dograh/docker-compose.yaml

services:
  postgres:
    image: pgvector/pgvector:pg17
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: postgres
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
    ports:
      - "5432:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 3s
      timeout: 3s
      retries: 10
    networks:
      - app-network

  redis:
    image: redis:7
    ports:
      - "6379:6379"
    command: >
      --requirepass redissecret
    volumes:
      - redis_data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "-a", "redissecret", "ping"]
      interval: 3s
      timeout: 10s
      retries: 10
    networks:
      - app-network

  minio:
    image: minio/minio
    container_name: minio
    command: server /data --console-address ":9001"
    environment:
      MINIO_ROOT_USER: minioadmin
      MINIO_ROOT_PASSWORD: minioadmin
      MINIO_API_CORS_ALLOW_ORIGIN: "*"
    ports:
      - "127.0.0.1:9000:9000" # Bind to localhost explicitly
      - "127.0.0.1:9001:9001"
    volumes:
      - minio-data:/data
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - app-network

  nginx:
    image: nginx:alpine
    container_name: nginx_https
    profiles: ["remote"]
    depends_on:
      - ui
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
      - ./certs:/etc/nginx/certs:ro
    networks:
      - app-network

  api:
    image: ${REGISTRY:-dograhai}/dograh-api:latest
    volumes:
      - shared-tmp:/tmp
    environment:
      # Core application config
      ENVIRONMENT: "local"
      LOG_LEVEL: "INFO"

      # Replace this environment variable if you are using a custom
      # domain to host the stack
      BACKEND_API_ENDPOINT: "http://localhost:8000"

      # Database configuration (using containerized postgres)
      DATABASE_URL: "postgresql+asyncpg://postgres:postgres@postgres:5432/postgres"

      # Redis configuration (using containerized redis)
      REDIS_URL: "redis://:redissecret@redis:6379"

      # Storage configuration - using local MinIO
      ENABLE_AWS_S3: "false"

      # MinIO
      MINIO_ENDPOINT: "minio:9000"
      MINIO_ACCESS_KEY: "minioadmin"
      MINIO_SECRET_KEY: "minioadmin"
      MINIO_BUCKET: "voice-audio"
      MINIO_SECURE: "false"

      # Langfuse
      ENABLE_TRACING: "false"
      # LANGFUSE_SECRET_KEY: ""
      # LANGFUSE_PUBLIC_KEY: ""
      # LANGFUSE_HOST: "https://langfuse.dograh.com"

      # Sentry
      ENABLE_TELEMETRY: "${ENABLE_TELEMETRY:-true}"
      SENTRY_DSN: "https://3acdb63d5f1f70430953353b82de61e0@o4509486225096704.ingest.us.sentry.io/4510152922693632"

      # TURN server configuration (for WebRTC NAT traversal in remote server)
      # Uses time-limited credentials via TURN REST API (HMAC-SHA1)
      TURN_HOST: "${TURN_HOST:-}"
      TURN_SECRET: "${TURN_SECRET:-}"

    ports:
      - "8000:8000"
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
      minio:
        condition: service_healthy
      cloudflared:
        condition: service_started
    healthcheck:
      test:
        [
          "CMD-SHELL",
          'python -c "import urllib.request; urllib.request.urlopen(''http://localhost:8000/api/v1/health'').read()"',
        ]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 60s
    networks:
      - app-network

  ui:
    image: ${REGISTRY:-dograhai}/dograh-ui:latest
    environment:
      # Server-side URL (SSR, internal Docker network)
      BACKEND_URL: "http://api:8000"
      NODE_ENV: "oss"

      # Flag to enable/ disable posthog and sentry
      ENABLE_TELEMETRY: "${ENABLE_TELEMETRY:-true}"

      # Posthog
      POSTHOG_KEY: "phc_ItizB1dP6yv7ZYobbcqrpxTdbomDA8hJFSEmAMdYvIr"
      POSTHOG_HOST: "https://us.posthog.com"

      # Sentry
      SENTRY_DSN: "https://d9387fed5f80e90781f1dbd9b2c0994c@o4509486225096704.ingest.us.sentry.io/4510124708200448"
    ports:
      - "3010:3010"
    depends_on:
      api:
        condition: service_healthy
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "wget --no-verbose --tries=1 --spider http://localhost:3010 || exit 1",
        ]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 30s
    networks:
      - app-network

  cloudflared:
    image: cloudflare/cloudflared:latest
    container_name: cloudflared-tunnel
    command: tunnel --no-autoupdate --url http://api:8000 --metrics 0.0.0.0:2000
    ports:
      - "2000:2000" # Expose metrics endpoint
    networks:
      - app-network

  coturn:
    image: coturn/coturn:4.6.3
    container_name: coturn
    restart: unless-stopped
    profiles: ["remote"]
    ports:
      - "3478:3478/udp"
      - "3478:3478/tcp"
      - "5349:5349/udp"
      - "5349:5349/tcp"
      - "49152-49200:49152-49200/udp"
    environment:
      TURN_SECRET: ${TURN_SECRET}
      TURN_HOST: ${TURN_HOST}
    command: >
      -n
      --listening-port=3478
      --tls-listening-port=5349
      --min-port=49152
      --max-port=49200
      --realm=${TURN_REALM:-dograh.com}
      --use-auth-secret
      --static-auth-secret=${TURN_SECRET}
      --fingerprint
      --no-cli
      --log-file=stdout
      --no-multicast-peers
      --no-tlsv1
      --no-tlsv1_1
      ${TURN_HOST:+--external-ip=$TURN_HOST}
    networks:
      - app-network

volumes:
  postgres_data:
  redis_data:
  minio-data:
    driver: local
  shared-tmp:
    driver: local

networks:
  app-network:
    driver: bridge