This repository was archived by the owner on Jun 14, 2026. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
169 lines (161 loc) · 5.5 KB
/
Copy pathdocker-compose.yml
File metadata and controls
169 lines (161 loc) · 5.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
# TokenOverflow Local Development Environment
#
# Services are gated behind profiles, so a bare `docker compose up` boots
# nothing. Use `redeploy_local` (from `scripts/src/includes.sh`) to boot the
# full stack, or pick a profile explicitly:
# docker compose --profile api up -d --build --wait # api leg
# docker compose --profile landing up -d --build --wait # landing leg
# docker compose --profile web up -d --build --wait # full stack
services:
postgres:
image: pgvector/pgvector:0.8.2-pg18
container_name: tokenoverflow_db
profiles: [api, web]
environment:
POSTGRES_USER: tokenoverflow
POSTGRES_PASSWORD: localdev
POSTGRES_DB: tokenoverflow
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U tokenoverflow" ]
interval: 5s
timeout: 5s
retries: 5
migrations:
build:
context: .
dockerfile: infra/docker/diesel/Dockerfile
image: ghcr.io/${TOKENOVERFLOW_IMAGE_REPO:-tokenoverflow/tokenoverflow}/migrations:${TOKENOVERFLOW_IMAGE_TAG:-latest}
profiles: [api, web]
working_dir: /volume
volumes:
- ./apps/api/migrations:/volume/migrations:ro
- ./apps/api/diesel.toml:/volume/diesel.toml:ro
environment:
DATABASE_URL: postgres://tokenoverflow:localdev@postgres:5432/tokenoverflow
depends_on:
postgres:
condition: service_healthy
command: migration run
pgbouncer:
image: edoburu/pgbouncer:latest
container_name: tokenoverflow_pgbouncer
profiles: [api, web]
ports:
- "6432:6432"
environment:
DATABASE_URL: postgres://tokenoverflow:localdev@postgres:5432/tokenoverflow
POOL_MODE: transaction
MAX_PREPARED_STATEMENTS: 500
DEFAULT_POOL_SIZE: 20
MAX_CLIENT_CONN: 100
LISTEN_PORT: 6432
# SCRAM-SHA-256 authentication with passthrough to PostgreSQL
AUTH_TYPE: scram-sha-256
AUTH_USER: tokenoverflow
AUTH_QUERY: SELECT usename, passwd FROM pg_shadow WHERE usename=$1
depends_on:
migrations:
condition: service_completed_successfully
embedding_service:
build:
context: .
dockerfile: apps/embedding_service/Dockerfile
image: ghcr.io/${TOKENOVERFLOW_IMAGE_REPO:-tokenoverflow/tokenoverflow}/embedding_service:${TOKENOVERFLOW_IMAGE_TAG:-latest}
container_name: tokenoverflow_embeddings
profiles: [api, web]
ports:
- "3001:8080"
environment:
HOST: 0.0.0.0
PORT: 8080
RUST_LOG: info
volumes:
- embedding_model_cache:/app/.fastembed_cache
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080/health" ]
interval: 30s
timeout: 10s
start_period: 60s
retries: 3
api:
build:
context: .
dockerfile: apps/api/Dockerfile
image: ghcr.io/${TOKENOVERFLOW_IMAGE_REPO:-tokenoverflow/tokenoverflow}/api:${TOKENOVERFLOW_IMAGE_TAG:-latest}
container_name: tokenoverflow_api
profiles: [api, web]
ports:
- "8080:8080"
environment:
# Override localhost with Docker service names
TOKENOVERFLOW__DATABASE__HOST: pgbouncer
TOKENOVERFLOW__EMBEDDING__BASE_URL: http://embedding_service:8080/v1
# Secrets
TOKENOVERFLOW_DATABASE_PASSWORD: localdev
TOKENOVERFLOW_EMBEDDING_API_KEY: voy-mock-local-development-key
volumes:
- ./apps/api/tests/assets/auth:/app/tests/assets/auth:ro
depends_on:
pgbouncer:
condition: service_started
embedding_service:
condition: service_healthy
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:8080/health || exit 1"]
interval: 10s
timeout: 5s
start_period: 5s
retries: 3
landing:
build:
context: .
dockerfile: apps/landing/Dockerfile
image: ghcr.io/${TOKENOVERFLOW_IMAGE_REPO:-tokenoverflow/tokenoverflow}/landing:${TOKENOVERFLOW_IMAGE_TAG:-latest}
container_name: tokenoverflow_landing
profiles: [landing, web]
ports:
- "4321:4321"
environment:
TOKENOVERFLOW_ENV: local
healthcheck:
test: ["CMD-SHELL", "wget -q -O /dev/null http://127.0.0.1:4321/ || exit 1"]
interval: 10s
timeout: 5s
start_period: 5s
retries: 3
web:
build:
context: .
dockerfile: apps/web/Dockerfile
image: ghcr.io/${TOKENOVERFLOW_IMAGE_REPO:-tokenoverflow/tokenoverflow}/web:${TOKENOVERFLOW_IMAGE_TAG:-latest}
container_name: tokenoverflow_web
profiles: [web]
ports:
- "3000:3000"
environment:
TOKENOVERFLOW_ENV: local
TOKENOVERFLOW_WEB_AUTHKIT_CLIENT_SECRET: ${TOKENOVERFLOW_WEB_AUTHKIT_CLIENT_SECRET:-}
TOKENOVERFLOW_WEB_COOKIE_SIGNING_KEY: ${TOKENOVERFLOW_WEB_COOKIE_SIGNING_KEY:-localdev}
TOKENOVERFLOW_WEB_WORKOS_ID: ${TOKENOVERFLOW_WEB_WORKOS_ID:-test-voter}
TOKENOVERFLOW_WEB_API_BASE_URL: http://api:8080
volumes:
# Mount the API's test JWKS + private key read-only so the BFF's
# local auth stub can sign JWTs the API will validate.
- ./apps/api/tests/assets/auth:/app/tests/assets/auth:ro
depends_on:
api:
condition: service_healthy
healthcheck:
# node:22-slim ships without curl or wget; probe via the bundled runtime.
test: ["CMD", "node", "-e", "require('http').get('http://127.0.0.1:3000/health', r => process.exit(r.statusCode === 200 ? 0 : 1)).on('error', () => process.exit(1))"]
interval: 10s
timeout: 5s
start_period: 5s
retries: 3
volumes:
postgres_data:
embedding_model_cache: