Docs
⚙️ Configuration
CDN
Azure Blob Storage CDN

Azure Blob Storage CDN Setup

Azure Blob Storage offers scalable, secure object storage that can be used as a CDN for your static assets such as images, CSS, and JavaScript. Follow these steps to configure your Azure Blob Storage for LibreChat.

1. Create an Azure Storage Account

  1. Sign in to Azure:

    • Open the Azure Portal and sign in with your Microsoft account.

  2. Create a Storage Account:

    • Click on “Create a resource” and search for “Storage account”.
    • Click “Create” and fill in the required details:
      • Subscription & Resource Group: Choose your subscription and either select an existing resource group or create a new one.
      • Storage Account Name: Enter a unique name (e.g., mylibrechatstorage).
      • Region: Select the region closest to your users.
      • Performance & Redundancy: Choose the performance tier and redundancy level that best suit your needs.
    • Click “Review + Create” and then “Create”. Wait until the deployment completes.

2. Set Up Authentication

You have two options for authenticating with your Azure Storage Account:

Option A: Using a Connection String

  1. Navigate to Access Keys:

    • In your newly created storage account, go to “Access keys” in the sidebar.

  2. Copy Connection String:

    • Copy one of the connection strings provided. This string includes the credentials required to connect to your Blob Storage account.

Option B: Using Managed Identity

If your LibreChat application is running on an Azure service that supports Managed Identity (such as an Azure VM, App Service, or AKS), you can use that instead of a connection string.

  1. Assign Managed Identity:

    • Ensure your Azure resource (VM, App Service, or AKS) has a system-assigned or user-assigned Managed Identity enabled.

  2. Grant Storage Permissions:

    • In your storage account, assign the Storage Blob Data Contributor (or a similarly scoped role) to your Managed Identity. This allows your application to access Blob Storage without a connection string.

3. Update Your Environment Variables

Create or update your .env file in your project’s root with the following configuration:

.env
# Option A: Using a Connection String
AZURE_STORAGE_CONNECTION_STRING=DefaultEndpointsProtocol=https;AccountName=yourAccountName;AccountKey=yourAccountKey;EndpointSuffix=core.windows.net
 
# Option B: Using Managed Identity (do not set the connection string if using Managed Identity)
AZURE_STORAGE_ACCOUNT_NAME=yourAccountName
 
AZURE_STORAGE_PUBLIC_ACCESS=false
AZURE_CONTAINER_NAME=files
  • AZURE_STORAGE_CONNECTION_STRING: Set this if you are using Option A.
  • AZURE_STORAGE_ACCOUNT_NAME: Set this if you are using Option B (Managed Identity). Do not set both.
  • AZURE_STORAGE_PUBLIC_ACCESS: Set to false if you do not want your blobs to be publicly accessible by default. Set to true if you need public access (for example, for publicly viewable images).
  • AZURE_CONTAINER_NAME: This is the container name your application will use (e.g., files). The application will automatically create this container if it doesn’t exist.

4. Configure LibreChat to Use Azure Blob Storage

Update your LibreChat configuration file (librechat.yaml) to specify that the application should use Azure Blob Storage for file handling:

librechat.yaml
version: 1.0.8
cache: true
fileStrategy: "azure"

This setting tells LibreChat to use the Azure Blob Storage implementation provided in your code.

Summary

  1. Create a Storage Account:
    Sign in to the Azure Portal, create a storage account, and wait for deployment to finish.

  2. Set Up Authentication:

  • Option A: Retrieve the connection string from “Access keys” in your storage account.
  • Option B: Use Managed Identity by enabling it on your Azure resource and granting it appropriate storage permissions.
  1. Update Environment Variables:
    In your .env file, set either:
  • AZURE_STORAGE_CONNECTION_STRING (for Option A), or
  • AZURE_STORAGE_ACCOUNT_NAME (for Option B), along with:
  • AZURE_STORAGE_PUBLIC_ACCESS and
  • AZURE_CONTAINER_NAME.
  1. Configure LibreChat:
    Set fileStrategy to "azure" in your librechat.yaml configuration file.

With these steps, your LibreChat application will automatically create the container (if it doesn’t exist) and manage file uploads, downloads, and deletions using Azure Blob Storage as your CDN. Managed Identity provides a secure alternative by eliminating the need for long-term credentials.

ℹ️
Note

Always ensure that your connection string remains secure and never commit it to a public repository. Adjust the public access setting as needed based on your application’s security requirements.

Amazon S3 CDNFirebase CDN