-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
138 lines (119 loc) · 3.61 KB
/
docker-compose.yml
File metadata and controls
138 lines (119 loc) · 3.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# OpenRustClaw Production Docker Compose
# Full stack deployment with SQLite persistence
services:
openrustclaw:
build:
context: .
dockerfile: Dockerfile
target: runtime
image: openrustclaw:latest
container_name: openrustclaw
restart: unless-stopped
# Environment variables
environment:
# Core settings
- RUST_LOG=${RUST_LOG:-info}
- APP_ENV=production
# Gateway
- GATEWAY_HOST=0.0.0.0
- GATEWAY_PORT=${GATEWAY_PORT:-18789}
- GATEWAY_ALLOWED_ORIGINS=${GATEWAY_ALLOWED_ORIGINS:-http://localhost:3000}
# Database
- DATABASE_URL=sqlite:///app/data/openrustclaw.db
- DATABASE_WAL_MODE=true
# LLM Provider API Keys (required)
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY:-}
- OPENAI_API_KEY=${OPENAI_API_KEY:-}
- OPENROUTER_API_KEY=${OPENROUTER_API_KEY:-}
- OLLAMA_BASE_URL=${OLLAMA_BASE_URL:-http://localhost:11434}
# LangSmith Observability (optional)
- LANGSMITH_API_KEY=${LANGSMITH_API_KEY:-}
- LANGSMITH_PROJECT=${LANGSMITH_PROJECT:-openrustclaw}
- LANGSMITH_ENDPOINT=${LANGSMITH_ENDPOINT:-https://api.smith.langchain.com}
# Security
- AUTH_SECRET=${AUTH_SECRET:-change-me-in-production}
- SKILL_SIGNING_KEY=${SKILL_SIGNING_KEY:-}
# Scheduler
- SCHEDULER_POLL_INTERVAL_MS=${SCHEDULER_POLL_INTERVAL_MS:-1000}
- SCHEDULER_LEASE_DURATION_SECS=${SCHEDULER_LEASE_DURATION_SECS:-60}
ports:
# Gateway WebSocket/HTTP port
- "${GATEWAY_PORT:-18789}:18789"
# Prometheus metrics port (optional)
- "127.0.0.1:9090:9090"
volumes:
# SQLite database persistence
- openrustclaw_data:/app/data
# Optional: Mount custom config
- ${CONFIG_PATH:-./config}:/app/config:ro
# Optional: Mount skills directory
- ${SKILLS_PATH:-./skills}:/app/skills:ro
# Optional: Mount logs
- ${LOGS_PATH:-./logs}:/app/logs
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:18789/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
# Resource limits
deploy:
resources:
limits:
cpus: '2.0'
memory: 2G
reservations:
cpus: '0.5'
memory: 512M
# Graceful shutdown
stop_grace_period: 30s
stop_signal: SIGTERM
# Logging
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "3"
labels: "openrustclaw"
# Security
security_opt:
- no-new-privileges:true
read_only: false # Required for SQLite WAL mode
tmpfs:
- /tmp:noexec,nosuid,size=100m
# Optional: Nginx reverse proxy for production
nginx:
image: nginx:alpine
container_name: openrustclaw-nginx
restart: unless-stopped
profiles:
- with-proxy
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/ssl:/etc/nginx/ssl:ro
- certbot_data:/etc/letsencrypt
depends_on:
- openrustclaw
networks:
- openrustclaw-network
# Optional: Certbot for SSL certificates
certbot:
image: certbot/certbot
container_name: openrustclaw-certbot
profiles:
- with-ssl
volumes:
- certbot_data:/etc/letsencrypt
- ./nginx/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
networks:
openrustclaw-network:
driver: bridge
volumes:
openrustclaw_data:
driver: local
certbot_data:
driver: local