aidefend-mcp/docker-compose.yml at main · edward-playground/aidefend-mcp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
version: '3.8'

services:
  aidefend-mcp:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: aidefend-mcp-service
    ports:
      - "8000:8000"
    volumes:
      # Persist data across container restarts
      - aidefend-data:/app/data
    environment:
      # Override settings via environment variables
      - LOG_LEVEL=${LOG_LEVEL:-INFO}
      - SYNC_INTERVAL_SECONDS=${SYNC_INTERVAL_SECONDS:-3600}
      - ENABLE_AUTO_SYNC=${ENABLE_AUTO_SYNC:-true}
      - API_HOST=0.0.0.0
      - API_PORT=8000
      - ENABLE_RATE_LIMITING=${ENABLE_RATE_LIMITING:-true}
      - RATE_LIMIT_PER_MINUTE=${RATE_LIMIT_PER_MINUTE:-60}

      # Security: Binding to 0.0.0.0 requires authentication
      # Use ${VAR:?message} syntax to enforce checking at startup
      - AUTH_MODE=${AUTH_MODE:-api_key}
      - AIDEFEND_API_KEY=${AIDEFEND_API_KEY:?Error: AIDEFEND_API_KEY is required for Docker. Please set it in your .env file.}

    restart: unless-stopped
    healthcheck:
      test: [ "CMD", "python", "-c", "import httpx; httpx.get('http://localhost:8000/health').raise_for_status()" ]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 60s
    security_opt:
      - no-new-privileges:true
    read_only: false # Need write access for database
    tmpfs:
      - /tmp
    networks:
      - aidefend-network

volumes:
  aidefend-data:
    driver: local

networks:
  aidefend-network:
    driver: bridge