restore latest backup files

.gitattributes

@@ -1,3 +1,4 @@
 *.sh text eol=lf
 *.ttf filter=lfs diff=lfs merge=lfs -text
 *.jpg filter=lfs diff=lfs merge=lfs -text
+db_backup/*.gpg filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -307,3 +307,5 @@ dist
 cypress/videos
 cypress/screenshots
 .vscode/settings.json
+
+webui.db

Dockerfile

@@ -104,6 +104,7 @@ RUN echo -n 00000000-0000-0000-0000-000000000000 > $HOME/.cache/chroma/telemetry
 
 # Make sure the user has access to the app and root directory
 RUN chown -R $UID:$GID /app $HOME
+RUN apt-get update && apt-get install -y --no-install-recommends gnupg sqlite3
 
 RUN if [ "$USE_OLLAMA" = "true" ]; then \
     apt-get update && \
@@ -133,6 +134,8 @@ RUN if [ "$USE_OLLAMA" = "true" ]; then \
 COPY --chown=$UID:$GID ./backend/requirements.txt ./requirements.txt
 
 RUN pip3 install --no-cache-dir uv && \
+RUN pip3 install huggingface_hub
+RUN pip3 install uv && \
     if [ "$USE_CUDA" = "true" ]; then \
     # If you use CUDA the whisper and embedding model will be downloaded on first use
     pip3 install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/$USE_CUDA_DOCKER_VER --no-cache-dir && \

backend/requirements.txt

@@ -126,15 +126,6 @@ firecrawl-py==1.12.0
 # Sougou API SDK(Tencentcloud SDK)
 tencentcloud-sdk-python==3.0.1336
 
-## Trace
-opentelemetry-api==1.31.1
-opentelemetry-sdk==1.31.1
-opentelemetry-exporter-otlp==1.31.1
-opentelemetry-instrumentation==0.52b1
-opentelemetry-instrumentation-fastapi==0.52b1
-opentelemetry-instrumentation-sqlalchemy==0.52b1
-opentelemetry-instrumentation-redis==0.52b1
-opentelemetry-instrumentation-requests==0.52b1
-opentelemetry-instrumentation-logging==0.52b1
-opentelemetry-instrumentation-httpx==0.52b1
-opentelemetry-instrumentation-aiohttp-client==0.52b1
+
+gnupg
+huggingface_hub

backend/scripts/backup.py

@@ -0,0 +1,177 @@
+#!/usr/bin/env python3
+import os
+import sys
+import subprocess
+import datetime
+import sqlite3
+from pathlib import Path
+from io import BytesIO
+from huggingface_hub import HfApi, HfFileSystem, hf_hub_download
+import tempfile
+
+# Set up path to include the application module
+SCRIPT_DIR = Path(__file__).parent.resolve()
+BACKEND_DIR = SCRIPT_DIR.parent
+sys.path.append(str(BACKEND_DIR))
+
+# Database path (actual application database)
+DATA_DIR = os.environ.get("DATA_DIR", "/app/backend/data")
+DB_FILE_PATH = os.path.join(DATA_DIR, "webui.db")
+
+# Hugging Face repo paths (virtual paths in HF storage)
+REPO_DB_GPG_FILE = "db_backup/webui.db.gpg"
+REPO_TIMESTAMP_FILE = "db_backup/last_backup_time.txt"
+
+
+def verify_database():
+    """Verify database integrity."""
+    if not os.path.exists(DB_FILE_PATH):
+        print(f"Database file not found at: {DB_FILE_PATH}")
+        return False
+        
+    try:
+        with sqlite3.connect(DB_FILE_PATH) as conn:
+            cursor = conn.cursor()
+            cursor.execute("PRAGMA integrity_check;")
+            result = cursor.fetchone()[0]
+            cursor.execute("SELECT name FROM sqlite_master WHERE type='table';")
+            tables = cursor.fetchall()
+            
+            if result.lower() == "ok" and len(tables) > 0:
+                print(f"Database verified: {len(tables)} tables found")
+                return True
+            print("Database verification failed")
+            return False
+    except Exception as e:
+        print(f"Database verification error: {e}")
+        return False
+
+
+def encrypt_database_to_memory(passphrase):
+    """Encrypt database directly to a memory buffer."""
+    try:
+        # Create a secure temporary directory for GPG
+        with tempfile.TemporaryDirectory(prefix='gpg_home_') as gpg_home:
+            os.chmod(gpg_home, 0o700)
+            
+            encrypt_cmd = [
+                "gpg",
+                "--batch",
+                "--yes",
+                "--homedir", gpg_home,
+                "--passphrase", passphrase,
+                "--pinentry-mode", "loopback",
+                "-c",
+                "--cipher-algo", "AES256",
+                "-o", "-",  # Output to stdout
+                DB_FILE_PATH
+            ]
+            
+            # Run GPG and capture output directly
+            result = subprocess.run(
+                encrypt_cmd,
+                capture_output=True,
+                check=True
+            )
+            
+            if result.returncode != 0:
+                print(f"GPG encryption failed: {result.stderr.decode()}")
+                return None
+                
+            return result.stdout
+    except subprocess.CalledProcessError as e:
+        print(f"GPG process error: {e.stderr.decode()}")
+        return None
+    except Exception as e:
+        print(f"Encryption error: {e}")
+        return None
+
+
+def get_last_backup_time(repo_id, hf_token):
+    """Get timestamp of last backup from HuggingFace."""
+    try:
+        api = HfApi()
+        files = api.list_repo_files(repo_id=repo_id, repo_type="space", token=hf_token)
+        if REPO_TIMESTAMP_FILE not in files:
+            return None
+        
+        tmp_file = hf_hub_download(
+            repo_id=repo_id,
+            repo_type="space",
+            filename=REPO_TIMESTAMP_FILE,
+            token=hf_token
+        )
+        with open(tmp_file, "r", encoding="utf-8") as f:
+            stamp_str = f.read().strip()
+        return datetime.datetime.fromisoformat(stamp_str)
+    except Exception as e:
+        print(f"Error getting last backup time: {e}")
+        return None
+
+
+def backup_db():
+    """Main backup function using streaming approach."""
+    # Validate environment
+    passphrase = os.environ.get("BACKUP_PASSPHRASE")
+    hf_token = os.environ.get("HF_TOKEN")
+    space_id = os.environ.get("SPACE_ID")
+    
+    if not all([passphrase, hf_token, space_id]):
+        print("Error: Missing required environment variables")
+        return False
+
+    # Check backup threshold
+    threshold_minutes = int(os.environ.get("BACKUP_THRESHOLD_MINUTES", 120))
+    if threshold_minutes > 0:
+        last_backup_dt = get_last_backup_time(space_id, hf_token)
+        if last_backup_dt is not None:
+            now = datetime.datetime.now(datetime.timezone.utc)
+            if not last_backup_dt.tzinfo:
+                last_backup_dt = last_backup_dt.replace(tzinfo=datetime.timezone.utc)
+            elapsed = now - last_backup_dt
+            if elapsed.total_seconds() < threshold_minutes * 60:
+                print(f"Last backup was {elapsed.total_seconds()/60:.1f} min ago (threshold: {threshold_minutes})")
+                return True
+
+    # Verify database before backup
+    if not verify_database():
+        return False
+
+    # Encrypt database to memory
+    print("Encrypting database...")
+    encrypted_data = encrypt_database_to_memory(passphrase)
+    if encrypted_data is None:
+        return False
+    print(f"Database encrypted successfully: {len(encrypted_data)} bytes")
+
+    # Generate timestamp
+    timestamp = datetime.datetime.now(datetime.timezone.utc).isoformat()
+    timestamp_bytes = timestamp.encode('utf-8')
+
+    # Upload both files to HuggingFace
+    try:
+        api = HfApi()
+        api.upload_file(
+            path_or_fileobj=BytesIO(encrypted_data),
+            path_in_repo=REPO_DB_GPG_FILE,
+            repo_id=space_id,
+            repo_type="space",
+            token=hf_token
+        )
+        api.upload_file(
+            path_or_fileobj=BytesIO(timestamp_bytes),
+            path_in_repo=REPO_TIMESTAMP_FILE,
+            repo_id=space_id,
+            repo_type="space",
+            token=hf_token
+        )
+        print("Backup completed successfully!")
+        return True
+    except Exception as e:
+        print(f"Error uploading to HuggingFace: {e}")
+        return False
+
+
+if __name__ == "__main__":
+    success = backup_db()
+    sys.exit(0 if success else 1)

backend/scripts/db_crypt.sh

@@ -0,0 +1,100 @@
+#!/usr/bin/env bash
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+BACKEND_DIR="$(realpath "$SCRIPT_DIR/..")"
+SPACE_NAME="thryyyyy/open-webui"
+
+function check_requirements() {
+    if ! command -v gpg >/dev/null; then
+        echo "Error: gpg is not installed"
+        return 1
+    fi
+}
+
+function validate_secrets() {
+    if [ -z "$BACKUP_PASSPHRASE" ]; then
+        echo "Error: BACKUP_PASSPHRASE secret not set"
+        return 1
+    fi
+
+    if [ -z "$HF_TOKEN" ]; then
+        echo "Error: HF_TOKEN secret not set"
+        return 1
+    fi
+}
+
+function decrypt_database() {
+    validate_secrets || return 1
+
+    mkdir -p "$BACKEND_DIR/data"
+
+    if [ -f "$BACKEND_DIR/db_backup/webui.db.gpg" ]; then
+        echo "Decrypting database backup..."
+        gpg --batch --yes --passphrase "$BACKUP_PASSPHRASE" -d \
+            -o "$BACKEND_DIR/data/webui.db" "$BACKEND_DIR/db_backup/webui.db.gpg"
+
+        if [ $? -eq 0 ]; then
+            echo "Database decrypted successfully"
+            return 0
+        else
+            echo "Failed to decrypt database"
+            return 1
+        fi
+    else
+        echo "No encrypted backup found at db_backup/webui.db.gpg"
+        # Not an error, might be first run
+        return 0
+    fi
+}
+
+function encrypt_database() {
+    validate_secrets || return 1
+
+    if [ ! -f "$BACKEND_DIR/data/webui.db" ]; then
+        echo "Database not found at data/webui.db"
+        return 1
+    fi
+
+    mkdir -p "$BACKEND_DIR/db_backup"
+
+    echo "Encrypting database..."
+    gpg --batch --yes --passphrase "$BACKUP_PASSPHRASE" -c --cipher-algo AES256 \
+        -o "$BACKEND_DIR/db_backup/webui.db.gpg" "$BACKEND_DIR/data/webui.db"
+
+    if [ $? -eq 0 ]; then
+        echo "Database encrypted successfully"
+        cd "$BACKEND_DIR" || exit 1
+
+        # Configure Git for this operation
+        git config --local user.email "[email protected]"
+        git config --local user.name "Space Bot"
+
+        echo "Committing and pushing changes..."
+        git add db_backup/webui.db.gpg
+        git commit -m "Update encrypted database backup"
+
+        # Push using the token
+        REPO_URL="https://user:[email protected]/spaces/$SPACE_NAME"
+        if git push "$REPO_URL" main; then
+            echo "Successfully pushed backup to repository"
+            cd - >/dev/null
+            return 0
+        else
+            echo "Failed to push to repository"
+            cd - >/dev/null
+            return 1
+        fi
+    else
+        echo "Failed to encrypt database"
+        return 1
+    fi
+}
+
+# Check requirements first
+check_requirements || exit 1
+
+# If script is run directly, default to encryption
+# (equivalent to fish's: if test (status filename) = (status -f))
+if [ "${BASH_SOURCE[0]}" = "$0" ]; then
+    encrypt_database
+fi

backend/scripts/restore.py

@@ -0,0 +1,211 @@
+#!/usr/bin/env python3
+import os
+import sys
+import subprocess
+import datetime
+import sqlite3
+import tempfile
+from pathlib import Path
+from huggingface_hub import HfApi, hf_hub_download
+
+# Set up path to include the application module
+SCRIPT_DIR = Path(__file__).parent.resolve()
+BACKEND_DIR = SCRIPT_DIR.parent
+sys.path.append(str(BACKEND_DIR))
+
+# Database path (actual application database)
+DATA_DIR = os.environ.get("DATA_DIR", "/app/backend/data")
+DB_FILE_PATH = os.path.join(DATA_DIR, "webui.db")
+
+# Hugging Face repo paths (virtual paths in HF storage)
+REPO_DB_GPG_FILE = "db_backup/webui.db.gpg"
+REPO_TIMESTAMP_FILE = "db_backup/last_backup_time.txt"
+
+
+def check_gpg():
+    """Verify GPG is available."""
+    try:
+        subprocess.run(["gpg", "--version"], check=True, capture_output=True)
+        return True
+    except (subprocess.CalledProcessError, FileNotFoundError):
+        print("Error: gpg is not installed or not in PATH")
+        return False
+
+
+def validate_environment():
+    """Verify all required environment variables are set."""
+    required = ["BACKUP_PASSPHRASE", "HF_TOKEN", "SPACE_ID"]
+    missing = [var for var in required if not os.environ.get(var)]
+    if missing:
+        print(f"Error: Missing environment variables: {', '.join(missing)}")
+        return False
+    return True
+
+
+def ensure_data_dir():
+    """Ensure the database directory exists."""
+    try:
+        os.makedirs(DATA_DIR, mode=0o755, exist_ok=True)
+        return True
+    except Exception as e:
+        print(f"Error creating data directory: {e}")
+        return False
+
+
+def get_latest_backup_info(repo_id, hf_token):
+    """Check if backup exists and get its timestamp."""
+    api = HfApi()
+    try:
+        files = api.list_repo_files(repo_id=repo_id, repo_type="space", token=hf_token)
+        
+        if REPO_DB_GPG_FILE not in files:
+            print("No backup file found in repository")
+            return False, None
+        
+        if REPO_TIMESTAMP_FILE in files:
+            try:
+                timestamp_file = hf_hub_download(
+                    repo_id=repo_id,
+                    repo_type="space",
+                    filename=REPO_TIMESTAMP_FILE,
+                    token=hf_token
+                )
+                with open(timestamp_file, "r", encoding="utf-8") as f:
+                    timestamp_str = f.read().strip()
+                timestamp = datetime.datetime.fromisoformat(timestamp_str)
+                print(f"Found backup from: {timestamp} UTC")
+                return True, timestamp
+            except Exception as e:
+                print(f"Could not read timestamp: {e}")
+                return True, None
+        return True, None
+    except Exception as e:
+        print(f"Error checking repository: {e}")
+        return False, None
+
+
+def decrypt_database_from_memory(encrypted_data, passphrase):
+    """Decrypt database directly from memory."""
+    try:
+        # Create a secure temporary directory for GPG operations
+        with tempfile.TemporaryDirectory(prefix='gpg_home_') as gpg_home:
+            os.chmod(gpg_home, 0o700)
+            
+            # Create a temporary file for the encrypted data
+            with tempfile.NamedTemporaryFile(mode='wb', suffix='.gpg', delete=False) as temp_encrypted:
+                temp_encrypted.write(encrypted_data)
+                temp_encrypted_path = temp_encrypted.name
+
+            try:
+                print(f"Decrypting database ({len(encrypted_data)} bytes)...")
+                decrypt_cmd = [
+                    "gpg",
+                    "--batch",
+                    "--yes",
+                    "--homedir", gpg_home,
+                    "--passphrase", passphrase,
+                    "--pinentry-mode", "loopback",
+                    "-d",
+                    "-o", DB_FILE_PATH,
+                    temp_encrypted_path
+                ]
+                
+                result = subprocess.run(decrypt_cmd, capture_output=True, check=True)
+                
+                if os.path.exists(DB_FILE_PATH) and os.path.getsize(DB_FILE_PATH) > 0:
+                    print(f"Database decrypted successfully ({os.path.getsize(DB_FILE_PATH)} bytes)")
+                    return True
+                else:
+                    print("Error: Decrypted database is missing or empty")
+                    return False
+                    
+            finally:
+                # Clean up the temporary encrypted file
+                if os.path.exists(temp_encrypted_path):
+                    os.unlink(temp_encrypted_path)
+                    
+    except subprocess.CalledProcessError as e:
+        print(f"Decryption failed: {e.stderr.decode()}")
+        return False
+    except Exception as e:
+        print(f"Decryption error: {e}")
+        return False
+
+
+def verify_database():
+    """Verify the restored database integrity."""
+    if not os.path.exists(DB_FILE_PATH):
+        print(f"Error: Database file not found at {DB_FILE_PATH}")
+        return False
+    
+    try:
+        print("Verifying database integrity...")
+        with sqlite3.connect(DB_FILE_PATH) as conn:
+            cursor = conn.cursor()
+            cursor.execute("PRAGMA integrity_check;")
+            result = cursor.fetchone()[0]
+            cursor.execute("SELECT name FROM sqlite_master WHERE type='table';")
+            tables = cursor.fetchall()
+            
+            if result.lower() == "ok" and len(tables) > 0:
+                print(f"Database verified: {len(tables)} tables found")
+                return True
+            print("Database verification failed")
+            return False
+    except Exception as e:
+        print(f"Database verification error: {e}")
+        return False
+
+
+def restore_db():
+    """Main restore function using in-memory approach."""
+    if not check_gpg() or not validate_environment() or not ensure_data_dir():
+        return False
+
+    passphrase = os.environ["BACKUP_PASSPHRASE"]
+    hf_token = os.environ["HF_TOKEN"]
+    space_id = os.environ["SPACE_ID"]
+    
+    backup_exists, timestamp = get_latest_backup_info(space_id, hf_token)
+    if not backup_exists:
+        print("No backup found - starting with fresh database")
+        return True
+
+    try:
+        print("Downloading encrypted database...")
+        encrypted_file = hf_hub_download(
+            repo_id=space_id,
+            repo_type="space",
+            filename=REPO_DB_GPG_FILE,
+            token=hf_token
+        )
+        
+        # Read encrypted data into memory
+        with open(encrypted_file, 'rb') as f:
+            encrypted_data = f.read()
+        
+        print(f"Downloaded encrypted data: {len(encrypted_data)} bytes")
+        
+        if not decrypt_database_from_memory(encrypted_data, passphrase):
+            print("Failed to decrypt database")
+            return False
+        
+        if not verify_database():
+            print("Failed to verify database")
+            if os.path.exists(DB_FILE_PATH):
+                os.unlink(DB_FILE_PATH)
+            return False
+        
+        print("Database restore completed successfully!")
+        return True
+        
+    except Exception as e:
+        print(f"Restore error: {e}")
+        if os.path.exists(DB_FILE_PATH):
+            os.unlink(DB_FILE_PATH)
+        return False
+
+
+if __name__ == "__main__":
+    success = restore_db()
+    sys.exit(0 if success else 1)

backend/start.sh

@@ -1,68 +1,115 @@
 #!/usr/bin/env bash
 
-SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
-cd "$SCRIPT_DIR" || exit
-
-# Add conditional Playwright browser installation
-if [[ "${WEB_LOADER_ENGINE,,}" == "playwright" ]]; then
-    if [[ -z "${PLAYWRIGHT_WS_URL}" ]]; then
-        echo "Installing Playwright browsers..."
-        playwright install chromium
-        playwright install-deps chromium
+# Ensure we're in the right directory and set up paths
+SCRIPT_DIR=$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")
+cd "$SCRIPT_DIR" || exit 1
+
+export DATA_DIR="/app/backend/data"
+export PYTHONPATH="/app/backend:${PYTHONPATH}"
+
+# Validate required environment variables
+for var in "BACKUP_PASSPHRASE" "HF_TOKEN" "SPACE_ID"; do
+    if [ -z "${!var}" ]; then
+        echo "Error: $var is not set. Required for database backup/restore."
+        exit 1
     fi
+done
 
-    python -c "import nltk; nltk.download('punkt_tab')"
+# Restore database from backup
+echo "Restoring database from backup..."
+python "$SCRIPT_DIR/scripts/restore.py"
+restore_status=$?
+if [ $restore_status -ne 0 ]; then
+    echo "Warning: Database restore failed. Starting with empty database."
 fi
 
-KEY_FILE=.webui_secret_key
-
+# Handle WebUI secret key
+KEY_FILE="$SCRIPT_DIR/.webui_secret_key"
 PORT="${PORT:-8080}"
 HOST="${HOST:-0.0.0.0}"
-if test "$WEBUI_SECRET_KEY $WEBUI_JWT_SECRET_KEY" = " "; then
-  echo "Loading WEBUI_SECRET_KEY from file, not provided as an environment variable."
-
-  if ! [ -e "$KEY_FILE" ]; then
-    echo "Generating WEBUI_SECRET_KEY"
-    # Generate a random value to use as a WEBUI_SECRET_KEY in case the user didn't provide one.
-    echo $(head -c 12 /dev/random | base64) > "$KEY_FILE"
-  fi
 
-  echo "Loading WEBUI_SECRET_KEY from $KEY_FILE"
-  WEBUI_SECRET_KEY=$(cat "$KEY_FILE")
+if test "$WEBUI_SECRET_KEY $WEBUI_JWT_SECRET_KEY" = " "; then
+    if ! [ -e "$KEY_FILE" ]; then
+        head -c 12 /dev/random | base64 > "$KEY_FILE" || exit 1
+    fi
+    WEBUI_SECRET_KEY=$(cat "$KEY_FILE") || exit 1
 fi
 
+# Start Ollama if enabled
 if [[ "${USE_OLLAMA_DOCKER,,}" == "true" ]]; then
-    echo "USE_OLLAMA is set to true, starting ollama serve."
     ollama serve &
 fi
 
+# Configure CUDA if enabled
 if [[ "${USE_CUDA_DOCKER,,}" == "true" ]]; then
-  echo "CUDA is enabled, appending LD_LIBRARY_PATH to include torch/cudnn & cublas libraries."
-  export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib/python3.11/site-packages/torch/lib:/usr/local/lib/python3.11/site-packages/nvidia/cudnn/lib"
+    export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib/python3.11/site-packages/torch/lib:/usr/local/lib/python3.11/site-packages/nvidia/cudnn/lib"
 fi
 
-# Check if SPACE_ID is set, if so, configure for space
+# Handle HuggingFace Space deployment
 if [ -n "$SPACE_ID" ]; then
-  echo "Configuring for HuggingFace Space deployment"
-  if [ -n "$ADMIN_USER_EMAIL" ] && [ -n "$ADMIN_USER_PASSWORD" ]; then
-    echo "Admin user configured, creating"
-    WEBUI_SECRET_KEY="$WEBUI_SECRET_KEY" uvicorn open_webui.main:app --host "$HOST" --port "$PORT" --forwarded-allow-ips '*' &
-    webui_pid=$!
-    echo "Waiting for webui to start..."
-    while ! curl -s http://localhost:8080/health > /dev/null; do
-      sleep 1
-    done
-    echo "Creating admin user..."
-    curl \
-      -X POST "http://localhost:8080/api/v1/auths/signup" \
-      -H "accept: application/json" \
-      -H "Content-Type: application/json" \
-      -d "{ \"email\": \"${ADMIN_USER_EMAIL}\", \"password\": \"${ADMIN_USER_PASSWORD}\", \"name\": \"Admin\" }"
-    echo "Shutting down webui..."
-    kill $webui_pid
-  fi
-
-  export WEBUI_URL=${SPACE_HOST}
+    echo "Configuring HuggingFace Space deployment"
+    if [ -n "$ADMIN_USER_EMAIL" ] && [ -n "$ADMIN_USER_PASSWORD" ]; then
+        # Start webui temporarily to create admin user
+        WEBUI_SECRET_KEY="$WEBUI_SECRET_KEY" uvicorn open_webui.main:app --host "$HOST" --port "$PORT" --forwarded-allow-ips '*' &
+        webui_pid=$!
+
+        # Wait for the server to be ready
+        while ! curl -s http://localhost:8080/health > /dev/null; do
+            echo "Waiting for WebUI to start..."
+            sleep 1
+        done
+
+        # Create the admin user
+        echo "Creating admin user: ${ADMIN_USER_EMAIL}"
+        curl \
+            -X POST "http://localhost:8080/api/v1/auths/signup" \
+            -H "accept: application/json" \
+            -H "Content-Type: application/json" \
+            -d "{ \"email\": \"${ADMIN_USER_EMAIL}\", \"password\": \"${ADMIN_USER_PASSWORD}\", \"name\": \"Admin\" }"
+
+        # Stop the temporary webui server
+        echo "Stopping temporary WebUI server..."
+        kill $webui_pid
+        wait $webui_pid 2>/dev/null # Wait for it to fully shut down
+    fi
+    # Set the public URL for Space deployments
+    export WEBUI_URL=${SPACE_HOST}
 fi
 
-WEBUI_SECRET_KEY="$WEBUI_SECRET_KEY" exec uvicorn open_webui.main:app --host "$HOST" --port "$PORT" --forwarded-allow-ips '*' --workers "${UVICORN_WORKERS:-1}"
+# Start the main web server in the background
+echo "Starting main WebUI server..."
+WEBUI_SECRET_KEY="$WEBUI_SECRET_KEY" uvicorn open_webui.main:app \
+    --host "$HOST" --port "$PORT" --forwarded-allow-ips '*' \
+    --workers "${UVICORN_WORKERS:-1}" &
+WEBUI_PID=$!
+
+# Configure and start backup scheduler in the background
+BACKUP_INITIAL_WAIT="${BACKUP_INITIAL_WAIT:-100}"
+BACKUP_INTERVAL="${BACKUP_INTERVAL:-300}"
+
+(
+    echo "Starting backup scheduler (Initial wait: ${BACKUP_INITIAL_WAIT}s, Interval: ${BACKUP_INTERVAL}s)"
+    sleep "$BACKUP_INITIAL_WAIT"
+
+    while true; do
+        echo "Running scheduled backup"
+        # Pass relevant env vars to backup script if needed
+        BACKUP_THRESHOLD_MINUTES="${BACKUP_THRESHOLD_MINUTES:-120}" \
+        python "$SCRIPT_DIR/scripts/backup.py"
+
+        if [ $? -ne 0 ]; then
+            echo "Warning: Backup failed"
+        fi
+
+        sleep "$BACKUP_INTERVAL"
+    done
+) &
+
+# Wait for the main web server process to exit
+# This keeps the script alive while the server runs and allows graceful shutdown
+echo "Web server started (PID: ${WEBUI_PID}). Waiting for it to exit..."
+wait $WEBUI_PID
+echo "Web server process ${WEBUI_PID} exited."
+
+# Optional: Add cleanup here if needed after the web server stops.
+# The background backup loop will likely be terminated when the main script exits.

db_backup/last_backup_time.txt

@@ -0,0 +1 @@
+2025-03-22T14:02:37.983192+00:00

vite.config.ts

@@ -35,7 +35,7 @@ export default defineConfig({
 		APP_BUILD_HASH: JSON.stringify(process.env.APP_BUILD_HASH || 'dev-build')
 	},
 	build: {
-		sourcemap: true
+		sourcemap: false
 	},
 	worker: {
 		format: 'es'