG, see [Troubleshoot OpenRAG](https://docs.openr.ag/support/troubleshoot) and visit the [Discussions page](https://github.com/langflow-ai/openrag/discussions). + +To report a bug or submit a feature request, visit the [Issues page](https://github.com/langflow-ai/openrag/issues). \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index c5f809c5..30574506 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -81,7 +81,7 @@ services: - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} volumes: - ${OPENRAG_DOCUMENTS_PATH:-./openrag-documents}:/app/openrag-documents:Z - - ${OPENRAG_KEYS_PATH:-./keys}:/app/keys:Z + - ${OPENRAG_KEYS_PATH:-./keys}:/app/keys:U,z - ${OPENRAG_FLOWS_PATH:-./flows}:/app/flows:U,z - ${OPENRAG_CONFIG_PATH:-./config}:/app/config:Z - ${OPENRAG_DATA_PATH:-./data}:/app/data:Z diff --git a/src/tui/main.py b/src/tui/main.py index cd498c6e..eb6765ef 100644 --- a/src/tui/main.py +++ b/src/tui/main.py @@ -1,5 +1,7 @@ """Main TUI application for OpenRAG.""" +import os +import subprocess import sys from pathlib import Path from typing import Iterable, Optional @@ -683,6 +685,51 @@ def migrate_legacy_data_directories(): logger.info("Data migration completed successfully") +def generate_jwt_keys(keys_dir: Path): + """Generate RSA keys for JWT signing if they don't exist. + + This pre-generates keys on the host so containers can read them, + avoiding permission issues with Podman rootless mode. + """ + private_key_path = keys_dir / "private_key.pem" + public_key_path = keys_dir / "public_key.pem" + + if private_key_path.exists() and public_key_path.exists(): + logger.debug("JWT keys already exist") + return + + try: + # Generate private key + subprocess.run( + ["openssl", "genrsa", "-out", str(private_key_path), "2048"], + check=True, + capture_output=True, + ) + # Set restrictive permissions on private key (readable by owner only) + os.chmod(private_key_path, 0o600) + + # Generate public key from private key + subprocess.run( + [ + "openssl", + "rsa", + "-in", str(private_key_path), + "-pubout", + "-out", str(public_key_path), + ], + check=True, + capture_output=True, + ) + # Set permissions on public key (readable by all) + os.chmod(public_key_path, 0o644) + + logger.info("Generated RSA keys for JWT signing") + except FileNotFoundError: + logger.warning("openssl not found, skipping JWT key generation (will be generated in container)") + except subprocess.CalledProcessError as e: + logger.error(f"Failed to generate RSA keys: {e}") + + def setup_host_directories(): """Initialize OpenRAG directory structure on the host. @@ -703,11 +750,14 @@ def setup_host_directories(): base_dir / "data", base_dir / "data" / "opensearch-data", ] - + for directory in directories: directory.mkdir(parents=True, exist_ok=True) logger.debug(f"Ensured directory exists: {directory}") + # Generate JWT keys on host to avoid container permission issues + generate_jwt_keys(base_dir / "keys") + def run_tui(): """Run the OpenRAG TUI application."""