Aegis/docker-compose.yml

# =============================================================================
# Aegis - MITRE ATT&CK Coverage Platform (Development)
# =============================================================================
# 
# Quick Start:
#   docker-compose up -d
#
# Access:
#   - Frontend:      http://localhost:5173
#   - Backend API:   http://localhost:8000
#   - Swagger UI:    http://localhost:8000/docs
#   - MinIO Console: http://localhost:9001 (minioadmin/minioadmin)
#
# Admin credentials are auto-generated on first start — check the
# backend container logs:  docker-compose logs backend | grep -A5 "Admin"
# =============================================================================

services:
  # ── PostgreSQL Database ────────────────────────────────────────────────────
  postgres:
    image: postgres:15-alpine
    container_name: aegis-postgres
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
      POSTGRES_DB: attackdb
    ports:
      - "5433:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres -d attackdb"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  # ── MinIO Object Storage ───────────────────────────────────────────────────
  minio:
    image: minio/minio:latest
    container_name: aegis-minio
    command: server /data --console-address ":9001"
    environment:
      MINIO_ROOT_USER: minioadmin
      MINIO_ROOT_PASSWORD: minioadmin
    ports:
      - "9000:9000"   # API
      - "9001:9001"   # Console
    volumes:
      - minio_data:/data
    healthcheck:
      test: ["CMD", "mc", "ready", "local"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  # ── FastAPI Backend ────────────────────────────────────────────────────────
  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    container_name: aegis-backend
    ports:
      - "8000:8000"
    environment:
      # Database
      DATABASE_URL: postgresql://postgres:postgres@postgres:5432/attackdb
      # Security — SECRET_KEY is left unset so an ephemeral key is
      # auto-generated for local development (see backend logs for warning).
      # Set it explicitly if you need persistent sessions across restarts.
      ALGORITHM: HS256
      ACCESS_TOKEN_EXPIRE_MINUTES: 60
      # MinIO
      MINIO_ENDPOINT: minio:9000
      MINIO_ACCESS_KEY: minioadmin
      MINIO_SECRET_KEY: minioadmin
      MINIO_BUCKET: evidence
      MINIO_SECURE: "false"
    depends_on:
      postgres:
        condition: service_healthy
      minio:
        condition: service_started
    volumes:
      - ./backend:/app
    command: sh /app/entrypoint.sh
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  # ── React Frontend (Development) ───────────────────────────────────────────
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      target: development
    container_name: aegis-frontend
    ports:
      - "5173:5173"
    environment:
      # Vite environment variables
      VITE_API_URL: http://localhost:8000/api/v1
    depends_on:
      - backend
    volumes:
      - ./frontend:/app
      - /app/node_modules  # Prevent overwriting node_modules
    restart: unless-stopped

# ── Volumes ──────────────────────────────────────────────────────────────────
volumes:
  postgres_data:
    name: aegis_postgres_data
  minio_data:
    name: aegis_minio_data