Enable starting khoj uvicorn server with ssl cert file, key for https

Pass your domain cert files via the --sslcert, --sslkey cli args. For example, to start khoj at https://example.com, you'd run command: KHOJ_DOMAIN=example.com khoj --sslcert example.com.crt --sslkey example.com.key --host example.com This sets up ssl certs directly with khoj without requiring a reverse proxy like nginx to serve khoj behind https endpoint for simple setups. More complex setups should, of course, still use a reverse proxy for efficient request processing
2024-11-23 15:38:55 +01:00 · 2024-11-20 23:55:44 -08:00 · 2024-11-20 23:55:44 -08:00 · 1f96c13f72
commit 1f96c13f72
parent 9fea02f20f
3 changed files with 7 additions and 0 deletions
--- a/src/khoj/main.py
+++ b/src/khoj/main.py
@ -208,6 +208,9 @@ def set_state(args):
    state.verbose = args.verbose
    state.host = args.host
    state.port = args.port
+    state.ssl_config = (
+        {"ssl_certfile": args.sslcert, "ssl_keyfile": args.sslkey} if args.sslcert and args.sslkey else None
+    )
    state.anonymous_mode = args.anonymous_mode
    state.khoj_version = version("khoj")
    state.chat_on_gpu = args.chat_on_gpu
@ -226,6 +229,7 @@ def start_server(app, host=None, port=None, socket=None):
            use_colors=True,
            log_config=None,
            timeout_keep_alive=60,
+            **state.ssl_config if state.ssl_config else {},
        )
    logger.info("🌒 Stopping Khoj")

--- a/src/khoj/utils/cli.py
+++ b/src/khoj/utils/cli.py
@ -40,6 +40,8 @@ def cli(args=None):
        type=pathlib.Path,
        help="Path to UNIX socket for server. Use to run server behind reverse proxy. Default: /tmp/uvicorn.sock",
    )
+    parser.add_argument("--sslcert", type=str, help="Path to SSL certificate file")
+    parser.add_argument("--sslkey", type=str, help="Path to SSL key file")
    parser.add_argument("--version", "-V", action="store_true", help="Print the installed Khoj version and exit")
    parser.add_argument(
        "--disable-chat-on-gpu", action="store_true", default=False, help="Disable using GPU for the offline chat model"
--- a/src/khoj/utils/state.py
+++ b/src/khoj/utils/state.py
@ -27,6 +27,7 @@ config_file: Path = None
 verbose: int = 0
 host: str = None
 port: int = None
+ssl_config: Dict[str, str] = None
 cli_args: List[str] = None
 query_cache: Dict[str, LRU] = defaultdict(LRU)
 chat_lock = threading.Lock()