108 lines
3.0 KiB
YAML
108 lines
3.0 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
# Backend API
|
|
backend:
|
|
build:
|
|
context: .
|
|
dockerfile: apps/backend/Dockerfile
|
|
restart: unless-stopped
|
|
environment:
|
|
- NODE_ENV=production
|
|
- PORT=3000
|
|
- DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@db:5432/dreamchat
|
|
- JWT_SECRET=${JWT_SECRET}
|
|
- JWT_EXPIRES_IN=${JWT_EXPIRES_IN:-1h}
|
|
- JWT_REFRESH_EXPIRES_IN=${JWT_REFRESH_EXPIRES_IN:-7d}
|
|
- LLM_PROVIDER=${LLM_PROVIDER}
|
|
- LLM_API_KEY=${LLM_API_KEY}
|
|
- LLM_MODEL=${LLM_MODEL}
|
|
- EMBEDDING_PROVIDER=${EMBEDDING_PROVIDER:-local}
|
|
- EMBEDDING_MODEL=${EMBEDDING_MODEL:-Xenova/all-MiniLM-L6-v2}
|
|
- EMBEDDING_DIMENSION=${EMBEDDING_DIMENSION:-384}
|
|
- EMBEDDING_DEVICE=${EMBEDDING_DEVICE:-cpu}
|
|
- HUGGINGFACE_API_KEY=${HUGGINGFACE_API_KEY}
|
|
# Keycloak Configuration
|
|
- KEYCLOAK_ENABLED=${KEYCLOAK_ENABLED:-false}
|
|
- KEYCLOAK_URL=${KEYCLOAK_URL:-}
|
|
- KEYCLOAK_REALM=${KEYCLOAK_REALM:-}
|
|
- KEYCLOAK_CLIENT_ID=${KEYCLOAK_CLIENT_ID:-}
|
|
- KEYCLOAK_CLIENT_SECRET=${KEYCLOAK_CLIENT_SECRET:-}
|
|
# Keycloak Authorization
|
|
- KEYCLOAK_REQUIRED_GROUP=${KEYCLOAK_REQUIRED_GROUP:-}
|
|
- KEYCLOAK_REQUIRED_ROLE=${KEYCLOAK_REQUIRED_ROLE:-}
|
|
- KEYCLOAK_REQUIRED_CLIENT_ROLE=${KEYCLOAK_REQUIRED_CLIENT_ROLE:-}
|
|
- KEYCLOAK_REQUIRED_ATTRIBUTE=${KEYCLOAK_REQUIRED_ATTRIBUTE:-}
|
|
# Keycloak Auto-Create
|
|
- KEYCLOAK_AUTO_CREATE_USER=${KEYCLOAK_AUTO_CREATE_USER:-true}
|
|
- KEYCLOAK_DEFAULT_USER_ROLE=${KEYCLOAK_DEFAULT_USER_ROLE:-USER}
|
|
ports:
|
|
- "3000:3000"
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
volumes:
|
|
- backend-logs:/app/logs
|
|
- model-cache:/app/models
|
|
networks:
|
|
- dreamchat-network
|
|
healthcheck:
|
|
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/health"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
|
|
# Frontend (static files served via 'serve')
|
|
# Note: External reverse proxy expected for SSL and path routing
|
|
frontend:
|
|
build:
|
|
context: .
|
|
dockerfile: apps/frontend/Dockerfile
|
|
restart: unless-stopped
|
|
ports:
|
|
- "3001:3000"
|
|
environment:
|
|
- VITE_API_URL=/api
|
|
- VITE_WS_URL=/ws
|
|
depends_on:
|
|
- backend
|
|
networks:
|
|
- dreamchat-network
|
|
|
|
# Database
|
|
db:
|
|
image: ankane/pgvector:latest
|
|
restart: unless-stopped
|
|
environment:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
|
POSTGRES_DB: dreamchat
|
|
volumes:
|
|
- postgres-data:/var/lib/postgresql/data
|
|
networks:
|
|
- dreamchat-network
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
# Redis (optional, for session storage and caching)
|
|
redis:
|
|
image: redis:7-alpine
|
|
restart: unless-stopped
|
|
volumes:
|
|
- redis-data:/data
|
|
networks:
|
|
- dreamchat-network
|
|
|
|
volumes:
|
|
postgres-data:
|
|
redis-data:
|
|
backend-logs:
|
|
model-cache:
|
|
|
|
networks:
|
|
dreamchat-network:
|
|
driver: bridge
|