13364b9e8c
External Domain Configuration: - Updated Docker Swarm for chorus.services domain (202.171.184.242) - Configured dashboard.chorus.services for WHOOSH frontend - Configured api.chorus.services for backend API - Prepared www.chorus.services for marketing website (ready for submodule) Traefik Configuration: - SSL/TLS certificates via Let's Encrypt - Domain redirects: chorus.services → www.chorus.services - Proper CORS origins for external access - Load balancing and high availability Production Endpoints: - Marketing Website: https://www.chorus.services (pending project) - Dashboard: https://dashboard.chorus.services - API: https://api.chorus.services - Documentation: https://api.chorus.services/docs Build System: - Updated build scripts for website integration - Registry image preparation: chorus-website:latest - Management script updates for external domains Ready for website project integration as git submodule when available.
295 lines
9.2 KiB
YAML
295 lines
9.2 KiB
YAML
# Docker Compose for Docker Swarm Deployment
|
|
# Optimized for production deployment on deepblack.cloud infrastructure
|
|
|
|
version: '3.8'
|
|
|
|
services:
|
|
# WHOOSH - Orchestration Platform
|
|
whoosh-backend:
|
|
image: registry.home.deepblack.cloud/tony/chorus-whoosh-backend:latest
|
|
deploy:
|
|
replicas: 2
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
resources:
|
|
limits:
|
|
memory: 1G
|
|
reservations:
|
|
memory: 512M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-api.rule=Host(`api.chorus.services`)"
|
|
- "traefik.http.routers.chorus-api.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-api.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-api.loadbalancer.server.port=8000"
|
|
- "traefik.http.services.chorus-api.loadbalancer.passhostheader=true"
|
|
environment:
|
|
- DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_whoosh
|
|
- REDIS_URL=redis://redis:6379
|
|
- CORS_ORIGINS=https://dashboard.chorus.services,https://www.chorus.services
|
|
- ENVIRONMENT=production
|
|
- LOG_LEVEL=info
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
depends_on:
|
|
- postgres
|
|
- redis
|
|
|
|
whoosh-frontend:
|
|
image: registry.home.deepblack.cloud/tony/chorus-whoosh-frontend:latest
|
|
deploy:
|
|
replicas: 2
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-dashboard.rule=Host(`dashboard.chorus.services`)"
|
|
- "traefik.http.routers.chorus-dashboard.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-dashboard.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-dashboard.loadbalancer.server.port=3000"
|
|
- "traefik.http.services.chorus-dashboard.loadbalancer.passhostheader=true"
|
|
environment:
|
|
- REACT_APP_API_URL=https://api.chorus.services
|
|
- REACT_APP_WS_URL=wss://api.chorus.services
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
depends_on:
|
|
- whoosh-backend
|
|
|
|
# Marketing Website
|
|
chorus-website:
|
|
image: registry.home.deepblack.cloud/tony/chorus-website:latest
|
|
deploy:
|
|
replicas: 2
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
resources:
|
|
limits:
|
|
memory: 128M
|
|
reservations:
|
|
memory: 64M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-website.rule=Host(`www.chorus.services`) || Host(`chorus.services`)"
|
|
- "traefik.http.routers.chorus-website.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-website.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-website.loadbalancer.server.port=80"
|
|
- "traefik.http.services.chorus-website.loadbalancer.passhostheader=true"
|
|
# Redirect naked domain to www
|
|
- "traefik.http.middlewares.chorus-redirect.redirectregex.regex=^https://chorus.services/(.*)"
|
|
- "traefik.http.middlewares.chorus-redirect.redirectregex.replacement=https://www.chorus.services/$${1}"
|
|
- "traefik.http.routers.chorus-website.middlewares=chorus-redirect"
|
|
networks:
|
|
- tengig
|
|
|
|
# BZZZ - P2P Agent Coordination
|
|
bzzz-coordinator:
|
|
image: registry.home.deepblack.cloud/tony/chorus-bzzz-coordinator:latest
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == manager # P2P networking works better on manager
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-bzzz.rule=Host(`chorus-bzzz.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.chorus-bzzz.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-bzzz.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-bzzz.loadbalancer.server.port=8080"
|
|
ports:
|
|
- target: 4001
|
|
published: 4001
|
|
protocol: tcp
|
|
mode: host # Required for P2P networking
|
|
environment:
|
|
- BZZZ_NODE_ENV=production
|
|
- BZZZ_LOG_LEVEL=info
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
volumes:
|
|
- bzzz_data:/app/data
|
|
|
|
# SLURP - Context Management
|
|
slurp-api:
|
|
image: registry.home.deepblack.cloud/tony/chorus-slurp-api:latest
|
|
deploy:
|
|
replicas: 2
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
resources:
|
|
limits:
|
|
memory: 1G
|
|
reservations:
|
|
memory: 512M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-slurp.rule=Host(`chorus-slurp.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.chorus-slurp.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-slurp.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-slurp.loadbalancer.server.port=8000"
|
|
environment:
|
|
- HCFS_DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_slurp
|
|
- HCFS_LOG_LEVEL=info
|
|
- HCFS_AUTH_ENABLED=true
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
volumes:
|
|
- slurp_data:/app/data
|
|
depends_on:
|
|
- postgres
|
|
|
|
# COOEE - RL Context Tuner
|
|
slurp-rl-tuner:
|
|
image: registry.home.deepblack.cloud/tony/chorus-slurp-rl-tuner:latest
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == worker
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
reservations:
|
|
memory: 256M
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-cooee.rule=Host(`chorus-cooee.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.chorus-cooee.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-cooee.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-cooee.loadbalancer.server.port=8000"
|
|
environment:
|
|
- RL_TUNER_DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_rl_tuner
|
|
- HCFS_API_URL=http://slurp-api:8000
|
|
- BZZZ_API_URL=http://bzzz-coordinator:8080
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
depends_on:
|
|
- postgres
|
|
- slurp-api
|
|
- bzzz-coordinator
|
|
|
|
# Shared Infrastructure
|
|
postgres:
|
|
image: postgres:15
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == manager # Keep database on manager for stability
|
|
resources:
|
|
limits:
|
|
memory: 2G
|
|
reservations:
|
|
memory: 1G
|
|
environment:
|
|
- POSTGRES_DB=chorus
|
|
- POSTGRES_USER=chorus
|
|
- POSTGRES_PASSWORD=choruspass
|
|
networks:
|
|
- chorus_network
|
|
volumes:
|
|
- postgres_data:/var/lib/postgresql/data
|
|
- ./init-db.sql:/docker-entrypoint-initdb.d/init-db.sql
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
resources:
|
|
limits:
|
|
memory: 256M
|
|
reservations:
|
|
memory: 128M
|
|
networks:
|
|
- chorus_network
|
|
volumes:
|
|
- redis_data:/data
|
|
|
|
# Monitoring Stack
|
|
prometheus:
|
|
image: prom/prometheus:latest
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-prometheus.rule=Host(`chorus-prometheus.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.chorus-prometheus.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-prometheus.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-prometheus.loadbalancer.server.port=9090"
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
volumes:
|
|
- ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
|
|
- prometheus_data:/prometheus
|
|
|
|
grafana:
|
|
image: grafana/grafana:latest
|
|
deploy:
|
|
replicas: 1
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=tengig"
|
|
- "traefik.http.routers.chorus-grafana.rule=Host(`chorus-grafana.home.deepblack.cloud`)"
|
|
- "traefik.http.routers.chorus-grafana.entrypoints=web-secured"
|
|
- "traefik.http.routers.chorus-grafana.tls.certresolver=letsencryptresolver"
|
|
- "traefik.http.services.chorus-grafana.loadbalancer.server.port=3000"
|
|
environment:
|
|
- GF_SECURITY_ADMIN_PASSWORD=chorusadmin
|
|
networks:
|
|
- tengig
|
|
- chorus_network
|
|
volumes:
|
|
- grafana_data:/var/lib/grafana
|
|
- ./monitoring/grafana/dashboards:/etc/grafana/provisioning/dashboards
|
|
- ./monitoring/grafana/datasources:/etc/grafana/provisioning/datasources
|
|
|
|
volumes:
|
|
postgres_data:
|
|
redis_data:
|
|
prometheus_data:
|
|
grafana_data:
|
|
bzzz_data:
|
|
slurp_data:
|
|
|
|
networks:
|
|
tengig:
|
|
external: true
|
|
chorus_network:
|
|
driver: overlay
|
|
attachable: true |