139 lines
3.6 KiB
YAML
139 lines
3.6 KiB
YAML
# =============================================
|
|
# DeepAudit v3.0.0 Docker Compose 配置
|
|
# =============================================
|
|
# 部署: docker compose up -d
|
|
# 查看日志: docker compose logs -f
|
|
# 注意: Agent 服务和沙箱环境是必须的核心组件
|
|
|
|
services:
|
|
# =============================================
|
|
# 核心基础服务
|
|
# =============================================
|
|
|
|
db:
|
|
image: postgres:15-alpine
|
|
restart: unless-stopped
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
environment:
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD=postgres
|
|
- POSTGRES_DB=deepaudit
|
|
ports:
|
|
- "5432:5432"
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 5
|
|
networks:
|
|
- deepaudit-network
|
|
|
|
backend:
|
|
build:
|
|
context: ./backend
|
|
args:
|
|
- http_proxy=
|
|
- https_proxy=
|
|
- HTTP_PROXY=
|
|
- HTTPS_PROXY=
|
|
- all_proxy=
|
|
- ALL_PROXY=
|
|
restart: unless-stopped
|
|
volumes:
|
|
# - ./backend/app:/app/app:ro # 挂载代码目录,修改后自动生效
|
|
- backend_uploads:/app/uploads
|
|
- /var/run/docker.sock:/var/run/docker.sock # 沙箱执行必须
|
|
ports:
|
|
- "8000:8000"
|
|
env_file:
|
|
- ./backend/.env
|
|
environment:
|
|
- DATABASE_URL=postgresql+asyncpg://postgres:postgres@db:5432/deepaudit
|
|
- REDIS_URL=redis://redis:6379/0
|
|
- AGENT_ENABLED=true
|
|
- SANDBOX_ENABLED=true
|
|
- SANDBOX_IMAGE=deepaudit/sandbox:latest # 使用本地构建的沙箱镜像
|
|
# 禁用代理设置,防止容器内无法连接外部 API
|
|
- HTTP_PROXY=
|
|
- HTTPS_PROXY=
|
|
- http_proxy=
|
|
- https_proxy=
|
|
- NO_PROXY=*
|
|
depends_on:
|
|
db:
|
|
condition: service_healthy
|
|
redis:
|
|
condition: service_healthy
|
|
# 开发模式:启用 --reload 热重载
|
|
command: sh -c ".venv/bin/alembic upgrade head && .venv/bin/uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload"
|
|
networks:
|
|
- deepaudit-network
|
|
|
|
frontend:
|
|
build:
|
|
context: ./frontend
|
|
args:
|
|
- http_proxy=
|
|
- https_proxy=
|
|
- HTTP_PROXY=
|
|
- HTTPS_PROXY=
|
|
- all_proxy=
|
|
- ALL_PROXY=
|
|
restart: unless-stopped
|
|
volumes:
|
|
# - ./frontend/dist:/usr/share/nginx/html:ro # 挂载构建产物,本地 pnpm build 后自动生效
|
|
- ./frontend/nginx.conf:/etc/nginx/conf.d/default.conf:ro # 挂载 nginx 配置
|
|
ports:
|
|
- "3000:80" # Nginx 监听 80 端口
|
|
environment:
|
|
# 禁用代理 - nginx 需要直连后端
|
|
- HTTP_PROXY=
|
|
- HTTPS_PROXY=
|
|
- http_proxy=
|
|
- https_proxy=
|
|
- NO_PROXY=*
|
|
depends_on:
|
|
- backend
|
|
networks:
|
|
- deepaudit-network
|
|
|
|
# =============================================
|
|
# Agent 服务必须组件
|
|
# =============================================
|
|
|
|
# Redis (Agent 任务队列 - 必须)
|
|
redis:
|
|
image: redis:7-alpine
|
|
restart: unless-stopped
|
|
ports:
|
|
- "6379:6379"
|
|
volumes:
|
|
- redis_data:/data
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
networks:
|
|
- deepaudit-network
|
|
|
|
# 沙箱镜像构建服务 (漏洞验证必须)
|
|
# 注意: 此服务仅用于构建镜像,构建完成后自动退出
|
|
sandbox:
|
|
build:
|
|
context: ./docker/sandbox
|
|
dockerfile: Dockerfile
|
|
image: deepaudit/sandbox:latest
|
|
restart: "no"
|
|
command: echo "Sandbox image built successfully"
|
|
|
|
networks:
|
|
deepaudit-network:
|
|
driver: bridge
|
|
|
|
volumes:
|
|
postgres_data:
|
|
backend_uploads:
|
|
redis_data:
|