obsidian-graph/docker-compose.yml at master · drewburchfield/obsidian-graph · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
services:
  obsidian-graph:
    build: .
    image: obsidian-graph
    container_name: obsidian-graph
    stdin_open: true
    tty: true
    depends_on:
      postgres:
        condition: service_healthy
    environment:
      - POSTGRES_HOST=obsidian-graph-pgvector
      - POSTGRES_PORT=5432
      - POSTGRES_DB=obsidian_graph
      - POSTGRES_USER=obsidian
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - VOYAGE_API_KEY=${VOYAGE_API_KEY}
      - OBSIDIAN_VAULT_PATH=/vault
      - OBSIDIAN_WATCH_ENABLED=${OBSIDIAN_WATCH_ENABLED:-true}
      - OBSIDIAN_DEBOUNCE_SECONDS=${OBSIDIAN_DEBOUNCE_SECONDS:-30}
      # Polling mode: auto-enabled in Docker for reliable cloud sync support
      # Set to 'false' to use native filesystem events (may miss changes with iCloud/GDrive)
      - OBSIDIAN_WATCH_USE_POLLING=${OBSIDIAN_WATCH_USE_POLLING:-}
      - OBSIDIAN_WATCH_POLLING_INTERVAL=${OBSIDIAN_WATCH_POLLING_INTERVAL:-30}
      - POSTGRES_MIN_CONNECTIONS=${POSTGRES_MIN_CONNECTIONS:-5}
      - POSTGRES_MAX_CONNECTIONS=${POSTGRES_MAX_CONNECTIONS:-20}
      - EMBEDDING_BATCH_SIZE=${EMBEDDING_BATCH_SIZE:-128}
      - EMBEDDING_REQUESTS_PER_MINUTE=${EMBEDDING_REQUESTS_PER_MINUTE:-300}
      - MCP_SERVER_NAME=${MCP_SERVER_NAME:-obsidian-graph}
      - MCP_SERVER_VERSION=${MCP_SERVER_VERSION:-1.0.0}
      - LOG_LEVEL=${LOG_LEVEL:-INFO}
    volumes:
      # Mount your Obsidian vault here (read-only for safety)
      - "${OBSIDIAN_VAULT_PATH:-./example-vault}:/vault:ro"
      # Persist embeddings cache
      - obsidian-graph-cache:/home/mcpuser/.obsidian-graph/data
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL
    restart: unless-stopped

  postgres:
    image: pgvector/pgvector:pg15
    container_name: obsidian-graph-pgvector
    environment:
      - POSTGRES_DB=obsidian_graph
      - POSTGRES_USER=obsidian
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
    volumes:
      - obsidian-postgres-data:/var/lib/postgresql/data
      - ./src/schema.sql:/docker-entrypoint-initdb.d/schema.sql:ro
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U obsidian -d obsidian_graph"]
      interval: 5s
      timeout: 5s
      retries: 5
    # Security hardening
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - DAC_OVERRIDE
      - FOWNER
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped

networks:
  default:
    name: obsidian-graph

volumes:
  obsidian-postgres-data:
  obsidian-graph-cache: