av/harbor

Dify startup failed

Opened this issue · 2 comments

I am trying to setup Dify, and it was successful with pull

harbor pull dify

however when i try to start up with

harbor up dify

I got error as follows:

[+] Building 2.3s (9/11)                                                                                                                                    docker:default
 => [dify-openai internal] load build definition from Dockerfile                                                                                                      0.0s
 => => transferring dockerfile: 222B                                                                                                                                  0.0s
 => [dify-openai internal] load metadata for docker.io/pkgxdev/pkgx:latest                                                                                            1.0s
 => [dify-openai auth] pkgxdev/pkgx:pull token for registry-1.docker.io                                                                                               0.0s
 => [dify-openai internal] load .dockerignore                                                                                                                         0.0s
 => => transferring context: 2B                                                                                                                                       0.0s
 => [dify-openai 1/6] FROM docker.io/pkgxdev/pkgx:latest@sha256:ee3e4c59bd8b575765d5ab4234872bbe17434921ac47d4a0cc549218288aafba                                      0.1s
 => => resolve docker.io/pkgxdev/pkgx:latest@sha256:ee3e4c59bd8b575765d5ab4234872bbe17434921ac47d4a0cc549218288aafba                                                  0.0s
 => [dify-openai internal] load build context                                                                                                                         0.0s
 => => transferring context: 90B                                                                                                                                      0.0s
 => CACHED [dify-openai 2/6] WORKDIR /dify2openai                                                                                                                     0.0s
 => CACHED [dify-openai 3/6] RUN pkgx install node@20 npm                                                                                                             0.0s
 => ERROR [dify-openai 4/6] RUN node --version && npm --version                                                                                                       1.1s
------
 > [dify-openai 4/6] RUN node --version && npm --version:
0.555 × unexpected error error sending request for url (https://dist.pkgx.dev/gnu.org/mpc/linux/x86-64/versions.txt): client error (Connect): invalid peer certificate: UnknownIssuer
0.555 │ TypeError: error sending request for url (https://dist.pkgx.dev/gnu.org/mpc/linux/x86-64/versions.txt): client error (Connect): invalid peer certificate: UnknownIssuer
0.555 │     at async mainFetch (ext:deno_fetch/26_fetch.js:170:12)
0.555 │     at async fetch (ext:deno_fetch/26_fetch.js:392:7)
0.555 │     at async Object.get (https://deno.land/x/libpkgx@v0.20.1/src/hooks/useInventory.ts:18:15)
0.555 │     at async Object.select (https://deno.land/x/libpkgx@v0.20.1/src/hooks/useInventory.ts:8:20)
0.555 │     at async Promise.all (index 3)
0.555 │     at async resolve (https://deno.land/x/libpkgx@v0.20.1/src/plumbing/resolve.ts:55:3)
0.555 │     at async default (file:///tmp/deno-compile-pkgx/pkgx/src/prefab/install.ts:11:51)
0.555 │     at async default (file:///tmp/deno-compile-pkgx/pkgx/src/modes/x.ts:31:18)
0.555 │     at async default (file:///tmp/deno-compile-pkgx/pkgx/src/app.ts:60:11)
0.555 │     at async file:///tmp/deno-compile-pkgx/pkgx/entrypoint.ts:59:3
0.556 ╰─➤ https://github.com/pkgxdev/pkgx/issues/new
------
failed to solve: process "/bin/bash -c node --version && npm --version" did not complete successfully: exit code: 1

I am using corporate network, so I do have a self signed certificate and it is installed to trust store on WSL2 Arch Linux

Thanks for your help!

I removed the dify-openai service in the compose yaml file, at least dify can startup

Do you still get this issue if you update the dify version via harbor config set dify.version 0.14.1.


If that doesn't fix it you could try:

  1. Add the certificate path to the dify/override.env file that Harbor uses:
NODE_EXTRA_CA_CERTS=/path/to/your/corporate/certificate.pem
  1. Create a service-specific compose file for your build that includes the certificate configuration:
# compose.dify.yml

services:
  dify-openai:
    environment:
      - NODE_EXTRA_CA_CERTS=/path/to/your/corporate/certificate.pem
    volumes:
      - /path/to/your/corporate/certificate.pem:/path/to/your/corporate/certificate.pem:ro
  1. Since I think Harbor supports config interpolation, you could also use variable substitution in your compose file:
HARBOR_CERT_PATH=/path/to/your/corporate/certificate.pem

Then open $(harbor home)/.env:

harbor config set HARBOR_CERT_PATH=/path/to/your/corporate/certificate.pem

Check these documents for further information:
https://github.com/av/harbor/wiki/1.-Harbor-User-Guide#environment-variables
https://github.com/av/harbor/wiki/6.-Harbor-Compose-Setup
https://github.com/av/harbor/wiki/2.3.3-Satellite:-Dify#configuration

If this works, let me know and I can start a PR to add this option in the .yml for future updates.