mcp-awareness/docker-compose.yaml at main · cmeans/mcp-awareness · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# Stable deployment — named tunnel, persistent data, published image
name: mcp-awareness

services:
  mcp-awareness:
    image: ghcr.io/cmeans/mcp-awareness:latest
    pull_policy: always
    container_name: mcp-awareness
    restart: unless-stopped
    ports:
      - "127.0.0.1:8420:8420"
    environment:
      - AWARENESS_MOUNT_PATH=${AWARENESS_MOUNT_PATH:-}
      - AWARENESS_DATABASE_URL=${AWARENESS_DATABASE_URL:-}
      - AWARENESS_AUTH_REQUIRED=${AWARENESS_AUTH_REQUIRED:-false}
      - AWARENESS_JWT_SECRET=${AWARENESS_JWT_SECRET:-}
      - AWARENESS_JWT_ALGORITHM=${AWARENESS_JWT_ALGORITHM:-HS256}
      - AWARENESS_OAUTH_ISSUER=${AWARENESS_OAUTH_ISSUER:-}
      - AWARENESS_OAUTH_AUDIENCE=${AWARENESS_OAUTH_AUDIENCE:-}
      - AWARENESS_OAUTH_USER_CLAIM=${AWARENESS_OAUTH_USER_CLAIM:-sub}
      - AWARENESS_OAUTH_AUTO_PROVISION=${AWARENESS_OAUTH_AUTO_PROVISION:-false}
      - AWARENESS_PUBLIC_URL=${AWARENESS_PUBLIC_URL:-}
      - AWARENESS_DEFAULT_OWNER=${AWARENESS_DEFAULT_OWNER:-}
      - AWARENESS_EMBEDDING_PROVIDER=${AWARENESS_EMBEDDING_PROVIDER:-}
      - AWARENESS_EMBEDDING_MODEL=${AWARENESS_EMBEDDING_MODEL:-granite-embedding:278m}
      - AWARENESS_OLLAMA_URL=${AWARENESS_OLLAMA_URL:-http://ollama:11434}
    depends_on:
      postgres:
        condition: service_healthy
    deploy:
      resources:
        limits:
          cpus: '0.1'
          memory: 64M
    healthcheck:
      test: ["CMD", "python", "-c", "import socket; s = socket.create_connection(('localhost', 8420), timeout=2); s.close()"]
      interval: 10s
      timeout: 10s
      retries: 3
      start_period: 15s

  # Named tunnel — stable URL (see docs/deployment-guide.md)
  # Requires: cloudflared tunnel login + tunnel create
  # To use quick tunnel instead: docker compose --profile quick up -d mcp-awareness tunnel-quick
  tunnel:
    image: cloudflare/cloudflared:latest
    container_name: awareness-tunnel
    restart: unless-stopped
    command: tunnel --no-autoupdate run
    volumes:
      - ${CLOUDFLARED_CONFIG:-~/.cloudflared}/config.yml:/etc/cloudflared/config.yml:ro
      # Set CLOUDFLARED_CREDS to your tunnel credentials file path
      # (e.g., ~/.cloudflared/<tunnel-id>.json from 'cloudflared tunnel create')
      - ${CLOUDFLARED_CREDS:?Set CLOUDFLARED_CREDS to your tunnel credentials file}:/etc/cloudflared/credentials.json:ro
    depends_on:
      mcp-awareness:
        condition: service_healthy
    deploy:
      resources:
        limits:
          cpus: '0.05'
          memory: 64M

  postgres:
    image: pgvector/pgvector:pg17
    container_name: awareness-postgres
    restart: unless-stopped
    environment:
      POSTGRES_DB: awareness
      POSTGRES_USER: awareness
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-awareness-dev}
      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
    volumes:
      - ${AWARENESS_PG_DATA:-~/awareness-pg}:/var/lib/postgresql/data
    # Uncomment to access Postgres directly (e.g., for debugging)
    # ports:
    #   - "5432:5432"
    command:
      - postgres
      - -c
      - wal_level=logical
      - -c
      - max_replication_slots=4
      - -c
      - shared_preload_libraries=pg_stat_statements
    deploy:
      resources:
        limits:
          cpus: '0.5'
          memory: 256M
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U awareness"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 10s

  # Ollama — local embedding model for semantic search
  # Usage: docker compose --profile embeddings up -d
  # Model is pulled automatically on first start (cached in volume for restarts).
  ollama:
    image: ollama/ollama:latest
    container_name: awareness-ollama
    restart: unless-stopped
    entrypoint: ["/bin/sh", "-c"]
    command:
      - |
        # Start Ollama server in background
        ollama serve &
        # Wait for server to be ready
        until ollama list > /dev/null 2>&1; do sleep 1; done
        # Pull model if not already cached
        ollama pull ${AWARENESS_EMBEDDING_MODEL:-granite-embedding:278m}
        # Keep container alive (wait on background server)
        wait
    environment:
      - AWARENESS_EMBEDDING_MODEL=${AWARENESS_EMBEDDING_MODEL:-granite-embedding:278m}
    volumes:
      - ${AWARENESS_OLLAMA_DATA:-~/awareness-ollama}:/root/.ollama
    deploy:
      resources:
        limits:
          cpus: '1.0'
          memory: 2G
    healthcheck:
      test: ["CMD-SHELL", "ollama list | grep -q ${AWARENESS_EMBEDDING_MODEL:-granite-embedding:278m}"]
      interval: 30s
      timeout: 10s
      retries: 10
      start_period: 60s
    profiles:
      - embeddings

  # Quick tunnel — ephemeral URL, no account needed
  # Usage: docker compose up mcp-awareness tunnel-quick
  tunnel-quick:
    image: cloudflare/cloudflared:latest
    container_name: awareness-tunnel-quick
    command: tunnel --no-autoupdate --url http://mcp-awareness:8420
    depends_on:
      mcp-awareness:
        condition: service_healthy
    deploy:
      resources:
        limits:
          cpus: '0.05'
          memory: 64M
    profiles:
      - quick