FilesExpand file tree

 main

/

docker-compose.yml

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

85 lines (79 loc) · 2.31 KB

 main

/

docker-compose.yml

Top

File metadata and controls

• Code
• Blame

85 lines (79 loc) · 2.31 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

services:

ui:

build:

context: .

dockerfile: Dockerfile.frontend

ports:

- "${WARDEN_HTTP_PORT:-80}:80"

depends_on:

- api

api:

build: .

command: uvicorn api.main:app --host 0.0.0.0 --port 8000

expose:

- "8000"

env_file: .env

environment:

# Auto-assemble DATABASE_URL from POSTGRES_* vars so users only set the

# password once. This overrides any DATABASE_URL in .env.

- DATABASE_URL=postgresql://${POSTGRES_USER:-vuln}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB:-vuln_orchestrator}

- WARDEN_HTTP_PORT=${WARDEN_HTTP_PORT:-80}

- WARDEN_HTTPS_PORT=${WARDEN_HTTPS_PORT:-443}

depends_on:

db:

condition: service_healthy

redis:

condition: service_healthy

volumes:

- .:/app

worker:

build: .

command: celery -A orchestrator.scheduler.celery_app worker --loglevel=info

env_file: .env

environment:

- DATABASE_URL=postgresql://${POSTGRES_USER:-vuln}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB:-vuln_orchestrator}

depends_on:

db:

condition: service_healthy

redis:

condition: service_healthy

volumes:

- .:/app

beat:

build: .

command: celery -A orchestrator.scheduler.celery_app beat --loglevel=info

env_file: .env

environment:

- DATABASE_URL=postgresql://${POSTGRES_USER:-vuln}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB:-vuln_orchestrator}

depends_on:

- redis

volumes:

- .:/app

db:

image: postgres:16-alpine

environment:

POSTGRES_DB: ${POSTGRES_DB:-vuln_orchestrator}

POSTGRES_USER: ${POSTGRES_USER:-vuln}

POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set in .env}

# Do NOT expose port 5432 to the host in production — only the API container needs it

expose:

- "5432"

volumes:

- postgres_data:/var/lib/postgresql/data

healthcheck:

test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-vuln} -d ${POSTGRES_DB:-vuln_orchestrator}"]

interval: 5s

timeout: 5s

retries: 5

redis:

image: redis:7-alpine

# Do NOT expose Redis to the host in production

expose:

- "6379"

healthcheck:

test: ["CMD", "redis-cli", "ping"]

interval: 5s

timeout: 3s

retries: 5

volumes:

postgres_data: