agentgraph/docker-compose.prod.yml at main · agentgraph-co/agentgraph · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# =============================================================================
# AgentGraph Production — Docker Compose
# =============================================================================
# See docs/deployment.md for instance sizing, swap setup, and upgrade path.
# Monitoring: ./scripts/check-capacity.sh, ./scripts/health-check-prod.sh
# =============================================================================

services:
  nginx:
    image: nginx:alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./web/dist:/usr/share/nginx/html:ro
      - /etc/letsencrypt:/etc/letsencrypt:ro
    depends_on:
      - backend
    restart: unless-stopped
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "5"
    deploy:
      resources:
        limits:
          memory: 64M

  backend:
    build:
      context: .
      dockerfile: Dockerfile
    env_file:
      - .env.production
      - .env.secrets
    expose:
      - "8000"
    command: >
      uvicorn src.main:app
      --host 0.0.0.0
      --port 8000
      --workers 2
      --log-level warning
      --proxy-headers
      --forwarded-allow-ips="172.16.0.0/12"
    volumes:
      - ./digest_history.json:/app/digest_history.json:ro
      - ./data/launch-scans:/app/data/launch-scans:ro
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-sf", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 30s
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "5"
    deploy:
      resources:
        limits:
          memory: 1280M

  postgres:
    image: postgres:16-alpine
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-agentgraph}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?POSTGRES_PASSWORD must be set}
      POSTGRES_DB: ${POSTGRES_DB:-agentgraph}
    expose:
      - "5432"
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-agentgraph}"]
      interval: 10s
      timeout: 5s
      retries: 5
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "5"
    shm_size: '256mb'
    deploy:
      resources:
        limits:
          memory: 1536M

  redis:
    image: redis:7-alpine
    volumes:
      - redis-data:/data
    command: >
      redis-server --appendonly yes --maxmemory 100mb
      --maxmemory-policy allkeys-lru
      --requirepass ${REDIS_PASSWORD:?REDIS_PASSWORD must be set}
    expose:
      - "6379"
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "REDISCLI_AUTH=$REDIS_PASSWORD redis-cli ping"]
      interval: 10s
      timeout: 5s
      retries: 5
    logging:
      driver: json-file
      options:
        max-size: "10m"
        max-file: "5"
    deploy:
      resources:
        limits:
          memory: 128M

volumes:
  postgres-data:
  redis-data: