torbjorn/lovdata-chat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
05aa70c4af35bcfebc7b60fc5bdcf310b4ad3b19
lovdata-chat/docker-compose.yml
Torbjørn Lindahl 05aa70c4af connected zen
2026-02-03 00:36:22 +01:00

88 lines
2.4 KiB
YAML
Raw Blame History

version: '3.8'
services:
session-manager:
build:
context: ./session-manager
dockerfile: Dockerfile
ports:
- "8000:8000"
volumes:
# Mount TLS certificates for secure Docker API access
- ./docker/certs:/etc/docker/certs:ro
# Mount sessions directory for persistence
- ./session-manager/sessions:/app/sessions
environment:
# Docker TLS configuration
- DOCKER_TLS_VERIFY=0
- DOCKER_CERT_PATH=/etc/docker/certs
- DOCKER_HOST=http://docker-daemon:2375
# Application configuration
- MCP_SERVER=${MCP_SERVER:-http://localhost:8001}
- OPENAI_API_KEY=${OPENAI_API_KEY:-}
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}
- GOOGLE_API_KEY=${GOOGLE_API_KEY:-}
- ZEN_API_KEY=${ZEN_API_KEY:-}
# Certificate paths (configurable via environment)
- DOCKER_CA_CERT=${DOCKER_CA_CERT:-/etc/docker/certs/ca.pem}
- DOCKER_CLIENT_CERT=${DOCKER_CLIENT_CERT:-/etc/docker/certs/client-cert.pem}
- DOCKER_CLIENT_KEY=${DOCKER_CLIENT_KEY:-/etc/docker/certs/client-key.pem}
# Host configuration
- DOCKER_HOST_IP=${DOCKER_HOST_IP:-host.docker.internal}
- DOCKER_TLS_PORT=${DOCKER_TLS_PORT:-2376}
networks:
- lovdata-network
restart: unless-stopped
# Security: Run as non-root user and with no-new-privileges
security_opt:
- no-new-privileges:true
# Resource limits for security
deploy:
resources:
limits:
memory: 1G
cpus: '1.0'
# Docker daemon (non-TLS for local development)
# For production, use TLS with: ./docker/scripts/setup-docker-tls.sh
docker-daemon:
image: docker:dind
privileged: true
ports:
- "2375:2375"
volumes:
# Docker data persistence
- docker-data:/var/lib/docker
environment:
- DOCKER_TLS_CERTDIR=
networks:
- lovdata-network
restart: unless-stopped
command: --host=tcp://0.0.0.0:2375 --host=unix:///var/run/docker.sock
# lovdata-mcp server is external - configured via MCP_SERVER environment variable
caddy:
image: caddy:2.7-alpine
ports:
- "8080:80"
- "8443:443"
volumes:
- ./nginx/Caddyfile:/etc/caddy/Caddyfile
- caddy_data:/data
- caddy_config:/config
networks:
- lovdata-network
restart: unless-stopped
volumes:
caddy_data:
caddy_config: # Docker daemon data persistence
docker-data:
networks:
lovdata-network:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink