AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8d7a50abbe
nis2-agile/docker/docker-compose.yml
DevEnv nis2-agile 94d7867cea [FIX] Qdrant URL hostname drift-proof (RAG produzione) + recreate app 
L'IP hardcoded Qdrant 172.21.0.5 era driftato a .3 (container senza IP statico) e
con php-fpm clear_env=no la env QDRANT_URL=172.21.0.5 (morta) veniva usata -> RAG web rotta.
Fix: QDRANT_URL e fallback VectorService usano l'hostname http://nis2-qdrant:6333,
risolto via Docker DNS sia in CLI sia in php-fpm. Verificato retrieval end-to-end (287 chunk).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-29 17:22:54 +02:00

117 lines
4.1 KiB
YAML
Raw Blame History

version: '3.8'
services:
# ── PHP-FPM Application ──────────────────────────────────────────────────
app:
build:
context: ..
dockerfile: docker/Dockerfile
container_name: nis2-app
restart: unless-stopped
mem_limit: 256m
volumes:
- ../application:/var/www/nis2-agile/application
- ../public:/var/www/nis2-agile/public
- nis2-uploads:/var/www/nis2-agile/public/uploads
- /opt/devenv/scripts/vault-entrypoint.sh:/usr/local/bin/vault-entrypoint.sh:ro
env_file:
- ../.env
environment:
- APP_ENV=${APP_ENV:-production}
- APP_DEBUG=${APP_DEBUG:-false}
- DB_HOST=db
- DB_PORT=3306
- DB_NAME=${DB_NAME:-nis2_agile_db}
- DB_USER=${DB_USER:-nis2_user}
- DB_PASS=${DB_PASS}
- JWT_SECRET=${JWT_SECRET}
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
- VOYAGE_API_KEY=${VOYAGE_API_KEY}
- VOYAGE_MODEL=${VOYAGE_MODEL:-voyage-3-lite}
- QDRANT_URL=http://nis2-qdrant:6333
- VAULT_STEWARD_URL=https://vault-steward:8443
- VAULT_APP_TOKEN=${VAULT_APP_TOKEN_NIS2}
- VAULT_PREFIX=tier1__nis2-app__
- VAULT_REQUIRED=true
entrypoint: ["/usr/local/bin/vault-entrypoint.sh"]
command: ["docker-php-entrypoint", "php-fpm"]
networks:
- nis2-network
- vault-net
depends_on:
db:
condition: service_healthy
# ── Nginx Web Server ─────────────────────────────────────────────────────
web:
image: nginx:1.27-alpine
container_name: nis2-web
restart: unless-stopped
mem_limit: 128m
ports:
- "${WEB_PORT:-8080}:8080"
volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
- ../public:/var/www/nis2-agile/public:ro
- nis2-uploads:/var/www/nis2-agile/public/uploads:ro
networks:
- nis2-network
depends_on:
- app
# ── MySQL Database ───────────────────────────────────────────────────────
db:
image: mysql:8.0
container_name: nis2-db
restart: unless-stopped
mem_limit: 512m
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-rootpass}
MYSQL_DATABASE: ${DB_NAME:-nis2_agile_db}
MYSQL_USER: ${DB_USER:-nis2_user}
MYSQL_PASSWORD: ${DB_PASS}
ports:
- "127.0.0.1:${DB_EXPOSE_PORT:-3307}:3306"
volumes:
- nis2-db-data:/var/lib/mysql
- ../docs/sql/001_initial_schema.sql:/docker-entrypoint-initdb.d/001_initial_schema.sql:ro
- ../docs/sql/002_email_log.sql:/docker-entrypoint-initdb.d/002_email_log.sql:ro
- ../docs/sql/003_voluntary_compliance.sql:/docker-entrypoint-initdb.d/003_voluntary_compliance.sql:ro
- ../docs/sql/004_ncr_capa.sql:/docker-entrypoint-initdb.d/004_ncr_capa.sql:ro
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p${DB_ROOT_PASSWORD:-rootpass}"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
networks:
- nis2-network
# -- Qdrant Vector DB (Migration 012-014: KB multi-livello) --
qdrant:
image: qdrant/qdrant:v1.7.4
container_name: nis2-qdrant
restart: unless-stopped
mem_limit: 512m
volumes:
- nis2-qdrant-data:/qdrant/storage
networks:
- nis2-network
# ── Volumes ──────────────────────────────────────────────────────────────
volumes:
nis2-db-data:
driver: local
nis2-uploads:
driver: local
nis2-qdrant-data:
driver: local
# ── Networks ─────────────────────────────────────────────────────────────
networks:
nis2-network:
driver: bridge
vault-net:
external: true
name: vault-net
Reference in New Issue View Git Blame Copy Permalink