fixed findings from review
This commit is contained in:
@@ -1,40 +1,53 @@
|
||||
# Lovdata Chat Development Environment
|
||||
|
||||
This setup creates a container-per-visitor architecture for the Norwegian legal research chat interface.
|
||||
This setup creates a container-per-visitor architecture for the Norwegian legal research chat interface with secure TLS-based Docker communication.
|
||||
|
||||
## Quick Start
|
||||
|
||||
1. **Set up environment variables:**
|
||||
1. **Generate TLS certificates for secure Docker communication:**
|
||||
```bash
|
||||
cp .env.example .env
|
||||
# Edit .env with your API keys
|
||||
./generate-certs.sh
|
||||
```
|
||||
|
||||
2. **Start the services:**
|
||||
2. **Set up environment variables:**
|
||||
```bash
|
||||
cp .env.example .env
|
||||
# Edit .env with your API keys and MCP server URL
|
||||
```
|
||||
|
||||
3. **Start the services:**
|
||||
```bash
|
||||
docker-compose up --build
|
||||
```
|
||||
|
||||
3. **Create a session:**
|
||||
4. **Create a session:**
|
||||
```bash
|
||||
curl http://localhost/api/sessions -X POST
|
||||
```
|
||||
|
||||
4. **Access the chat interface:**
|
||||
5. **Access the chat interface:**
|
||||
Open the returned URL in your browser
|
||||
|
||||
## Architecture
|
||||
|
||||
- **session-manager**: FastAPI service managing container lifecycles
|
||||
- **lovdata-mcp**: Placeholder for Norwegian legal research MCP server
|
||||
- **caddy**: Reverse proxy for routing requests to session containers
|
||||
- **session-manager**: FastAPI service managing container lifecycles with TLS-secured Docker communication
|
||||
- **docker-daemon**: Docker-in-Docker daemon with TLS certificates for secure container management
|
||||
- **lovdata-mcp**: External Norwegian legal research MCP server (configured via MCP_SERVER env var)
|
||||
- **caddy**: Reverse proxy with dynamic session-based routing
|
||||
|
||||
## Security Features
|
||||
|
||||
- **TLS-secured Docker communication**: No Docker socket exposure
|
||||
- **Container isolation**: Each visitor gets dedicated container with resource limits
|
||||
- **Automatic cleanup**: Sessions expire after 60 minutes of inactivity
|
||||
- **Resource quotas**: 4GB RAM, 1 CPU core per container, max 3 concurrent sessions
|
||||
|
||||
## Development Notes
|
||||
|
||||
- Sessions auto-cleanup after 60 minutes of inactivity
|
||||
- Limited to 3 concurrent sessions for workstation development
|
||||
- Each session gets 4GB RAM and 1 CPU core
|
||||
- Session data persists in ./sessions/ directory
|
||||
- TLS certificates auto-generated for development
|
||||
- External MCP server configured via environment variables
|
||||
- Health checks ensure service reliability
|
||||
|
||||
## API Endpoints
|
||||
|
||||
@@ -43,4 +56,17 @@ This setup creates a container-per-visitor architecture for the Norwegian legal
|
||||
- `GET /api/sessions/{id}` - Get session info
|
||||
- `DELETE /api/sessions/{id}` - Delete session
|
||||
- `POST /api/cleanup` - Manual cleanup
|
||||
- `GET /api/health` - Health check
|
||||
- `GET /api/health` - Health check
|
||||
- `/{path}` - Dynamic proxy routing (with X-Session-ID header)
|
||||
|
||||
## Environment Variables
|
||||
|
||||
```bash
|
||||
# Required
|
||||
MCP_SERVER=http://your-lovdata-mcp-server:8001
|
||||
|
||||
# Optional LLM API keys
|
||||
OPENAI_API_KEY=your_key
|
||||
ANTHROPIC_API_KEY=your_key
|
||||
GOOGLE_API_KEY=your_key
|
||||
```
|
||||
Reference in New Issue
Block a user