# ============================================================================= # Aegis - Production Docker Compose # ============================================================================= # # Usage: # docker-compose -f docker-compose.prod.yml up -d --build # # Note: Set environment variables in .env file or via environment # ============================================================================= services: # ── PostgreSQL Database ──────────────────────────────────────────────────── postgres: image: postgres:15-alpine container_name: aegis-postgres environment: POSTGRES_USER: ${DB_USER:-postgres} POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres} POSTGRES_DB: ${DB_NAME:-attackdb} volumes: - postgres_data:/var/lib/postgresql/data healthcheck: test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-postgres} -d ${DB_NAME:-attackdb}"] interval: 5s timeout: 5s retries: 5 restart: always networks: - aegis-network # ── MinIO Object Storage ─────────────────────────────────────────────────── minio: image: minio/minio:latest container_name: aegis-minio command: server /data --console-address ":9001" environment: MINIO_ROOT_USER: ${MINIO_ACCESS_KEY:-minioadmin} MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY:-minioadmin} volumes: - minio_data:/data healthcheck: test: ["CMD", "mc", "ready", "local"] interval: 5s timeout: 5s retries: 5 restart: always networks: - aegis-network # ── Redis ────────────────────────────────────────────────────────────────── redis: image: redis:7-alpine container_name: aegis-redis command: redis-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru volumes: - redis_data:/data healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 5s timeout: 3s retries: 5 restart: always networks: - aegis-network # ── FastAPI Backend ──────────────────────────────────────────────────────── backend: build: context: ./backend dockerfile: Dockerfile container_name: aegis-backend environment: DATABASE_URL: postgresql://${DB_USER:-postgres}:${DB_PASSWORD:-postgres}@postgres:5432/${DB_NAME:-attackdb} SECRET_KEY: ${SECRET_KEY:?Set SECRET_KEY in environment} ALGORITHM: HS256 ACCESS_TOKEN_EXPIRE_MINUTES: ${TOKEN_EXPIRE_MINUTES:-60} MINIO_ENDPOINT: minio:9000 MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY:-minioadmin} MINIO_SECRET_KEY: ${MINIO_SECRET_KEY:-minioadmin} MINIO_BUCKET: ${MINIO_BUCKET:-evidence} MINIO_SECURE: ${MINIO_SECURE:-false} REDIS_URL: redis://redis:6379/0 REDIS_TOKEN_BLACKLIST_DB: ${REDIS_TOKEN_BLACKLIST_DB:-1} REDIS_CACHE_DB: ${REDIS_CACHE_DB:-2} CORS_ORIGINS: ${CORS_ORIGINS:-} AEGIS_ENV: ${AEGIS_ENV:-production} ADMIN_USERNAME: ${ADMIN_USERNAME:-admin} ADMIN_PASSWORD: ${ADMIN_PASSWORD:-} depends_on: postgres: condition: service_healthy redis: condition: service_healthy minio: condition: service_started command: sh /app/entrypoint.prod.sh healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8000/health"] interval: 10s timeout: 5s retries: 5 restart: always networks: - aegis-network # ── React Frontend (Production with Nginx) ───────────────────────────────── frontend: build: context: ./frontend dockerfile: Dockerfile target: production container_name: aegis-frontend ports: - "${FRONTEND_PORT:-80}:80" depends_on: - backend restart: always networks: - aegis-network # ── Networks ───────────────────────────────────────────────────────────────── networks: aegis-network: driver: bridge # ── Volumes ────────────────────────────────────────────────────────────────── volumes: postgres_data: name: aegis_postgres_data_prod minio_data: name: aegis_minio_data_prod redis_data: name: aegis_redis_data_prod