DJANGO = ALLOWED HOSTS

[Fuckingnameless]

i'm sure this is just a stupid setting but i thought its better to ask the experts when i launch the container with docker-compose up and try to add a model via the localhost/server/admin link it throws an error that i'm not on the allowed hosts list and i have no idea where i should set this up

[Fuckingnameless]

also i keep getting this: database-1 | 2024-02-27 23:25:14.701 UTC [51] FATAL: role "postgres" does not exist

[sabaimran]

@Fuckingnameless , what's the url you're using to host? You shouldn't get the localhost error if you're just accessing it over the default http://localhost:42110/, but you may run into issues if you're using your own custom domain. Let me know if you're still having trouble over localhost.

For the db error, do you have this in the environment settings of your database container? POSTGRES_USER: postgres?

[Fuckingnameless]

@Fuckingnameless , what's the url you're using to host? You shouldn't get the localhost error if you're just accessing it over the default http://localhost:42110/, but you may run into issues if you're using your own custom domain. Let me know if you're still having trouble over localhost.

For the db error, do you have this in the environment settings of your database container? POSTGRES_USER: postgres?

yes, i used the default .yml file https://github.com/khoj-ai/khoj/blob/master/docker-compose.yml edited only the user/password as suggested in the docs its a server machine so i'm accessing it from the laptop on 192.168.1.1:42110 the webui works without issues but i can't load any models because of this error

[sabaimran]

Ahh, yeah you wouldn't be able to access it over the the internal IP as it stands. The current hosting settings only allow it to be accessible over the same machine, unless a custom domain and cert are setup. Is it possible for you to connect directly to the server? You might try using tailscale if you don't have it setup.

Regarding the other postgres issue, let me follow-up in the other issue you created, #663, as that should be the root cause there.

[Fuckingnameless]

the server is headless you say it can't be accessed over the same network but i did, just the model selection / admin panel is blocked

[tsbertalan]

possible for you to connect directly to the server

What would that mean?

the server is headless

I imagine this is a very common scenario--the machine with the GPU is not the one with a monitor on my desk, but the one on the shelf over there. In my case, I can see it over OpenVPN, and (as #608 says) by adding KHOJ_DOMAIN=VPNIPHERE, I can see the Django login page, but not use it (CSRF verification failed).

Without any changes to the default docker-compose.yml, I was able to see the main UI page.

[tsbertalan]

(ALLOWED_HOSTS and CSRF_TRUSTED_ORIGINS for Django are built using the KHOJ_DOMAIN environment variable from the docker-compose.yml , so I don't think this is an issue with those being incorrect.)

[sabaimran]

I imagine this is a very common scenario--the machine with the GPU is not the one with a monitor on my desk, but the one on the shelf over there. In my case, I can see it over OpenVPN, and (as https://github.com/khoj-ai/khoj/issues/608 says) by adding KHOJ_DOMAIN=VPNIPHERE, I can see the Django login page, but not use it (CSRF verification failed).

Regarding the CSRF_TOKEN issue, I realized one issue in our default settings in the docker-compose.yml was that KHOJ_DEBUG is set to True. Try setting KHOJ_DEBUG=False and recreating the container to see if that mitigates the CSRF token error.

you say it can't be accessed over the same network but i did, just the model selection / admin panel is blocked

Yes, that is my expectation. The domain settings and CSRF filtering should only be affecting the admin pages, not the others. Let me think about whether we want to allow having a custom domain/external IP without https support.

[antoniocanas]

Setting KHOJ_DEBUG to False doesn't fix the csrf issue

[tsbertalan]

Try setting KHOJ_DEBUG=False and recreating the container to see if that mitigates the CSRF token error.

I should have mentioned--I tried both (false is the default?), and I just get a more or less verbose Django error report.

Let me think about whether we want to allow having a custom domain/external IP without https support.

I won't be able to have localhost access to this, unless maybe I do some setup on one host and then transfer some settings files to my real machine. What's wrong with using a self-signed SSL cert? I'm used to clicking past Firefox warnings for self hosted things. (And I never run these things over the actual Internet, just VPN.)

[Fuckingnameless]

using a self-signed SSL

how would you do that with the docker version?

[tsbertalan]

@Fuckingnameless Well, rather than signed by myself, I really mean a certificate the developer would include that isn't associated with any particular domain.

I'm also ok with plain http here.

[debanjum]

Hey folks, I was able to reproduce and resolve this issue on my end. Please test and re-open this issue if you still can't access Khoj admin panel over the network problem persists.

You'll need to set KHOJ_DOMAIN=<your i.p or custom_domain> and KHOJ_NO_SSL="True" if you're accessing over HTTP. Updated the docs with the same details

its a server machine so i'm accessing it from the laptop on 192.168.1.1:42110 the webui works without issues but i can't load any models because of this error

For example, to access Khoj admin panel from the above I.P, you'd need to set KHOJ_NO_SSL="True" and KHOJ_DOMAIN=192.168.1.1

[Sabdot33]

Hey folks, I was able to reproduce and resolve this issue on my end. Please test and re-open this issue if you still can't access Khoj admin panel over the network problem persists.

You'll need to set KHOJ_DOMAIN=<your i.p or custom_domain> and KHOJ_NO_SSL="True" if you're accessing over HTTP. Updated the docs with the same details

its a server machine so i'm accessing it from the laptop on 192.168.1.1:42110 the webui works without issues but i can't load any models because of this error

For example, to access Khoj admin panel from the above I.P, you'd need to set KHOJ_NO_SSL="True" and KHOJ_DOMAIN=192.168.1.1

debanjum's Solution works for the domain but is there a way to asign multiple domains and IPs to that env var? e.g.: 192.168.1.1, your.domain.com and another.domain.net i tried formating these as an array but nothing seems to work.

Also, I am also getting that CSRF cookie error..

[sabaimran]

Hey @ZSabiudj , we don't currently support multiple domains, so that var will only accept a single input. Could you describe why you want multiple values there? I think it's something we should be able to support.

[Sabdot33]

Hey @ZSabiudj , we don't currently support multiple domains, so that var will only accept a single input. Could you describe why you want multiple values there? I think it's something we should be able to support.

Well I have a small little homeserver that my family uses, and that has ofc, an IP adress assigned to it but also, our router supports having "domains" for devices e.g. device.router.brand. To avoid complications, because many other services are bookmarked in both ways, it would be cool to be able to do so.

[debanjum]

Hey @ZSabiudj, you'll be able to add multiple Khoj domains by the next release (should be out in 1-3 days) using a comma separated list of domains set via the same KHOJ_DOMAIN environment variable