2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2026-03-02 15:46:43 +08:00
|
|
|
|
# DeepAudit Docker Compose 配置
|
2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2026-02-27 08:58:36 +08:00
|
|
|
|
|
|
|
|
|
|
# 共享环境变量定义
|
|
|
|
|
|
x-shared-env:
|
|
|
|
|
|
# 基础信息
|
|
|
|
|
|
&shared-env
|
|
|
|
|
|
PROJECT_NAME: DeepAudit
|
|
|
|
|
|
SECRET_KEY: ${SECRET_KEY}
|
|
|
|
|
|
ALGORITHM: ${ALGORITHM:-HS256}
|
|
|
|
|
|
# 数据库
|
|
|
|
|
|
POSTGRES_SERVER: ${POSTGRES_SERVER:-db}
|
|
|
|
|
|
POSTGRES_USER: ${POSTGRES_USER:-postgres}
|
|
|
|
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
|
|
|
|
|
|
POSTGRES_DB: ${POSTGRES_DB:-deepaudit}
|
|
|
|
|
|
# LLM
|
|
|
|
|
|
LLM_PROVIDER: ${LLM_PROVIDER:-openai}
|
|
|
|
|
|
LLM_MODEL: ${LLM_MODEL:-qwen3-coder-flash}
|
|
|
|
|
|
LLM_API_KEY: ${LLM_API_KEY}
|
|
|
|
|
|
LLM_BASE_URL: ${LLM_BASE_URL}
|
|
|
|
|
|
LLM_TIMEOUT: ${LLM_TIMEOUT:-300}
|
|
|
|
|
|
LLM_TEMPERATURE: ${LLM_TEMPERATURE:-0.7}
|
|
|
|
|
|
LLM_MAX_TOKENS: ${LLM_MAX_TOKENS:-32768}
|
|
|
|
|
|
LLM_CONCURRENCY: ${LLM_CONCURRENCY:-20}
|
|
|
|
|
|
LLM_GAP_MS: ${LLM_GAP_MS:-0}
|
|
|
|
|
|
# LLM 各平台独立配置
|
|
|
|
|
|
OPENAI_API_KEY: ${OPENAI_API_KEY}
|
|
|
|
|
|
OPENAI_BASE_URL: ${OPENAI_BASE_URL}
|
|
|
|
|
|
GEMINI_API_KEY: ${GEMINI_API_KEY}
|
|
|
|
|
|
CLAUDE_API_KEY: ${CLAUDE_API_KEY}
|
|
|
|
|
|
QWEN_API_KEY: ${QWEN_API_KEY}
|
|
|
|
|
|
DEEPSEEK_API_KEY: ${DEEPSEEK_API_KEY}
|
|
|
|
|
|
ZHIPU_API_KEY: ${ZHIPU_API_KEY}
|
|
|
|
|
|
MOONSHOT_API_KEY: ${MOONSHOT_API_KEY}
|
|
|
|
|
|
BAIDU_API_KEY: ${BAIDU_API_KEY}
|
|
|
|
|
|
MINIMAX_API_KEY: ${MINIMAX_API_KEY}
|
|
|
|
|
|
DOUBAO_API_KEY: ${DOUBAO_API_KEY}
|
|
|
|
|
|
OLLAMA_BASE_URL: ${OLLAMA_BASE_URL}
|
|
|
|
|
|
# Agent & Redis
|
|
|
|
|
|
AGENT_ENABLED: ${AGENT_ENABLED:-true}
|
|
|
|
|
|
AGENT_MAX_ITERATIONS: ${AGENT_MAX_ITERATIONS:-5}
|
|
|
|
|
|
AGENT_TIMEOUT: ${AGENT_TIMEOUT:-1800}
|
|
|
|
|
|
REDIS_URL: ${REDIS_URL:-redis://redis:6379/0}
|
|
|
|
|
|
# Embedding
|
|
|
|
|
|
EMBEDDING_PROVIDER: ${EMBEDDING_PROVIDER:-openai}
|
|
|
|
|
|
EMBEDDING_MODEL: ${EMBEDDING_MODEL:-text-embedding-v4}
|
|
|
|
|
|
EMBEDDING_DIMENSION: ${EMBEDDING_DIMENSION:-1024}
|
|
|
|
|
|
EMBEDDING_API_KEY: ${EMBEDDING_API_KEY}
|
|
|
|
|
|
EMBEDDING_BASE_URL: ${EMBEDDING_BASE_URL}
|
|
|
|
|
|
# 向量数据库
|
|
|
|
|
|
VECTOR_DB_TYPE: ${VECTOR_DB_TYPE:-chroma}
|
|
|
|
|
|
CHROMA_PERSIST_DIRECTORY: ${CHROMA_PERSIST_DIRECTORY:-./data/chroma}
|
|
|
|
|
|
# Gitea
|
|
|
|
|
|
GITEA_HOST_URL: ${GITEA_HOST_URL}
|
|
|
|
|
|
GITEA_TOKEN: ${GITEA_TOKEN}
|
|
|
|
|
|
GITEA_BOT_TOKEN: ${GITEA_BOT_TOKEN}
|
|
|
|
|
|
GITEA_WEBHOOK_SECRET: ${GITEA_WEBHOOK_SECRET}
|
|
|
|
|
|
# 沙箱
|
|
|
|
|
|
SANDBOX_MEMORY_LIMIT: ${SANDBOX_MEMORY_LIMIT:-512m}
|
|
|
|
|
|
SANDBOX_CPU_LIMIT: ${SANDBOX_CPU_LIMIT:-1.0}
|
|
|
|
|
|
SANDBOX_TIMEOUT: ${SANDBOX_TIMEOUT:-30}
|
2025-12-14 21:25:11 +08:00
|
|
|
|
|
2025-10-23 00:13:48 +08:00
|
|
|
|
services:
|
2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2025-12-15 15:18:55 +08:00
|
|
|
|
# 核心基础服务
|
2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2025-12-15 10:24:58 +08:00
|
|
|
|
|
2025-11-26 21:11:12 +08:00
|
|
|
|
db:
|
|
|
|
|
|
image: postgres:15-alpine
|
2025-12-15 10:24:58 +08:00
|
|
|
|
restart: unless-stopped
|
2025-11-26 21:11:12 +08:00
|
|
|
|
volumes:
|
|
|
|
|
|
- postgres_data:/var/lib/postgresql/data
|
|
|
|
|
|
environment:
|
2026-02-27 08:58:36 +08:00
|
|
|
|
POSTGRES_USER: ${POSTGRES_USER:-postgres}
|
|
|
|
|
|
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
|
|
|
|
|
|
POSTGRES_DB: ${POSTGRES_DB:-deepaudit}
|
2025-10-23 00:13:48 +08:00
|
|
|
|
ports:
|
2025-11-26 21:11:12 +08:00
|
|
|
|
- "5432:5432"
|
2025-10-23 00:13:48 +08:00
|
|
|
|
healthcheck:
|
2025-12-16 14:53:48 +08:00
|
|
|
|
test: [ "CMD-SHELL", "pg_isready -U postgres" ]
|
2025-11-26 21:11:12 +08:00
|
|
|
|
interval: 5s
|
|
|
|
|
|
timeout: 5s
|
|
|
|
|
|
retries: 5
|
2025-11-28 20:43:26 +08:00
|
|
|
|
networks:
|
2025-12-08 21:35:09 +08:00
|
|
|
|
- deepaudit-network
|
2025-11-26 21:11:12 +08:00
|
|
|
|
|
|
|
|
|
|
backend:
|
2025-12-05 20:51:22 +08:00
|
|
|
|
build:
|
2025-11-26 21:11:12 +08:00
|
|
|
|
context: ./backend
|
2026-01-07 17:14:03 +08:00
|
|
|
|
image: code-review:backend
|
2025-12-15 10:24:58 +08:00
|
|
|
|
restart: unless-stopped
|
2026-01-06 13:34:38 +08:00
|
|
|
|
# 允许容器通过 host.docker.internal 访问宿主机
|
|
|
|
|
|
extra_hosts:
|
|
|
|
|
|
- "host.docker.internal:host-gateway"
|
2025-11-26 21:11:12 +08:00
|
|
|
|
volumes:
|
2025-12-05 20:51:22 +08:00
|
|
|
|
- backend_uploads:/app/uploads
|
2026-01-06 13:48:14 +08:00
|
|
|
|
- chroma_data:/app/data/vector_db
|
2026-01-06 17:05:05 +08:00
|
|
|
|
- ci_workspace:/app/data/ci_workspace
|
|
|
|
|
|
- ci_vectordb:/app/data/ci_vectordb
|
2025-12-16 14:53:48 +08:00
|
|
|
|
- /var/run/docker.sock:/var/run/docker.sock # 沙箱执行必须
|
2025-11-26 21:11:12 +08:00
|
|
|
|
ports:
|
|
|
|
|
|
- "8000:8000"
|
2025-11-28 20:34:15 +08:00
|
|
|
|
env_file:
|
2026-02-27 08:58:36 +08:00
|
|
|
|
- .env
|
2025-11-26 21:11:12 +08:00
|
|
|
|
environment:
|
2026-02-27 08:58:36 +08:00
|
|
|
|
<<: *shared-env
|
|
|
|
|
|
DATABASE_URL: postgresql+asyncpg://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@db:5432/${POSTGRES_DB:-deepaudit}
|
|
|
|
|
|
SANDBOX_ENABLED: ${SANDBOX_ENABLED:-true}
|
|
|
|
|
|
SANDBOX_IMAGE: ${SANDBOX_IMAGE:-deepaudit/sandbox:latest}
|
|
|
|
|
|
OUTPUT_LANGUAGE: ${OUTPUT_LANGUAGE:-zh-CN}
|
2025-11-26 21:11:12 +08:00
|
|
|
|
depends_on:
|
|
|
|
|
|
db:
|
|
|
|
|
|
condition: service_healthy
|
2025-12-15 15:18:55 +08:00
|
|
|
|
redis:
|
|
|
|
|
|
condition: service_healthy
|
2025-11-28 20:43:26 +08:00
|
|
|
|
networks:
|
2025-12-08 21:35:09 +08:00
|
|
|
|
- deepaudit-network
|
2025-11-26 21:11:12 +08:00
|
|
|
|
|
|
|
|
|
|
frontend:
|
|
|
|
|
|
build:
|
|
|
|
|
|
context: ./frontend
|
2026-01-07 17:14:03 +08:00
|
|
|
|
image: code-review:frontend
|
2025-12-15 10:24:58 +08:00
|
|
|
|
restart: unless-stopped
|
2025-12-17 11:02:42 +08:00
|
|
|
|
volumes:
|
2026-02-26 15:42:31 +08:00
|
|
|
|
# - ./frontend/dist:/usr/share/nginx/html:ro # 挂载构建产物,本地 pnpm build 后自动生效,在dockerfile中已经COPY了
|
2026-01-06 13:48:14 +08:00
|
|
|
|
- ./frontend/nginx.conf:/etc/nginx/conf.d/default.conf:ro # 挂载 nginx 配置
|
2025-11-26 21:11:12 +08:00
|
|
|
|
ports:
|
2026-01-05 15:34:22 +08:00
|
|
|
|
- "83:80" # Nginx 监听 80 端口
|
2025-12-16 14:53:48 +08:00
|
|
|
|
environment:
|
2026-02-27 08:58:36 +08:00
|
|
|
|
VITE_API_BASE_URL: ${VITE_API_BASE_URL:-/api/v1}
|
|
|
|
|
|
VITE_APP_ID: ${VITE_APP_ID:-deepaudit}
|
2025-11-26 21:11:12 +08:00
|
|
|
|
depends_on:
|
|
|
|
|
|
- backend
|
2025-11-28 20:43:26 +08:00
|
|
|
|
networks:
|
2025-12-08 21:35:09 +08:00
|
|
|
|
- deepaudit-network
|
2025-11-28 20:43:26 +08:00
|
|
|
|
|
2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2025-12-15 15:18:55 +08:00
|
|
|
|
# Agent 服务必须组件
|
2025-12-14 21:25:11 +08:00
|
|
|
|
# =============================================
|
2025-12-15 10:24:58 +08:00
|
|
|
|
|
2025-12-14 21:25:11 +08:00
|
|
|
|
redis:
|
|
|
|
|
|
image: redis:7-alpine
|
2025-12-15 10:24:58 +08:00
|
|
|
|
restart: unless-stopped
|
2025-12-14 21:25:11 +08:00
|
|
|
|
ports:
|
2026-02-27 08:58:36 +08:00
|
|
|
|
- "${REDIS_PORT:-6379}:6379"
|
2025-12-14 21:25:11 +08:00
|
|
|
|
volumes:
|
|
|
|
|
|
- redis_data:/data
|
|
|
|
|
|
healthcheck:
|
2025-12-16 14:53:48 +08:00
|
|
|
|
test: [ "CMD", "redis-cli", "ping" ]
|
2025-12-14 21:25:11 +08:00
|
|
|
|
interval: 10s
|
|
|
|
|
|
timeout: 5s
|
|
|
|
|
|
retries: 5
|
|
|
|
|
|
networks:
|
|
|
|
|
|
- deepaudit-network
|
|
|
|
|
|
|
2025-12-15 15:18:55 +08:00
|
|
|
|
# 沙箱镜像构建服务 (漏洞验证必须)
|
2025-12-17 11:02:42 +08:00
|
|
|
|
# 注意: 此服务仅用于构建镜像,构建完成后自动退出
|
2025-12-15 15:18:55 +08:00
|
|
|
|
sandbox:
|
|
|
|
|
|
build:
|
|
|
|
|
|
context: ./docker/sandbox
|
|
|
|
|
|
dockerfile: Dockerfile
|
2026-01-07 17:14:03 +08:00
|
|
|
|
image: code-review:sandbox
|
2025-12-17 11:02:42 +08:00
|
|
|
|
restart: "no"
|
2025-12-15 15:18:55 +08:00
|
|
|
|
command: echo "Sandbox image built successfully"
|
|
|
|
|
|
|
2025-11-28 20:43:26 +08:00
|
|
|
|
networks:
|
2025-12-08 21:35:09 +08:00
|
|
|
|
deepaudit-network:
|
2025-11-28 20:43:26 +08:00
|
|
|
|
driver: bridge
|
2026-01-05 15:34:22 +08:00
|
|
|
|
driver_opts:
|
2026-01-06 13:48:14 +08:00
|
|
|
|
com.docker.network.bridge.name: br-deepaudit # 指定宿主机网卡名称
|
2025-10-23 00:13:48 +08:00
|
|
|
|
|
2025-11-26 21:11:12 +08:00
|
|
|
|
volumes:
|
|
|
|
|
|
postgres_data:
|
2025-12-05 20:51:22 +08:00
|
|
|
|
backend_uploads:
|
2026-01-06 13:48:14 +08:00
|
|
|
|
chroma_data:
|
2026-01-06 17:05:05 +08:00
|
|
|
|
ci_workspace:
|
|
|
|
|
|
ci_vectordb:
|
2025-12-14 21:25:11 +08:00
|
|
|
|
redis_data:
|
