最好的优化方法是换一台线路好配置高的服务器 
免责声明:操作前请务必备份
重要提示:在进行任何操作之前,请确保已经完整备份您的系统和数据。
- 本文内容仅代表个人操作经验和观点,不构成专业建议。实际效果可能因环境、版本和具体情况而异,请以您的实际操作结果为准。
- 本人明确声明没有 进行过Nginx的系统性学习和专业优化 。本文中的任何建议或操作步骤都源于个人实践,可能存在疏漏或不当之处。
- 读者在参考本文进行任何操作时,应当自行判断其适用性和潜在风险。对于因采纳本文建议而可能造成的任何直接或间接损失,本人概不负责。
- 强烈建议在进行重要操作或修改前,先在测试环境中验证,并咨询相关领域的专业人士。
- 本文内容可能会随时间推移而过时。请读者在使用时注意核实信息的时效性,并参考最新的官方文档和可靠资源。
- 如发现本文中存在任何错误或有待改进之处,欢迎指出,以便及时更正。
再次强调:安全第一,操作前请务必做好完整备份!
1. 前言
在Github上,我注意到有人将默认的Sqlite数据库替换为了PostgreSQL。
我尝试部署后发现速度有所提升。随后,我参考了这一OpenWebUI Nginx优化方案,并使用Claude AI根据1Panel的OpenResty配置进行了进一步优化。
建议将New-Api和OpenWebUI部署在同一台机器上,以获得更好的性能。
${SESSION_SECRET}部分自行替换
2. Docker compose 部分
services:
new-api:
image: calciumion/new-api:latest
container_name: new-api
restart: always
command: --log-dir /app/logs
ports:
- "3000:3000"
volumes:
- ./data:/data
- ./logs:/app/logs
environment:
- REDIS_CONN_STRING=redis://redis
- SESSION_SECRET=${SESSION_SECRET}
- TZ=Asia/Shanghai
depends_on:
- redis
healthcheck:
test: [ "CMD-SHELL", "wget -q -O - http://localhost:3000/api/status | grep -o '\"success\":\\s*true' | awk -F: '{print $2}'" ]
interval: 30s
timeout: 10s
retries: 3
redis:
image: redis:latest
container_name: redis
restart: always
postgresql:
image: postgres:latest
container_name: postgresql
restart: always
environment:
- POSTGRES_USER=${POSTGRES_USER} # 使用环境变量
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # 使用环境变量
- POSTGRES_DB=${POSTGRES_DB} # 使用环境变量
volumes:
- postgres_data:/var/lib/postgresql/data
ports:
- "127.0.0.1:5432:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] # 使用环境变量
interval: 30s
timeout: 10s
retries: 3
pipelines:
image: ghcr.io/open-webui/pipelines:main
container_name: pipelines
restart: always
ports:
- "9099:9099"
volumes:
- pipelines:/app/pipelines
extra_hosts:
- "host.docker.internal:host-gateway"
open-webui:
image: ghcr.io/open-webui/open-webui:${WEBUI_DOCKER_TAG-main}
container_name: open-webui
volumes:
- open-webui:/app/backend/data
ports:
- ${OPEN_WEBUI_PORT-8081}:8080
environment:
- 'WEBUI_SECRET_KEY=${WEBUI_SECRET_KEY}' # 使用环境变量
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgresql:5432/${POSTGRES_DB} # 使用环境变量
depends_on:
- postgresql
- new-api
- pipelines
extra_hosts:
- host.docker.internal:host-gateway
restart: unless-stopped
volumes:
open-webui: {}
postgres_data: {}
pipelines: {}
3. OpenWebUI OpenRestry部分
example部分自行替换
server {
listen 80;
listen [::]:80;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
root /www/sites/example;
index index.php index.html index.htm;
access_log /www/sites/example/log/access.log combined buffer=16k flush=5s;
error_log /www/sites/example/log/error.log warn;
ssl_certificate /www/sites/example/ssl/fullchain.pem;
ssl_certificate_key /www/sites/example/ssl/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers YOUR_CIPHERS_HERE;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy strict-origin-when-cross-origin;
add_header X-XSS-Protection "1; mode=block";
location /socket.io/ {
proxy_pass http://127.0.0.1:8081; #替换
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 120s;
proxy_send_timeout 180s;
proxy_buffering on;
proxy_buffer_size 4k;
proxy_buffers 16 4k;
proxy_busy_buffers_size 16k;
proxy_max_temp_file_size 0;
proxy_redirect off;
tcp_nodelay on;
tcp_nopush off;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
expires 30d;
add_header Cache-Control "public, no-transform";
}
location ^~ /.well-known/acme-challenge/ {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/example/proxy/*.conf; #替换
}
3. New-Api OpenRestry 部分
example部分自行替换
server {listen 80;
listen 443 ssl http2;
server_name example.com;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
location ^~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
# 优化代理缓冲
proxy_buffering on;
proxy_buffer_size 4k;
proxy_buffers 8 4k;
proxy_busy_buffers_size 16k;
proxy_max_temp_file_size 0;
proxy_redirect off;
tcp_nodelay on;
tcp_nopush off;
# 优化代理超时设置
proxy_connect_timeout 60s;
proxy_send_timeout 120s;
proxy_read_timeout 180s;
# 开启 Gzip 压缩
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
gzip_min_length 1000;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
# 其他安全头部
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
include /path/to/proxy/*.conf;
}
优化后首页加载
优化后对话页
优化后交流
优化后对话历史
4. 狗血心路历程
我起初在AZ100上开出来的HK-B1S机器上部署ChatWebUI和New-API,最开始没有设置Swap导致机器一下就炸了。
为什么Azure的面板不支持直接重新部署系统,然后我重新把Swap添加到了4G,部署过后接入API又各种403,排查了一天也不知道为啥,去TG群问了之后才知道是Azure HK的IP段被Cloudflare屏蔽了。
精彩的来了,部署操作完了后,进首页需要夸张的半分钟甚至三十几秒,这tm能忍?
于是一波操作猛如虎,换到了隔壁2C4G的小坑GreenCloud的JP鸡鸡上,加了一点优化,总算可以快乐Chat啦!
感谢站内大佬们提供的教程和公益api
期待您能留下您的部署和优化方案以供参考
512M 老鸡用户表示顶贴
