# Copyright (c) 2024-2025 Тарабанов Александр Викторович # All rights reserved. # This software is proprietary and confidential. # For licensing inquiries: info@hb3-accelerator.com services: postgres: image: postgres:16-alpine container_name: dapp-postgres restart: unless-stopped logging: driver: "json-file" options: max-size: "10m" max-file: "3" volumes: - postgres_data:/var/lib/postgresql/data - ./backend/db/data:/mnt/isic_csv_data environment: POSTGRES_DB: ${DB_NAME:-dapp_db} POSTGRES_USER: ${DB_USER:-dapp_user} POSTGRES_PASSWORD: ${DB_PASSWORD:-dapp_password} ports: - '5432:5432' # Открываем доступ к базе данных извне для разработки healthcheck: test: - CMD-SHELL - pg_isready -U ${DB_USER:-dapp_user} -d ${DB_NAME:-dapp_db} interval: 5s timeout: 5s retries: 5 ollama: build: context: . dockerfile: Dockerfile.ollama container_name: dapp-ollama restart: unless-stopped logging: driver: "json-file" options: max-size: "20m" max-file: "3" volumes: - ollama_data:/root/.ollama # ports: # - '11434:11434' # ЗАКРЫТЬ! Доступ только через backend deploy: resources: limits: cpus: '2.0' memory: 6G reservations: cpus: '1.0' memory: 4G environment: - OLLAMA_HOST=0.0.0.0 - OLLAMA_ORIGINS=* - OLLAMA_NUM_PARALLEL=2 - OLLAMA_NUM_GPU=0 - OLLAMA_KEEP_ALIVE=86400 - OLLAMA_MODEL_TIMEOUT=0 - OLLAMA_MAX_LOADED_MODELS=2 - OLLAMA_FLASH_ATTENTION=0 - OLLAMA_LLM_LIBRARY=auto healthcheck: test: ["CMD", "ollama", "list"] interval: 30s timeout: 10s retries: 5 start_period: 120s vector-search: build: context: ./vector-search dockerfile: Dockerfile container_name: dapp-vector-search restart: unless-stopped logging: driver: "json-file" options: max-size: "10m" max-file: "3" depends_on: ollama: condition: service_healthy volumes: - ./vector-search:/app - vector_search_data:/app/data environment: - OLLAMA_BASE_URL=http://ollama:11434 - OLLAMA_EMBED_MODEL=${OLLAMA_EMBEDDINGS_MODEL:-mxbai-embed-large:latest} # ports: # - '8001:8001' # Закрываем - используется только backend'ом healthcheck: test: ["CMD", "python", "-c", "import requests; requests.get('http://localhost:8001/health')"] interval: 30s timeout: 10s retries: 5 start_period: 60s backend: build: context: ./backend dockerfile: Dockerfile container_name: dapp-backend restart: unless-stopped logging: driver: "json-file" options: max-size: "5m" max-file: "2" depends_on: postgres: condition: service_healthy ollama: condition: service_healthy vector-search: condition: service_healthy volumes: - ./backend:/app - ./backend/uploads:/app/uploads - backend_node_modules:/app/node_modules - ./frontend/dist:/app/frontend_dist:ro - ./ssl:/app/ssl:ro environment: - NODE_ENV=${NODE_ENV:-development} - PORT=${PORT:-8000} - DB_HOST=postgres - DB_PORT=5432 - DB_NAME=${DB_NAME:-dapp_db} - DB_USER=${DB_USER:-dapp_user} - DB_PASSWORD=${DB_PASSWORD:-dapp_password} - >- DATABASE_URL=postgresql://${DB_USER:-dapp_user}:${DB_PASSWORD:-dapp_password}@postgres:5432/${DB_NAME:-dapp_db} - OLLAMA_BASE_URL=http://ollama:11434 - OLLAMA_MODEL=${OLLAMA_MODEL:-qwen2.5:7b} - OLLAMA_EMBEDDINGS_MODEL=${OLLAMA_EMBEDDINGS_MODEL:-qwen2.5:7b} - FRONTEND_URL=http://localhost:5173 - VECTOR_SEARCH_URL=http://vector-search:8001 # Factory адреса теперь хранятся в базе данных ports: - '8000:8000' extra_hosts: - host.docker.internal:host-gateway healthcheck: test: ["CMD", "node", "-e", "require('http').get('http://localhost:8000/api/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1) })"] interval: 30s timeout: 10s retries: 5 start_period: 60s frontend: build: context: ./frontend dockerfile: Dockerfile container_name: dapp-frontend restart: unless-stopped logging: driver: "json-file" options: max-size: "10m" max-file: "3" depends_on: backend: condition: service_healthy volumes: - ./frontend:/app - frontend_node_modules:/app/node_modules ports: - '5173:5173' # Закрываем - используем nginx command: yarn run dev -- --host 0.0.0.0 ssh-tunnel-frontend: image: alpine:3.18 container_name: ssh-tunnel-frontend volumes: - ./id_rsa:/key:ro command: > sh -c "apk add --no-cache openssh-client && ssh -i /key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -N -R 0.0.0.0:9000:host.docker.internal:9000 root@185.221.214.140" restart: unless-stopped extra_hosts: - "host.docker.internal:host-gateway" ssh-tunnel-backend: image: alpine:3.18 container_name: ssh-tunnel-backend volumes: - ./id_rsa:/key:ro command: > sh -c "apk add --no-cache openssh-client && ssh -i /key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -N -R 0.0.0.0:8000:host.docker.internal:8000 root@185.221.214.140" restart: unless-stopped extra_hosts: - "host.docker.internal:host-gateway" frontend-nginx: build: context: ./frontend dockerfile: nginx.Dockerfile container_name: dapp-frontend-nginx restart: unless-stopped ports: - "9000:80" # 9000 — порт, который пробрасывается наружу/через туннель depends_on: - backend # SSH Key Server для безопасной передачи ключей ssh-key-server: image: node:20-alpine container_name: dapp-ssh-key-server restart: unless-stopped volumes: - ./scripts/ssh-key-server.js:/app/ssh-key-server.js:ro - ./ssl:/app/ssl:ro - ~/.ssh:/root/.ssh:ro ports: - '3001:3001' command: node /app/ssh-key-server.js healthcheck: test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3001/ssh-key"] interval: 30s timeout: 10s retries: 3 # Автоматический бэкап базы данных backup-service: image: postgres:16-alpine container_name: dapp-backup-service restart: unless-stopped volumes: - ./backup-database.sh:/backup.sh:ro - ./backups:/backups - postgres_data:/var/lib/postgresql/data:ro environment: - PGPASSWORD=${DB_PASSWORD:-dapp_password} depends_on: - postgres command: > sh -c " echo 'Backup service started' while true; do sleep 86400 echo 'Starting daily backup...' /backup.sh done " volumes: postgres_data: ollama_data: vector_search_data: frontend_node_modules: backend_node_modules: