143 lines
4.8 KiB
YAML
143 lines
4.8 KiB
YAML
services:
|
|
db:
|
|
image: postgres:16-alpine
|
|
environment:
|
|
POSTGRES_USER: ${POSTGRES_USER:?POSTGRES_USER must be set}
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
|
|
POSTGRES_DB: ${POSTGRES_DB:?POSTGRES_DB must be set}
|
|
volumes:
|
|
- db-data:/var/lib/postgresql/data
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:?POSTGRES_USER must be set} -d ${POSTGRES_DB:?POSTGRES_DB must be set}"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 10
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
command:
|
|
- "redis-server"
|
|
- "--appendonly"
|
|
- "yes"
|
|
- "--requirepass"
|
|
- "${REDIS_PASSWORD:?REDIS_PASSWORD must be set}"
|
|
volumes:
|
|
- redis-data:/data
|
|
|
|
typesense:
|
|
image: typesense/typesense:29.0
|
|
command:
|
|
- "--data-dir=/data"
|
|
- "--api-key=${TYPESENSE_API_KEY:?TYPESENSE_API_KEY must be set}"
|
|
- "--enable-cors"
|
|
volumes:
|
|
- typesense-data:/data
|
|
|
|
api:
|
|
build:
|
|
context: ./backend
|
|
environment:
|
|
APP_ENV: ${APP_ENV:-development}
|
|
DATABASE_URL: ${DATABASE_URL:?DATABASE_URL must be set}
|
|
REDIS_URL: ${REDIS_URL:?REDIS_URL must be set}
|
|
REDIS_SECURITY_MODE: ${REDIS_SECURITY_MODE:-auto}
|
|
REDIS_TLS_MODE: ${REDIS_TLS_MODE:-auto}
|
|
ALLOW_DEVELOPMENT_ANONYMOUS_USER_ACCESS: ${ALLOW_DEVELOPMENT_ANONYMOUS_USER_ACCESS:-true}
|
|
STORAGE_ROOT: /data/storage
|
|
ADMIN_API_TOKEN: ${ADMIN_API_TOKEN:?ADMIN_API_TOKEN must be set}
|
|
USER_API_TOKEN: ${USER_API_TOKEN:?USER_API_TOKEN must be set}
|
|
APP_SETTINGS_ENCRYPTION_KEY: ${APP_SETTINGS_ENCRYPTION_KEY:?APP_SETTINGS_ENCRYPTION_KEY must be set}
|
|
PROVIDER_BASE_URL_ALLOWLIST: '${PROVIDER_BASE_URL_ALLOWLIST:-["api.openai.com"]}'
|
|
PROVIDER_BASE_URL_ALLOW_HTTP: ${PROVIDER_BASE_URL_ALLOW_HTTP:-false}
|
|
PROVIDER_BASE_URL_ALLOW_PRIVATE_NETWORK: ${PROVIDER_BASE_URL_ALLOW_PRIVATE_NETWORK:-false}
|
|
OCR_LANGUAGES: eng,deu
|
|
PUBLIC_BASE_URL: ${PUBLIC_BASE_URL:-http://localhost:8000}
|
|
CORS_ORIGINS: '${CORS_ORIGINS:-["http://localhost:5173","http://localhost:3000"]}'
|
|
TYPESENSE_PROTOCOL: http
|
|
TYPESENSE_HOST: typesense
|
|
TYPESENSE_PORT: 8108
|
|
TYPESENSE_API_KEY: ${TYPESENSE_API_KEY:?TYPESENSE_API_KEY must be set}
|
|
TYPESENSE_COLLECTION_NAME: documents
|
|
ports:
|
|
- "${HOST_BIND_IP:-127.0.0.1}:8000:8000"
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
volumes:
|
|
- ./backend/app:/app/app
|
|
- dcm-storage:/data
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
typesense:
|
|
condition: service_started
|
|
|
|
worker:
|
|
build:
|
|
context: ./backend
|
|
command: ["sh", "-c", "rq worker dcm --url \"$REDIS_URL\""]
|
|
environment:
|
|
APP_ENV: ${APP_ENV:-development}
|
|
DATABASE_URL: ${DATABASE_URL:?DATABASE_URL must be set}
|
|
REDIS_URL: ${REDIS_URL:?REDIS_URL must be set}
|
|
REDIS_SECURITY_MODE: ${REDIS_SECURITY_MODE:-auto}
|
|
REDIS_TLS_MODE: ${REDIS_TLS_MODE:-auto}
|
|
ALLOW_DEVELOPMENT_ANONYMOUS_USER_ACCESS: ${ALLOW_DEVELOPMENT_ANONYMOUS_USER_ACCESS:-true}
|
|
STORAGE_ROOT: /data/storage
|
|
ADMIN_API_TOKEN: ${ADMIN_API_TOKEN:?ADMIN_API_TOKEN must be set}
|
|
USER_API_TOKEN: ${USER_API_TOKEN:?USER_API_TOKEN must be set}
|
|
APP_SETTINGS_ENCRYPTION_KEY: ${APP_SETTINGS_ENCRYPTION_KEY:?APP_SETTINGS_ENCRYPTION_KEY must be set}
|
|
PROVIDER_BASE_URL_ALLOWLIST: '${PROVIDER_BASE_URL_ALLOWLIST:-["api.openai.com"]}'
|
|
PROVIDER_BASE_URL_ALLOW_HTTP: ${PROVIDER_BASE_URL_ALLOW_HTTP:-false}
|
|
PROVIDER_BASE_URL_ALLOW_PRIVATE_NETWORK: ${PROVIDER_BASE_URL_ALLOW_PRIVATE_NETWORK:-false}
|
|
OCR_LANGUAGES: eng,deu
|
|
PUBLIC_BASE_URL: http://localhost:8000
|
|
TYPESENSE_PROTOCOL: http
|
|
TYPESENSE_HOST: typesense
|
|
TYPESENSE_PORT: 8108
|
|
TYPESENSE_API_KEY: ${TYPESENSE_API_KEY:?TYPESENSE_API_KEY must be set}
|
|
TYPESENSE_COLLECTION_NAME: documents
|
|
volumes:
|
|
- ./backend/app:/app/app
|
|
- dcm-storage:/data
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_started
|
|
typesense:
|
|
condition: service_started
|
|
|
|
frontend:
|
|
build:
|
|
context: ./frontend
|
|
environment:
|
|
VITE_API_BASE: ${VITE_API_BASE:-http://localhost:8000/api/v1}
|
|
VITE_API_TOKEN: ${VITE_API_TOKEN:-}
|
|
ports:
|
|
- "${HOST_BIND_IP:-127.0.0.1}:5173:5173"
|
|
volumes:
|
|
- ./frontend/src:/app/src
|
|
- ./frontend/index.html:/app/index.html
|
|
- ./frontend/vite.config.ts:/app/vite.config.ts
|
|
depends_on:
|
|
api:
|
|
condition: service_started
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_drop:
|
|
- ALL
|
|
|
|
volumes:
|
|
db-data:
|
|
redis-data:
|
|
dcm-storage:
|
|
typesense-data:
|