backend-google-hackathon/docker-compose.yml at dev · BitBricoleurs/backend-google-hackathon · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
services:
  # PostgreSQL Database
  postgres:
    image: pgvector/pgvector:pg16
    container_name: samu-ai-postgres
    restart: unless-stopped
    ports:
      - '5432:5432'
    environment:
      POSTGRES_USER: samu
      POSTGRES_PASSWORD: samu_password
      POSTGRES_DB: samu_triage
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ['CMD-SHELL', 'pg_isready -U samu -d samu_triage']
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - samu-network

  # Application Backend
  app:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: samu-ai-backend
    restart: unless-stopped
    ports:
      - '8080:8080'
    environment:
      NODE_ENV: ${NODE_ENV:-development}
      PORT: 8080
      LOG_LEVEL: info
      # CORS origins for staging/production (comma-separated)
      ALLOWED_ORIGINS: ${ALLOWED_ORIGINS:-}
      # Database & Redis (local Docker development)
      DATABASE_URL: postgresql://samu:samu_password@postgres:5432/samu_triage
      REDIS_URL: redis://redis:6379
      # Rate limiting
      RATE_LIMIT_WINDOW_MS: 60000
      RATE_LIMIT_MAX_REQUESTS: 100
      # Google Cloud (Service Account + Vertex AI)
      GOOGLE_APPLICATION_CREDENTIALS: /app/config/gaia-service-account-key.json
      GOOGLE_CLOUD_PROJECT: hackathon-google-451307
      GCP_PROJECT_ID: ${GCP_PROJECT_ID}
      USE_SECRET_MANAGER: ${USE_SECRET_MANAGER:-false}
      # JWT configuration (expiry only, secrets loaded from Secret Manager)
      JWT_ACCESS_TOKEN_EXPIRY: ${JWT_ACCESS_TOKEN_EXPIRY:-15m}
      JWT_REFRESH_TOKEN_EXPIRY: ${JWT_REFRESH_TOKEN_EXPIRY:-7d}
      # Cookie configuration
      COOKIE_DOMAIN: ${COOKIE_DOMAIN:-localhost}
      COOKIE_SECURE: ${COOKIE_SECURE:-false}
      # Public URL for webhooks
      PUBLIC_API_URL: ${PUBLIC_API_URL:-}
    env_file:
      - .env
    volumes:
      - ./logs:/app/logs
      - ./config:/app/config:ro
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
    networks:
      - samu-network
    healthcheck:
      test:
        [
          'CMD',
          'wget',
          '--no-verbose',
          '--tries=1',
          '--spider',
          'http://localhost:8080/health/live',
        ]
      interval: 30s
      timeout: 3s
      retries: 3

  # Redis (for caching and rate limiting)
  redis:
    image: redis:7-alpine
    container_name: samu-ai-redis
    restart: unless-stopped
    ports:
      - '6379:6379'
    volumes:
      - redis_data:/data
    healthcheck:
      test: ['CMD', 'redis-cli', 'ping']
      interval: 10s
      timeout: 3s
      retries: 5
    networks:
      - samu-network

volumes:
  postgres_data:
    driver: local
  redis_data:
    driver: local

networks:
  samu-network:
    driver: bridge