ragbot/docker-compose.yml at main · synthesisengineering/ragbot · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
services:
  # OpenTelemetry trace collector + viewer. Receives OTLP gRPC from the
  # ragbot-api container's tracer (Phase 4 / Phase 5 observability work)
  # and renders the per-request span tree at http://localhost:16686.
  # Production deployments swap this out for the operator's preferred
  # backend (Honeycomb, Phoenix, Tempo, Datadog APM, etc.) by setting
  # OTEL_EXPORTER_OTLP_ENDPOINT on ragbot-api.
  jaeger:
    image: jaegertracing/all-in-one:1.76.0
    container_name: ragbot-jaeger
    ports:
      - "127.0.0.1:16686:16686"   # Jaeger UI
      - "127.0.0.1:4317:4317"     # OTLP gRPC receiver
      - "127.0.0.1:4318:4318"     # OTLP HTTP receiver
    environment:
      COLLECTOR_OTLP_ENABLED: "true"
    restart: unless-stopped
    networks:
      - ragbot-network

  postgres:
    image: pgvector/pgvector:pg16
    container_name: ragbot-postgres
    environment:
      POSTGRES_DB: ${POSTGRES_DB:-ragbot}
      POSTGRES_USER: ${POSTGRES_USER:-ragbot}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-ragbot_dev_password_change_me}
      # Listen on all interfaces inside the container; the network firewall
      # is the docker-compose network boundary.
      PGDATA: /var/lib/postgresql/data/pgdata
    ports:
      # Expose to host for ragbot CLI running natively. Bind to 127.0.0.1 only.
      - "127.0.0.1:5433:5432"
    volumes:
      - ragbot-postgres-data:/var/lib/postgresql/data
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-ragbot} -d ${POSTGRES_DB:-ragbot}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 5s
    networks:
      - ragbot-network

  ragbot-api:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: ragbot-api
    depends_on:
      postgres:
        condition: service_healthy
    ports:
      - "8000:8000"
    environment:
      RAGBOT_DATABASE_URL: ${RAGBOT_DATABASE_URL:-postgresql://ragbot:ragbot_dev_password_change_me@postgres:5432/ragbot}
      # Point LiteLLM at a host-side Ollama daemon (the container's own
      # localhost is the container, not the host). host.docker.internal is
      # the canonical hostname for the host on Docker Desktop (macOS,
      # Windows) and recent Docker Engine on Linux. Override if Ollama runs
      # elsewhere (e.g., a LAN-shared inference server).
      OLLAMA_API_BASE: ${OLLAMA_API_BASE:-http://host.docker.internal:11434}
      # Demo mode: when set to 1, discovery hard-isolates to the bundled
      # demo/ workspace and the demo skill pack so screenshots, docs, and
      # cold-start evaluations all run against the same content. Default
      # is unset (production behaviour). Passed through from the host
      # env (`RAGBOT_DEMO=1 docker compose up -d`).
      RAGBOT_DEMO: ${RAGBOT_DEMO:-}
      # Opt-in scheduler (Phase 4 + 5). When set to 1, the lifespan
      # handler starts the synthesis_engine.tasks.SchedulerLoop so
      # cron-style routines (memory.consolidate_recent_idle, etc.) fire.
      RAGBOT_SCHEDULER: ${RAGBOT_SCHEDULER:-}
      # OpenTelemetry trace export. The bundled jaeger service receives
      # OTLP gRPC on port 4317 and exposes the UI on port 16686. Override
      # OTEL_EXPORTER_OTLP_ENDPOINT to point at an external collector
      # (Honeycomb, Phoenix, Tempo, Datadog APM, etc.).
      OTEL_EXPORTER_OTLP_ENDPOINT: ${OTEL_EXPORTER_OTLP_ENDPOINT:-http://jaeger:4317}
      OTEL_SERVICE_NAME: ${OTEL_SERVICE_NAME:-ragbot-api}
      OTEL_EXPORTER_OTLP_PROTOCOL: ${OTEL_EXPORTER_OTLP_PROTOCOL:-grpc}
      # Disable OTLP metric export by default. Jaeger only accepts traces
      # over OTLP; sending metrics there prints UNIMPLEMENTED errors on
      # every export interval. Prometheus exposition at /api/metrics works
      # regardless. Operators with a real OTLP-metrics-accepting collector
      # (Prometheus OTLP receiver, Phoenix, Datadog OTLP) override this to
      # the collector's URL.
      OTEL_EXPORTER_OTLP_METRICS_ENDPOINT: ${OTEL_EXPORTER_OTLP_METRICS_ENDPOINT:-none}
    volumes:
      # Persistent session storage
      - ragbot-sessions:/root/.local/share/ragbot/sessions

      # Mount the synthesis-engineering shared config home.
      # Contains: keys.yaml (API keys, read at request time), ragbot.yaml
      # (user prefs incl. default_workspace, pinned_models, recent_models),
      # console.yaml (synthesis-console sources, used for repo discovery).
      # Mounted read-write so the preferences API can persist updates to
      # ragbot.yaml. The host enforces 0600 on keys.yaml; the container
      # runs the chat path which already reads keys, so the additional
      # write capability does not materially weaken the threat model.
      - ~/.synthesis:/root/.synthesis

      # Legacy config home (read-only fallback). The keystore reads
      # ~/.config/ragbot/keys.yaml when ~/.synthesis/keys.yaml is absent,
      # so existing setups that pre-date the synthesis-engineering move
      # keep working without migration. Writes always target ~/.synthesis/.
      - ~/.config/ragbot:/root/.config/ragbot:ro

      # Mount workspaces for ai-knowledge repo discovery (repos distributed across workspaces)
      - ~/workspaces:/root/workspaces:ro

      # Mount engines.yaml to use latest model configurations
      - ./engines.yaml:/app/engines.yaml:ro

      # Mount source code for development (optional - comment out for production)
      - ./src:/app/src:ro
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "python3", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s
    networks:
      - ragbot-network
    command: ["uvicorn", "src.api.main:app", "--host", "0.0.0.0", "--port", "8000"]

  ragbot-web:
    build:
      context: ./web
      dockerfile: Dockerfile
      target: dev
    container_name: ragbot-web
    ports:
      - "3000:3000"
    volumes:
      # Mount source for hot reload in development
      - ./web:/app
      # Named volume to preserve node_modules from image
      - ragbot-web-node-modules:/app/node_modules
    environment:
      - NEXT_PUBLIC_API_URL=http://localhost:8000
    restart: unless-stopped
    depends_on:
      - ragbot-api
    networks:
      - ragbot-network

volumes:
  ragbot-sessions:
    driver: local
  ragbot-postgres-data:
    driver: local
  ragbot-web-node-modules:
    driver: local

networks:
  ragbot-network:
    driver: bridge