# Full Production Docker Environment with Podman and SQLite services: caddy: image: caddy:2-alpine container_name: ml-prod-caddy restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./Caddyfile.prod:/etc/caddy/Caddyfile:ro - ${FETCHML_REPO_ROOT:-.}/data/prod/caddy/data:/data - ${FETCHML_REPO_ROOT:-.}/data/prod/caddy/config:/config environment: - FETCHML_DOMAIN=${FETCHML_DOMAIN} - CADDY_EMAIL=${CADDY_EMAIL} depends_on: api-server: condition: service_healthy redis: image: redis:7-alpine container_name: ml-prod-redis user: "999:999" expose: - "6379" volumes: - ${FETCHML_REPO_ROOT:-.}/data/prod/redis:/data restart: unless-stopped command: redis-server --appendonly yes healthcheck: test: [ "CMD", "redis-cli", "ping" ] interval: 30s timeout: 10s retries: 3 api-server: build: context: ${FETCHML_REPO_ROOT:-.} dockerfile: ${FETCHML_REPO_ROOT:-.}/build/docker/secure-prod.Dockerfile container_name: ml-prod-api expose: - "9101" # API server port (internal; external access via Caddy) - "2222" # Secure SSH port for Podman communication (internal) volumes: - ${FETCHML_REPO_ROOT:-.}/data/prod/experiments:/app/data/experiments - ${FETCHML_REPO_ROOT:-.}/data/prod/active:/data/active - ${FETCHML_REPO_ROOT:-.}/data/prod/logs:/logs - ${FETCHML_REPO_ROOT:-.}/configs/api/multi-user.yaml:/app/configs/api/prod.yaml depends_on: redis: condition: service_healthy restart: unless-stopped environment: - LOG_LEVEL=info healthcheck: test: [ "CMD", "curl", "-f", "http://localhost:9101/health" ] interval: 30s timeout: 10s retries: 3 start_period: 40s # Start API server (ensure data_dir exists for snapshot/dataset validation) command: ["/bin/sh", "-c", "mkdir -p /data/active/datasets /data/active/snapshots && exec /usr/local/bin/api-server -config /app/configs/api/prod.yaml"] minio: image: minio/minio:latest container_name: ml-prod-minio expose: - "9000" - "9001" volumes: - ${FETCHML_REPO_ROOT:-.}/data/prod/minio:/data environment: - MINIO_ROOT_USER=${MINIO_ROOT_USER:-minioadmin} - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD:-minioadmin123} command: ["server", "/data", "--console-address", ":9001"] restart: unless-stopped minio-init: image: alpine:3.19 container_name: ml-prod-minio-init depends_on: - minio entrypoint: ["/bin/sh", "-c"] command: - | apk add --no-cache ca-certificates curl >/dev/null curl -fsSL -o /usr/local/bin/mc https://dl.min.io/client/mc/release/linux-amd64/mc chmod +x /usr/local/bin/mc mc alias set local http://minio:9000 ${MINIO_ROOT_USER:-minioadmin} ${MINIO_ROOT_PASSWORD:-minioadmin123} mc mb -p local/fetchml-snapshots || true restart: "no" worker: build: context: ${FETCHML_REPO_ROOT:-.} dockerfile: ${FETCHML_REPO_ROOT:-.}/build/docker/simple.Dockerfile container_name: ml-prod-worker volumes: - ${FETCHML_REPO_ROOT:-.}/data/prod/experiments:/app/data/experiments - ${FETCHML_REPO_ROOT:-.}/data/prod/active:/data/active - ${FETCHML_REPO_ROOT:-.}/data/prod/logs:/logs - ${FETCHML_REPO_ROOT:-.}/configs/workers/docker-prod.yaml:/app/configs/worker.yaml depends_on: redis: condition: service_healthy api-server: condition: service_healthy minio-init: condition: service_started restart: unless-stopped environment: - LOG_LEVEL=info - MINIO_ROOT_USER=${MINIO_ROOT_USER:-minioadmin} - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD:-minioadmin123} privileged: true # Required for Podman to work in Docker command: ["/usr/local/bin/worker", "-config", "/app/configs/worker.yaml"] volumes: {} networks: default: name: ml-prod-network