mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-04-25 16:56:22 +02:00
d9e312ddaa
- Consolidated volume mappings for SearXNG to use a single directory. - Removed unnecessary port mappings and legacy data volume definitions. - Updated web search service documentation to clarify Redis usage and circuit breaker implementation, eliminating Redis dependency for circuit breaker logic.
212 lines
7.4 KiB
YAML
212 lines
7.4 KiB
YAML
# =============================================================================
|
||
# SurfSense — Production Docker Compose
|
||
# Docs: https://docs.surfsense.com/docs/docker-installation
|
||
# =============================================================================
|
||
# Usage:
|
||
# 1. Copy .env.example to .env and edit the required values
|
||
# 2. docker compose up -d
|
||
# =============================================================================
|
||
|
||
name: surfsense
|
||
|
||
services:
|
||
db:
|
||
image: pgvector/pgvector:pg17
|
||
volumes:
|
||
- postgres_data:/var/lib/postgresql/data
|
||
- ./postgresql.conf:/etc/postgresql/postgresql.conf:ro
|
||
- ./scripts/init-electric-user.sh:/docker-entrypoint-initdb.d/init-electric-user.sh:ro
|
||
environment:
|
||
POSTGRES_USER: ${DB_USER:-surfsense}
|
||
POSTGRES_PASSWORD: ${DB_PASSWORD:-surfsense}
|
||
POSTGRES_DB: ${DB_NAME:-surfsense}
|
||
ELECTRIC_DB_USER: ${ELECTRIC_DB_USER:-electric}
|
||
ELECTRIC_DB_PASSWORD: ${ELECTRIC_DB_PASSWORD:-electric_password}
|
||
command: postgres -c config_file=/etc/postgresql/postgresql.conf
|
||
restart: unless-stopped
|
||
healthcheck:
|
||
test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-surfsense} -d ${DB_NAME:-surfsense}"]
|
||
interval: 10s
|
||
timeout: 5s
|
||
retries: 5
|
||
|
||
redis:
|
||
image: redis:8-alpine
|
||
volumes:
|
||
- redis_data:/data
|
||
command: redis-server --appendonly yes
|
||
restart: unless-stopped
|
||
healthcheck:
|
||
test: ["CMD", "redis-cli", "ping"]
|
||
interval: 10s
|
||
timeout: 5s
|
||
retries: 5
|
||
|
||
searxng:
|
||
image: searxng/searxng:2024.12.23
|
||
volumes:
|
||
- ./searxng:/etc/searxng
|
||
environment:
|
||
SEARXNG_SECRET: ${SEARXNG_SECRET:-surfsense-searxng-secret}
|
||
restart: unless-stopped
|
||
healthcheck:
|
||
test: ["CMD", "wget", "--spider", "-q", "http://localhost:8080/healthz"]
|
||
interval: 10s
|
||
timeout: 5s
|
||
retries: 5
|
||
|
||
backend:
|
||
image: ghcr.io/modsetter/surfsense-backend:${SURFSENSE_VERSION:-latest}
|
||
ports:
|
||
- "${BACKEND_PORT:-8929}:8000"
|
||
volumes:
|
||
- shared_temp:/shared_tmp
|
||
env_file:
|
||
- .env
|
||
environment:
|
||
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://${DB_USER:-surfsense}:${DB_PASSWORD:-surfsense}@${DB_HOST:-db}:${DB_PORT:-5432}/${DB_NAME:-surfsense}}
|
||
CELERY_BROKER_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_RESULT_BACKEND: ${REDIS_URL:-redis://redis:6379/0}
|
||
REDIS_APP_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_TASK_DEFAULT_QUEUE: surfsense
|
||
PYTHONPATH: /app
|
||
UVICORN_LOOP: asyncio
|
||
UNSTRUCTURED_HAS_PATCHED_LOOP: "1"
|
||
ELECTRIC_DB_USER: ${ELECTRIC_DB_USER:-electric}
|
||
ELECTRIC_DB_PASSWORD: ${ELECTRIC_DB_PASSWORD:-electric_password}
|
||
NEXT_FRONTEND_URL: ${NEXT_FRONTEND_URL:-http://localhost:${FRONTEND_PORT:-3929}}
|
||
SEARXNG_DEFAULT_HOST: ${SEARXNG_DEFAULT_HOST:-http://searxng:8080}
|
||
# Daytona Sandbox – uncomment and set credentials to enable cloud code execution
|
||
# DAYTONA_SANDBOX_ENABLED: "TRUE"
|
||
# DAYTONA_API_KEY: ${DAYTONA_API_KEY:-}
|
||
# DAYTONA_API_URL: ${DAYTONA_API_URL:-https://app.daytona.io/api}
|
||
# DAYTONA_TARGET: ${DAYTONA_TARGET:-us}
|
||
SERVICE_ROLE: api
|
||
labels:
|
||
- "com.centurylinklabs.watchtower.enable=true"
|
||
depends_on:
|
||
db:
|
||
condition: service_healthy
|
||
redis:
|
||
condition: service_healthy
|
||
searxng:
|
||
condition: service_healthy
|
||
restart: unless-stopped
|
||
healthcheck:
|
||
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
|
||
interval: 15s
|
||
timeout: 5s
|
||
retries: 30
|
||
start_period: 200s
|
||
|
||
celery_worker:
|
||
image: ghcr.io/modsetter/surfsense-backend:${SURFSENSE_VERSION:-latest}
|
||
volumes:
|
||
- shared_temp:/shared_tmp
|
||
env_file:
|
||
- .env
|
||
environment:
|
||
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://${DB_USER:-surfsense}:${DB_PASSWORD:-surfsense}@${DB_HOST:-db}:${DB_PORT:-5432}/${DB_NAME:-surfsense}}
|
||
CELERY_BROKER_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_RESULT_BACKEND: ${REDIS_URL:-redis://redis:6379/0}
|
||
REDIS_APP_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_TASK_DEFAULT_QUEUE: surfsense
|
||
PYTHONPATH: /app
|
||
ELECTRIC_DB_USER: ${ELECTRIC_DB_USER:-electric}
|
||
ELECTRIC_DB_PASSWORD: ${ELECTRIC_DB_PASSWORD:-electric_password}
|
||
SEARXNG_DEFAULT_HOST: ${SEARXNG_DEFAULT_HOST:-http://searxng:8080}
|
||
SERVICE_ROLE: worker
|
||
depends_on:
|
||
db:
|
||
condition: service_healthy
|
||
redis:
|
||
condition: service_healthy
|
||
backend:
|
||
condition: service_healthy
|
||
labels:
|
||
- "com.centurylinklabs.watchtower.enable=true"
|
||
restart: unless-stopped
|
||
|
||
celery_beat:
|
||
image: ghcr.io/modsetter/surfsense-backend:${SURFSENSE_VERSION:-latest}
|
||
env_file:
|
||
- .env
|
||
environment:
|
||
DATABASE_URL: ${DATABASE_URL:-postgresql+asyncpg://${DB_USER:-surfsense}:${DB_PASSWORD:-surfsense}@${DB_HOST:-db}:${DB_PORT:-5432}/${DB_NAME:-surfsense}}
|
||
CELERY_BROKER_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_RESULT_BACKEND: ${REDIS_URL:-redis://redis:6379/0}
|
||
CELERY_TASK_DEFAULT_QUEUE: surfsense
|
||
PYTHONPATH: /app
|
||
SERVICE_ROLE: beat
|
||
depends_on:
|
||
db:
|
||
condition: service_healthy
|
||
redis:
|
||
condition: service_healthy
|
||
celery_worker:
|
||
condition: service_started
|
||
labels:
|
||
- "com.centurylinklabs.watchtower.enable=true"
|
||
restart: unless-stopped
|
||
|
||
# flower:
|
||
# image: ghcr.io/modsetter/surfsense-backend:${SURFSENSE_VERSION:-latest}
|
||
# ports:
|
||
# - "${FLOWER_PORT:-5555}:5555"
|
||
# env_file:
|
||
# - .env
|
||
# environment:
|
||
# CELERY_BROKER_URL: ${REDIS_URL:-redis://redis:6379/0}
|
||
# CELERY_RESULT_BACKEND: ${REDIS_URL:-redis://redis:6379/0}
|
||
# PYTHONPATH: /app
|
||
# command: celery -A app.celery_app flower --port=5555
|
||
# depends_on:
|
||
# - redis
|
||
# - celery_worker
|
||
# restart: unless-stopped
|
||
|
||
electric:
|
||
image: electricsql/electric:1.4.10
|
||
ports:
|
||
- "${ELECTRIC_PORT:-5929}:3000"
|
||
environment:
|
||
DATABASE_URL: ${ELECTRIC_DATABASE_URL:-postgresql://${ELECTRIC_DB_USER:-electric}:${ELECTRIC_DB_PASSWORD:-electric_password}@${DB_HOST:-db}:${DB_PORT:-5432}/${DB_NAME:-surfsense}?sslmode=${DB_SSLMODE:-disable}}
|
||
ELECTRIC_INSECURE: "true"
|
||
ELECTRIC_WRITE_TO_PG_MODE: direct
|
||
restart: unless-stopped
|
||
depends_on:
|
||
db:
|
||
condition: service_healthy
|
||
healthcheck:
|
||
test: ["CMD", "curl", "-f", "http://localhost:3000/v1/health"]
|
||
interval: 10s
|
||
timeout: 5s
|
||
retries: 5
|
||
|
||
frontend:
|
||
image: ghcr.io/modsetter/surfsense-web:${SURFSENSE_VERSION:-latest}
|
||
ports:
|
||
- "${FRONTEND_PORT:-3929}:3000"
|
||
environment:
|
||
NEXT_PUBLIC_FASTAPI_BACKEND_URL: ${NEXT_PUBLIC_FASTAPI_BACKEND_URL:-http://localhost:${BACKEND_PORT:-8929}}
|
||
NEXT_PUBLIC_ELECTRIC_URL: ${NEXT_PUBLIC_ELECTRIC_URL:-http://localhost:${ELECTRIC_PORT:-5929}}
|
||
NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE: ${AUTH_TYPE:-LOCAL}
|
||
NEXT_PUBLIC_ETL_SERVICE: ${ETL_SERVICE:-DOCLING}
|
||
NEXT_PUBLIC_DEPLOYMENT_MODE: ${DEPLOYMENT_MODE:-self-hosted}
|
||
NEXT_PUBLIC_ELECTRIC_AUTH_MODE: ${NEXT_PUBLIC_ELECTRIC_AUTH_MODE:-insecure}
|
||
labels:
|
||
- "com.centurylinklabs.watchtower.enable=true"
|
||
depends_on:
|
||
backend:
|
||
condition: service_healthy
|
||
electric:
|
||
condition: service_healthy
|
||
restart: unless-stopped
|
||
|
||
volumes:
|
||
postgres_data:
|
||
name: surfsense-postgres
|
||
redis_data:
|
||
name: surfsense-redis
|
||
shared_temp:
|
||
name: surfsense-shared-temp
|