jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
fetch_ml/docker-compose.prod.yml
Jeremie Fraeys ea15af1833 Fix multi-user authentication and clean up debug code 
- Fix YAML tags in auth config struct (json -> yaml)
- Update CLI configs to use pre-hashed API keys
- Remove double hashing in WebSocket client
- Fix port mapping (9102 -> 9103) in CLI commands
- Update permission keys to use jobs:read, jobs:create, etc.
- Clean up all debug logging from CLI and server
- All user roles now authenticate correctly:
  * Admin: Can queue jobs and see all jobs
  * Researcher: Can queue jobs and see own jobs
  * Analyst: Can see status (read-only access)

Multi-user authentication is now fully functional.
2025-12-06 12:35:32 -05:00

74 lines
2 KiB
YAML
Raw Blame History

# Full Production Docker Environment with Podman and SQLite
services:
redis:
image: redis:7-alpine
container_name: ml-prod-redis
ports:
- "6379:6379"
volumes:
- redis_prod_data:/data
restart: unless-stopped
command: redis-server --appendonly yes
healthcheck:
test: [ "CMD", "redis-cli", "ping" ]
interval: 30s
timeout: 10s
retries: 3
api-server:
build:
context: .
dockerfile: build/docker/secure-prod.Dockerfile
container_name: ml-prod-api
ports:
- "9103:9101" # API server port
- "2222:2222" # Secure SSH port for Podman communication
- "9100:9100" # Prometheus metrics
volumes:
- ./data:/app/data/experiments
- ./logs:/logs
- ./configs/config-multi-user.yaml:/app/configs/config.yaml
depends_on:
redis:
condition: service_healthy
restart: unless-stopped
environment:
- REDIS_URL=redis://redis:6379
- LOG_LEVEL=info
healthcheck:
test: [ "CMD", "curl", "-k", "https://localhost:9101/health" ]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
# Start SSH daemon for Podman communication
command: ["/usr/local/bin/api-server", "-config", "/app/configs/config.yaml"]
worker:
build:
context: .
dockerfile: build/docker/secure-prod.Dockerfile
container_name: ml-prod-worker
volumes:
- ./data:/app/data/experiments
- ./logs:/logs
- ./configs/worker-docker.yaml:/app/configs/worker.yaml
depends_on:
redis:
condition: service_healthy
api-server:
condition: service_healthy
restart: unless-stopped
environment:
- REDIS_URL=redis://redis:6379
- LOG_LEVEL=info
privileged: true # Required for Podman to work in Docker
command: ["/usr/local/bin/worker", "-config", "/app/configs/worker.yaml"]
volumes:
redis_prod_data:
driver: local
networks:
default:
name: ml-prod-network
Reference in a new issue View git blame Copy permalink