Skip to content

Commit fa2945c

Browse files
committed
CI/CD configurations update
1 parent 5d65783 commit fa2945c

2 files changed

Lines changed: 61 additions & 50 deletions

File tree

.github/workflows/release.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,10 @@ jobs:
222222
{ "name": "RUSHDB_EMBEDDING_BASE_URL", "value": "${{ secrets.RUSHDB_EMBEDDING_BASE_URL }}" },
223223
{ "name": "RUSHDB_EMBEDDING_API_KEY", "value": "${{ secrets.RUSHDB_EMBEDDING_API_KEY }}" },
224224
{ "name": "RUSHDB_EMBEDDING_MODEL", "value": "${{ vars.RUSHDB_EMBEDDING_MODEL }}" },
225-
{ "name": "RUSHDB_EMBEDDING_DIMENSIONS", "value": "${{ vars.RUSHDB_EMBEDDING_DIMENSIONS }}" }
225+
{ "name": "RUSHDB_EMBEDDING_DIMENSIONS", "value": "${{ vars.RUSHDB_EMBEDDING_DIMENSIONS }}" },
226+
{ "name": "RUSHDB_LLM_BASE_URL", "value": "${{ vars.RUSHDB_LLM_BASE_URL }}" },
227+
{ "name": "RUSHDB_LLM_API_KEY", "value": "${{ secrets.RUSHDB_LLM_API_KEY }}" },
228+
{ "name": "RUSHDB_LLM_MODEL", "value": "${{ vars.RUSHDB_LLM_MODEL }}" }
226229
]
227230
}
228231
],

docs/docs/tutorials/deployment.mdx

Lines changed: 57 additions & 49 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
---
22
sidebar_position: 3
3-
title: "Self-Hosting RushDB"
3+
title: 'Self-Hosting RushDB'
44
description: Deploy RushDB on your own infrastructure with Docker Compose, connect your own Neo4j instance, and configure embedding support.
55
tags: [Deployment, Self-Hosted, Docker]
66
---
77

8-
import Tabs from '@site/src/components/LanguageTabs';
9-
import TabItem from '@theme/TabItem';
8+
import Tabs from '@site/src/components/LanguageTabs'
9+
import TabItem from '@theme/TabItem'
1010

1111
# Self-Hosting RushDB
1212

@@ -38,12 +38,12 @@ services:
3838
NEO4J_AUTH: neo4j/rushdb-password
3939
NEO4JLABS_PLUGINS: '["apoc"]'
4040
ports:
41-
- "7474:7474" # Neo4j browser (optional)
42-
- "7687:7687" # Bolt protocol
41+
- '7474:7474' # Neo4j browser (optional)
42+
- '7687:7687' # Bolt protocol
4343
volumes:
4444
- neo4j_data:/data
4545
healthcheck:
46-
test: ["CMD-SHELL", "wget -qO- http://localhost:7474 || exit 1"]
46+
test: ['CMD-SHELL', 'wget -qO- http://localhost:7474 || exit 1']
4747
interval: 10s
4848
retries: 10
4949

@@ -56,7 +56,7 @@ services:
5656
volumes:
5757
- pg_data:/var/lib/postgresql/data
5858
healthcheck:
59-
test: ["CMD-SHELL", "pg_isready -U rushdb"]
59+
test: ['CMD-SHELL', 'pg_isready -U rushdb']
6060
interval: 5s
6161
retries: 10
6262

@@ -68,14 +68,14 @@ services:
6868
postgres:
6969
condition: service_healthy
7070
ports:
71-
- "3000:3000"
71+
- '3000:3000'
7272
environment:
73-
RUSHDB_SELF_HOSTED: "true"
73+
RUSHDB_SELF_HOSTED: 'true'
7474
RUSHDB_LOGIN: admin
7575
RUSHDB_PASSWORD: change-me-in-production
7676

7777
# Encryption key — must be exactly 32 characters
78-
RUSHDB_AES_256_ENCRYPTION_KEY: "32-char-key-change-in-production"
78+
RUSHDB_AES_256_ENCRYPTION_KEY: '32-char-key-change-in-production'
7979

8080
# Neo4j
8181
NEO4J_URL: bolt://neo4j:7687
@@ -90,7 +90,12 @@ services:
9090
RUSHDB_EMBEDDING_BASE_URL: https://api.openai.com/v1
9191
RUSHDB_EMBEDDING_API_KEY: sk-...
9292
RUSHDB_EMBEDDING_MODEL: text-embedding-3-small
93-
RUSHDB_EMBEDDING_DIMENSIONS: "1536"
93+
RUSHDB_EMBEDDING_DIMENSIONS: '1536'
94+
95+
# Relationship suggestions (optional — remove these 3 lines to disable AI relationship patterns)
96+
RUSHDB_LLM_BASE_URL: https://api.openai.com/v1
97+
RUSHDB_LLM_API_KEY: sk-...
98+
RUSHDB_LLM_MODEL: gpt-4.1-mini
9499

95100
volumes:
96101
neo4j_data:
@@ -113,12 +118,12 @@ If you already have Neo4j running (or an Aura instance), skip the `neo4j` servic
113118
rushdb:
114119
image: rushdb/rushdb:latest
115120
ports:
116-
- "3000:3000"
121+
- '3000:3000'
117122
environment:
118-
RUSHDB_SELF_HOSTED: "true"
123+
RUSHDB_SELF_HOSTED: 'true'
119124
RUSHDB_LOGIN: admin
120125
RUSHDB_PASSWORD: change-me-in-production
121-
RUSHDB_AES_256_ENCRYPTION_KEY: "32-char-key-change-in-production"
126+
RUSHDB_AES_256_ENCRYPTION_KEY: '32-char-key-change-in-production'
122127

123128
# Point at your existing Neo4j / Aura instance
124129
NEO4J_URL: bolt+s://xxxxxxxx.databases.neo4j.io:7687
@@ -137,34 +142,37 @@ See [Connecting an Aura Instance](./connect-aura-instance.mdx) for the full BYOC
137142
138143
### Required
139144
140-
| Variable | Default in image | Description |
141-
|---|---|---|
142-
| `RUSHDB_SELF_HOSTED` | `true` | Must be `"true"` to enable self-hosted mode and create the default admin account |
143-
| `RUSHDB_LOGIN` | `admin` | Dashboard login username |
144-
| `RUSHDB_PASSWORD` | `password` | Dashboard login password — **change this** |
145-
| `RUSHDB_AES_256_ENCRYPTION_KEY` | `32SymbolStringForTokenEncryption` | Exactly 32-character key used to encrypt API tokens at rest — **change this** |
146-
| `NEO4J_URL` | — | Bolt URL of your Neo4j instance |
147-
| `NEO4J_USERNAME` | `neo4j` | Neo4j username |
148-
| `NEO4J_PASSWORD` | `password` | Neo4j password |
149-
| `SQL_DB_URL` | — | PostgreSQL connection string |
150-
| `SQL_DB_TYPE` | `postgres` | Database driver — only `postgres` supported |
145+
| Variable | Default in image | Description |
146+
| ------------------------------- | ---------------------------------- | -------------------------------------------------------------------------------- |
147+
| `RUSHDB_SELF_HOSTED` | `true` | Must be `"true"` to enable self-hosted mode and create the default admin account |
148+
| `RUSHDB_LOGIN` | `admin` | Dashboard login username |
149+
| `RUSHDB_PASSWORD` | `password` | Dashboard login password — **change this** |
150+
| `RUSHDB_AES_256_ENCRYPTION_KEY` | `32SymbolStringForTokenEncryption` | Exactly 32-character key used to encrypt API tokens at rest — **change this** |
151+
| `NEO4J_URL` | — | Bolt URL of your Neo4j instance |
152+
| `NEO4J_USERNAME` | `neo4j` | Neo4j username |
153+
| `NEO4J_PASSWORD` | `password` | Neo4j password |
154+
| `SQL_DB_URL` | — | PostgreSQL connection string |
155+
| `SQL_DB_TYPE` | `postgres` | Database driver — only `postgres` supported |
151156

152157
### Optional
153158

154-
| Variable | Default | Description |
155-
|---|---|---|
156-
| `RUSHDB_PORT` | `3000` | Port the API server listens on |
157-
| `RUSHDB_SERVE_STATIC` | `true` | Serve the built dashboard from the same process |
158-
| `RUSHDB_EMBEDDING_BASE_URL` | `https://api.openai.com/v1` | Base URL of any OpenAI-compatible embeddings endpoint |
159-
| `RUSHDB_EMBEDDING_API_KEY` | — | Bearer token for the embedding provider |
160-
| `RUSHDB_EMBEDDING_MODEL` | — | Model identifier (e.g. `text-embedding-3-small`). **Omit to disable vector indexes entirely** |
161-
| `RUSHDB_EMBEDDING_DIMENSIONS` | — | Must match the model's actual output dimensions |
162-
| `RUSHDB_EMBEDDING_BATCH_SIZE` | `500` | Records per embedding backfill batch |
163-
| `RUSHDB_EMBEDDING_MAX_RUNTIME_MS` | `50000` | Max ms the backfill scheduler spends per index per tick |
164-
| `RUSHDB_PAGINATION_DEFAULT_LIMIT` | `100` | Default page size when `limit` is not specified in a search query |
165-
| `RUSHDB_PAGINATION_MAX_LIMIT` | `1000` | Maximum allowed `limit` value — requests above this are clamped |
166-
| `RATE_LIMITER_REQUESTS_LIMIT` | `100` | Max requests per time window |
167-
| `RATE_LIMITER_TTL` | `1000` | Rate limiter window in milliseconds |
159+
| Variable | Default | Description |
160+
| --------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------- |
161+
| `RUSHDB_PORT` | `3000` | Port the API server listens on |
162+
| `RUSHDB_SERVE_STATIC` | `true` | Serve the built dashboard from the same process |
163+
| `RUSHDB_EMBEDDING_BASE_URL` | `https://api.openai.com/v1` | Base URL of any OpenAI-compatible embeddings endpoint |
164+
| `RUSHDB_EMBEDDING_API_KEY` | — | Bearer token for the embedding provider |
165+
| `RUSHDB_EMBEDDING_MODEL` | — | Model identifier (e.g. `text-embedding-3-small`). **Omit to disable vector indexes entirely** |
166+
| `RUSHDB_EMBEDDING_DIMENSIONS` | — | Must match the model's actual output dimensions |
167+
| `RUSHDB_EMBEDDING_BATCH_SIZE` | `500` | Records per embedding backfill batch |
168+
| `RUSHDB_EMBEDDING_MAX_RUNTIME_MS` | `50000` | Max ms the backfill scheduler spends per index per tick |
169+
| `RUSHDB_LLM_BASE_URL` | `https://api.openai.com/v1` | Base URL of any OpenAI-compatible chat completions endpoint for relationship suggestions |
170+
| `RUSHDB_LLM_API_KEY` | — | Bearer token for the LLM provider. **Omit to disable relationship pattern suggestions** |
171+
| `RUSHDB_LLM_MODEL` | — | Chat model identifier (e.g. `gpt-4.1-mini`). **Omit to disable relationship pattern suggestions** |
172+
| `RUSHDB_PAGINATION_DEFAULT_LIMIT` | `100` | Default page size when `limit` is not specified in a search query |
173+
| `RUSHDB_PAGINATION_MAX_LIMIT` | `1000` | Maximum allowed `limit` value — requests above this are clamped |
174+
| `RATE_LIMITER_REQUESTS_LIMIT` | `100` | Max requests per time window |
175+
| `RATE_LIMITER_TTL` | `1000` | Rate limiter window in milliseconds |
168176

169177
---
170178

@@ -267,7 +275,7 @@ rushdb:
267275
image: rushdb/rushdb:latest
268276
environment:
269277
SQL_DB_TYPE: sqlite
270-
SQL_DB_PATH: /data/rushdb.db # optional — defaults to ./rushdb.db
278+
SQL_DB_PATH: /data/rushdb.db # optional — defaults to ./rushdb.db
271279
# ...other vars
272280
volumes:
273281
- rushdb_data:/data
@@ -295,15 +303,15 @@ docker exec rushdb rushdb update-password admin@example.com newsecurepassword456
295303

296304
## Production hardening checklist
297305

298-
| Item | Action |
299-
|---|---|
300-
| `RUSHDB_PASSWORD` | Set a strong password — never leave `password` |
301-
| `RUSHDB_AES_256_ENCRYPTION_KEY` | Generate a random 32-character string |
302-
| Neo4j password | Change from the Compose default |
303-
| TLS | Terminate TLS at a reverse proxy (nginx, Caddy, Traefik) in front of port 3000 |
304-
| Postgres | Back up the `rushdb` Postgres database — it stores projects, tokens, and billing records |
305-
| Neo4j | Enable Neo4j backups for your graph data |
306-
| Embedding key | Rotate the embedding provider API key independently of the RushDB key |
306+
| Item | Action |
307+
| ------------------------------- | ---------------------------------------------------------------------------------------- |
308+
| `RUSHDB_PASSWORD` | Set a strong password — never leave `password` |
309+
| `RUSHDB_AES_256_ENCRYPTION_KEY` | Generate a random 32-character string |
310+
| Neo4j password | Change from the Compose default |
311+
| TLS | Terminate TLS at a reverse proxy (nginx, Caddy, Traefik) in front of port 3000 |
312+
| Postgres | Back up the `rushdb` Postgres database — it stores projects, tokens, and billing records |
313+
| Neo4j | Enable Neo4j backups for your graph data |
314+
| Embedding key | Rotate the embedding provider API key independently of the RushDB key |
307315

308316
---
309317

0 commit comments

Comments
 (0)