Dify AI Platform Setup: Build AI Apps Without the Infrastructure Nightmare

Building AI apps shouldn't require stitching together vector databases, prompt templates, embedding pipelines, and frontend frameworks. Dify is an open-source AI application platform that handles the infrastructure so you can focus on the product. Chatbots, AI agents, RAG workflows, structured outputs — it's all there, visual and programmable. This guide shows you exactly how to set up Dify on your own server with Docker Compose, connect it to your LLM providers, and start building.

For a deeper dive into advanced RAG pipelines and production workflows, see Dify AI Platform Setup: Advanced RAG Pipelines, Agents, and Production Workflows for Real Apps. For the high-level case on why Dify beats building from scratch, check out Dify AI Platform Setup: Build and Ship AI Apps Without the Infrastructure Nightmare.

What You'll Need Before You Start

Dify orchestrates multiple services. Give it room to breathe.

VPS or server with 4 CPU cores, 8GB RAM, and 50GB disk minimum
Ubuntu 22.04/24.04 or Debian 12 with Docker 20.10+ and Docker Compose 2.24.0+
API keys for at least one LLM provider (OpenAI, Anthropic, Azure, or a local endpoint)
A domain or subdomain pointed at your server (strongly recommended for OAuth and published apps)
Basic familiarity with Docker, environment variables, and REST APIs

RAM note: Dify itself is not heavy, but if you plan to run local models via Ollama or vLLM on the same machine, 16GB is the practical minimum.

1. Deploy Dify with Docker Compose

Dify's official repo includes a ready-made Docker Compose setup with 11 services. Clone, configure, and start.

Clone and configure

git clone --branch "$(curl -s https://api.github.com/repos/langgenius/dify/releases/latest | jq -r .tag_name)" https://github.com/langgenius/dify.git
cd dify/docker
cp .env.example .env

Edit essential environment variables

Open .env and set at minimum these values:

# Security — generate before first launch
SECRET_KEY=$(openssl rand -base64 42)

# Set a password for the initial setup page
INIT_PASSWORD=your-secure-setup-password

# Public URLs — required for OAuth, emails, and published apps
CONSOLE_API_URL=https://dify.yourdomain.com
CONSOLE_WEB_URL=https://dify.yourdomain.com
APP_API_URL=https://dify.yourdomain.com
APP_WEB_URL=https://dify.yourdomain.com
SERVICE_API_URL=https://dify.yourdomain.com

# If using a custom port behind a reverse proxy
EXPOSE_NGINX_PORT=80
EXPOSE_NGINX_SSL_PORT=443

Start the stack

docker compose up -d

Dify starts 11 containers: API, web frontend, worker, worker beat, plugin daemon, Weaviate (vector DB), PostgreSQL, Redis, Nginx, SSRF proxy, and a code sandbox. Verify everything is healthy:

docker compose ps

Visit http://your-server-ip/install to complete admin account setup. You'll need the INIT_PASSWORD you set.

2. Add a Reverse Proxy with HTTPS

Dify's bundled Nginx handles internal routing, but you need a reverse proxy in front for TLS termination. Use Caddy or your existing Nginx.

Caddy (simplest)

# Caddyfile
dify.yourdomain.com {
  reverse_proxy localhost:80
}

Nginx (if you already use it)

server {
  listen 443 ssl http2;
  server_name dify.yourdomain.com;

  ssl_certificate /path/to/cert.pem;
  ssl_certificate_key /path/to/key.pem;

  location / {
    proxy_pass http://localhost:80;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

  location /socket.io/ {
    proxy_pass http://localhost:80;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
}

After setting up HTTPS, update the CONSOLE_API_URL, CONSOLE_WEB_URL, and related variables in .env to your HTTPS domain, then restart:

docker compose down
docker compose up -d

3. Connect Your LLM Providers

Dify supports OpenAI, Anthropic, Azure, Google Gemini, AWS Bedrock, Cohere, and local models via Ollama or Xinference. Add them in the Dify console under Settings → Model Providers.

OpenAI

Enter your API key. Dify auto-detects available models. Set rate limits if you're sharing the instance with a team.

Anthropic Claude

Same flow — API key, model selection, optional rate limits. Claude models work in both chat apps and agent workflows.

Local models via Ollama

If Ollama runs on the same host, use the internal Docker host address:

# In Dify console, add Ollama provider
Base URL: http://host.docker.internal:11434
Model: llama3.1:70b

If Ollama runs on a different server, use that server's IP instead.

Azure OpenAI

You'll need the API base, API key, and deployment name. Dify maps deployment names to model aliases internally.

4. Build Your First RAG Chatbot

Dify's strength is combining LLMs with your data. Here's the fastest path to a working RAG chatbot.

Create a knowledge base

Go to Knowledge → Create Knowledge
Upload documents (PDF, Word, TXT, Markdown supported)
Choose an embedding model (OpenAI text-embedding-3-small, or a local equivalent)
Select chunking strategy: automatic, custom delimiter, or semantic
Click Save & Process

Create a chat app with RAG

Go to Studio → Create from Blank → Chatbot
In the Context section, add your knowledge base
Write a system prompt that tells the bot how to use the retrieved context
Set model, temperature, and max tokens
Click Publish to get a public URL or embed code

That's it. Your chatbot now answers questions from your documents, cites sources, and stays within the bounds of your data.

5. Build an Agent Workflow

Dify's visual workflow builder lets you chain LLM calls, tool executions, HTTP requests, and conditional logic without writing code.

Example: research agent

Create a Chatflow or Workflow app
Add a Start node with a user query input
Add an LLM node to break the query into sub-questions
Add a HTTP Request node to call a search API
Add another LLM node to synthesize results
Connect nodes with conditional edges
Test in the built-in preview pane

Agents can also use Dify's built-in tools — web search, Wikipedia, Wolfram Alpha, custom APIs — or you can write your own tools in Python and register them via the plugin system.

6. Secure and Scale

Defaults are friendly. Production needs lockdown.

Enable SSO (optional)

Dify supports GitHub, Google, and generic OAuth. Set these in .env:

GITHUB_CLIENT_ID=your-github-app-id
GITHUB_CLIENT_SECRET=your-github-secret
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-secret

Requires CONSOLE_API_URL and CONSOLE_WEB_URL to be set to public HTTPS domains for callback URLs to work.

Set resource limits

# .env
APP_MAX_ACTIVE_REQUESTS=100
APP_DEFAULT_ACTIVE_REQUESTS=10
APP_MAX_EXECUTION_TIME=1200
WORKFLOW_MAX_EXECUTION_TIME=1200

Back up your data

Dify stores everything in PostgreSQL and Weaviate. Back up both:

#!/bin/bash
# /opt/dify/backup.sh

BACKUP_DIR="/opt/dify/backups"
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p $BACKUP_DIR

# PostgreSQL
docker compose exec -T db_postgres pg_dump -U postgres dify > \
  $BACKUP_DIR/dify_db_$DATE.sql

# Weaviate data
tar czf $BACKUP_DIR/dify_weaviate_$DATE.tar.gz -C /opt/dify/docker/volumes/weaviate .

# Keep last 7
ls -t $BACKUP_DIR/*.sql | tail -n +8 | xargs -r rm
ls -t $BACKUP_DIR/*.tar.gz | tail -n +8 | xargs -r rm

7. Tips, Gotchas, and Troubleshooting

Here is what breaks when you self-host Dify — and how to fix it fast.

Setup page shows 403 or won't load

If you already completed setup but the /install page is still accessible, that's expected — Dify doesn't disable it automatically. Set INIT_PASSWORD to block unauthorized access, or restrict the route at your reverse proxy.

File uploads fail or previews don't work

Set FILES_URL and CONSOLE_API_URL to your public HTTPS domain. If empty, file previews break because Dify can't generate valid signed URLs.

FILES_URL=https://dify.yourdomain.com
CONSOLE_API_URL=https://dify.yourdomain.com

WebSocket errors in workflow editor

Real-time collaboration uses WebSockets on /socket.io/. Make sure your reverse proxy forwards the Upgrade and Connection headers. The bundled Nginx does this; custom proxies often forget.

Embedding model not available

Dify requires an embedding model for knowledge bases. If you only added chat models, go to Settings → Model Providers and add an embedding-capable model like text-embedding-3-small or a local equivalent.

Container restarts with migration errors

After upgrading Dify, database migrations run automatically. If a migration fails, check that PostgreSQL is healthy and the db_postgres container is reachable:

docker compose logs db_postgres
docker compose exec db_postgres psql -U postgres -c "\dt"

High memory usage

Weaviate can consume significant RAM with large knowledge bases. If you're memory-constrained, switch to Milvus or pgvector:

cd dify/docker
cp envs/vectorstores/pgvector.env.example envs/vectorstores/pgvector.env
# Edit envs/vectorstores/pgvector.env with your settings
# Update COMPOSE_PROFILES in .env to use pgvector instead of weaviate

Closing Thoughts

Dify is the fastest way to go from idea to deployed AI application without writing boilerplate infrastructure code. RAG chatbots, agent workflows, structured outputs, multi-turn conversations — it's all visual, testable, and publishable from one interface.

The setup is straightforward: clone, configure .env, start Docker Compose, add your LLM providers, and build. From there, iterate — add knowledge bases, design workflows, integrate tools, and publish apps to your users.

If you're running Dify in production and need help with custom integrations, SSO setup, scaling to multiple instances, or migrating from another platform — reach out to our team. We design and deploy AI application infrastructure for teams that ship fast and sleep well.