weaviate
Need a bit of help accessing this outside the network, CORS issue
First of all: I really enjoyed playing around with this. I got it all working and it's a lot of fun!
I wanted to show some people in my office this application. Usually I just use nginx proxy manager to open it up *with access rules) but this time it didn't work. Seems to be CORS according to my browser console. Not sure how to fix this though.
Running Docker, Weaviate and Ollama versions on Linux.
+1 here...
I tried to remove the check origin at the api.py. But the front keeps the CORS error. The API is working.
`# Allow requests only from the same origin
app.add_middleware(
CORSMiddleware,
allow_origins=["*"], # This will be restricted by the custom middleware
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
Custom middleware to check if the request is from the same origin
@app.middleware("http") async def check_same_origin(request: Request, call_next): # Allow public access to /api/health # if request.url.path == "/api/health": # return await call_next(request) # # origin = request.headers.get("origin") # if origin == str(request.base_url).rstrip("/") or ( # origin # and origin.startswith("http://localhost:") # and request.base_url.hostname == "localhost" # ): # return await call_next(request) # else: # # Only apply restrictions to /api/ routes (except /api/health) # if request.url.path.startswith("/api/"): # return JSONResponse( # status_code=403, # content={ # "error": "Not allowed", # "details": { # "request_origin": origin, # "expected_origin": str(request.base_url), # "request_method": request.method, # "request_url": str(request.url), # "request_headers": dict(request.headers), # "expected_header": "Origin header matching the server's base URL or localhost", # }, # }, # )
# Allow non-API routes to pass through
return await call_next(request)`
Hey everyone! Sorry for the late reply 🙏
Could you share a more information about your setup with nginx
@thomashacker
I only say this now :)
I am using this docker compose file
version: '3.8'
services:
verba:
image: semitechnologies/verba
ports:
- 8111:8000
environment:
- WEAVIATE_URL_VERBA=http://weaviate:8080
- OPENAI_API_KEY=${OPENAI_API_KEY}
- COHERE_API_KEY=${COHERE_API_KEY}
volumes:
- /srv/verba/data:/data/
depends_on:
weaviate:
condition: service_healthy
healthcheck:
test: wget --no-verbose --tries=3 --spider http://localhost:8111 || exit 1
interval: 5s
timeout: 10s
retries: 5
start_period: 10s
networks:
- proxy
weaviate:
command:
- --host
- 0.0.0.0
- --port
- '8080'
- --scheme
- http
image: semitechnologies/weaviate:1.25.10
ports:
- 8080:8080
- 3000:8080
volumes:
- /srv/verba/weaviate/weaviate_data:/var/lib/weaviate
restart: on-failure:0
healthcheck:
test: wget --no-verbose --tries=3 --spider http://localhost:8080/v1/.well-known/ready || exit 1
interval: 5s
timeout: 10s
retries: 5
start_period: 10s
networks:
- proxy
environment:
OPENAI_APIKEY: ${OPENAI_API_KEY}
COHERE_APIKEY: ${COHERE_API_KEY}
QUERY_DEFAULTS_LIMIT: 25
AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED: 'true'
PERSISTENCE_DATA_PATH: '/var/lib/weaviate'
ENABLE_MODULES: 'e'
CLUSTER_HOSTNAME: 'node1'
networks:
proxy:
external: true
volumes:
weaviate_data: {}
Using Nginx proxy manager on the same docker network: proxy.
Basically how I do it for all docker apps I want to access over the network.
Verba is accessible via my localip:8111 or via the FQDN i set in NPM. Both work.
However when I access it over the internet and - for instance - change the theme to dark, it resets to light whenever I do a page refresh. I get a 'fresh´ instance every time. Files I upload via local ip are not visible when accessing over the internet.
I think it's related to this issue https://github.com/weaviate/Verba/issues/353 The workaround for now is to delete the custom middleware logic completely. Working on a fix for this 🚀