-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
116 lines (111 loc) · 3.75 KB
/
docker-compose.yml
File metadata and controls
116 lines (111 loc) · 3.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
services:
postgres:
image: postgres:16-alpine
environment:
POSTGRES_USER: chad
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: chad
# Log level: warning (default, quiet) or log (verbose)
# Checkpoint logs disabled by default (set POSTGRES_LOG_CHECKPOINTS=on to enable)
command: ["postgres", "-c", "log_min_messages=${POSTGRES_LOG_LEVEL:-warning}", "-c", "log_checkpoints=${POSTGRES_LOG_CHECKPOINTS:-off}"]
volumes:
- pgdata:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U chad"]
interval: 5s
timeout: 5s
retries: 5
redis:
image: redis:7-alpine
restart: unless-stopped
command: redis-server --maxmemory 512mb --maxmemory-policy allkeys-lru --appendonly yes --loglevel warning
volumes:
- redis_data:/data
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
backend:
image: ghcr.io/terrifiedbug/chad/chad-backend:${VERSION:-latest}
ports:
- "8001:8001" # Direct log ingestion (bypass nginx)
command: >
sh -c "
uvicorn app.main:app --host 0.0.0.0 --port 8000 --log-level ${LOG_LEVEL:-warning} --no-access-log --workers ${UVICORN_WORKERS:-4} &
uvicorn app.main:app --host 0.0.0.0 --port 8001 --log-level ${LOG_LEVEL:-warning} --no-access-log --workers ${LOG_WORKERS:-2} &
wait
"
environment:
# Database
- POSTGRES_HOST=postgres
- POSTGRES_PORT=5432
- POSTGRES_USER=chad
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=chad
- DATABASE_POOL_SIZE=${DATABASE_POOL_SIZE:-20}
- DATABASE_MAX_OVERFLOW=${DATABASE_MAX_OVERFLOW:-40}
# Redis
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
# Security (REQUIRED - must be set in production)
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
- SESSION_SECRET_KEY=${SESSION_SECRET_KEY}
- CHAD_ENCRYPTION_KEY=${CHAD_ENCRYPTION_KEY}
# Application URL
- APP_URL=${APP_URL:-http://localhost}
# Additional allowed hosts for CSRF (comma-separated, e.g., "api.example.com,backend.example.com")
- ALLOWED_HOSTS=${ALLOWED_HOSTS:-}
# Logging (production default is warning for quiet logs)
- LOG_LEVEL=${LOG_LEVEL:-warning}
# - CHAD_SSO_ONLY=true # Enable SSO-only authentication (optional)
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
volumes:
- chad_data:/data
worker:
image: ghcr.io/terrifiedbug/chad/chad-backend:${VERSION:-latest}
command: python -m app.worker
environment:
# Database
- POSTGRES_HOST=postgres
- POSTGRES_PORT=5432
- POSTGRES_USER=chad
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=chad
- DATABASE_POOL_SIZE=${DATABASE_POOL_SIZE:-20}
- DATABASE_MAX_OVERFLOW=${DATABASE_MAX_OVERFLOW:-40}
# Redis
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
# Security (REQUIRED - must be set in production)
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
- SESSION_SECRET_KEY=${SESSION_SECRET_KEY}
- CHAD_ENCRYPTION_KEY=${CHAD_ENCRYPTION_KEY}
# Application URL (required for webhook notification URLs)
- APP_URL=${APP_URL:-http://localhost}
# Logging
- LOG_LEVEL=${LOG_LEVEL:-warning}
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
backend:
condition: service_started
volumes:
- chad_data:/data
deploy:
replicas: ${WORKER_REPLICAS:-2}
restart: unless-stopped
frontend:
image: ghcr.io/terrifiedbug/chad/chad-frontend:${VERSION:-latest}
ports:
- "80:80"
depends_on:
- backend
volumes:
pgdata:
chad_data:
redis_data: