chorus-services/docker-compose.swarm.yml

# Docker Compose for Docker Swarm Deployment
# Optimized for production deployment on deepblack.cloud infrastructure

version: '3.8'

services:
  # WHOOSH - Orchestration Platform
  whoosh-backend:
    image: registry.home.deepblack.cloud/tony/chorus-whoosh-backend:latest
    deploy:
      replicas: 2
      placement:
        constraints:
          - node.role == worker
      resources:
        limits:
          memory: 1G
        reservations:
          memory: 512M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-api.rule=Host(`api.chorus.services`)"
        - "traefik.http.routers.chorus-api.entrypoints=web-secured"
        - "traefik.http.routers.chorus-api.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-api.loadbalancer.server.port=8000"
        - "traefik.http.services.chorus-api.loadbalancer.passhostheader=true"
    environment:
      - DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_whoosh
      - REDIS_URL=redis://redis:6379
      - CORS_ORIGINS=https://dashboard.chorus.services,https://www.chorus.services
      - ENVIRONMENT=production
      - LOG_LEVEL=info
    networks:
      - tengig
      - chorus_network
    depends_on:
      - postgres
      - redis

  whoosh-frontend:
    image: registry.home.deepblack.cloud/tony/chorus-whoosh-frontend:latest
    deploy:
      replicas: 2
      placement:
        constraints:
          - node.role == worker  
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-dashboard.rule=Host(`dashboard.chorus.services`)"
        - "traefik.http.routers.chorus-dashboard.entrypoints=web-secured"  
        - "traefik.http.routers.chorus-dashboard.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-dashboard.loadbalancer.server.port=3000"
        - "traefik.http.services.chorus-dashboard.loadbalancer.passhostheader=true"
    environment:
      - REACT_APP_API_URL=https://api.chorus.services
      - REACT_APP_WS_URL=wss://api.chorus.services
    networks:
      - tengig
      - chorus_network
    depends_on:
      - whoosh-backend

  # Marketing Website
  chorus-website:
    image: registry.home.deepblack.cloud/tony/chorus-website:latest
    deploy:
      replicas: 2
      placement:
        constraints:
          - node.role == worker
      resources:
        limits:
          memory: 128M
        reservations:
          memory: 64M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"  
        - "traefik.http.routers.chorus-website.rule=Host(`www.chorus.services`) || Host(`chorus.services`)"
        - "traefik.http.routers.chorus-website.entrypoints=web-secured"
        - "traefik.http.routers.chorus-website.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-website.loadbalancer.server.port=80"
        - "traefik.http.services.chorus-website.loadbalancer.passhostheader=true"
        # Redirect naked domain to www
        - "traefik.http.middlewares.chorus-redirect.redirectregex.regex=^https://chorus.services/(.*)"
        - "traefik.http.middlewares.chorus-redirect.redirectregex.replacement=https://www.chorus.services/$${1}"
        - "traefik.http.routers.chorus-website.middlewares=chorus-redirect"
    networks:
      - tengig

  # BZZZ - P2P Agent Coordination
  bzzz-coordinator:
    image: registry.home.deepblack.cloud/tony/chorus-bzzz-coordinator:latest
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager  # P2P networking works better on manager
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-bzzz.rule=Host(`chorus-bzzz.home.deepblack.cloud`)"
        - "traefik.http.routers.chorus-bzzz.entrypoints=web-secured"
        - "traefik.http.routers.chorus-bzzz.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-bzzz.loadbalancer.server.port=8080"
    ports:
      - target: 4001
        published: 4001
        protocol: tcp
        mode: host  # Required for P2P networking
    environment:
      - BZZZ_NODE_ENV=production
      - BZZZ_LOG_LEVEL=info
    networks:
      - tengig
      - chorus_network
    volumes:
      - bzzz_data:/app/data

  # SLURP - Context Curator Service
  slurp-curator:
    image: registry.home.deepblack.cloud/tony/chorus-slurp-curator:latest
    deploy:
      replicas: 2
      placement:
        constraints:
          - node.role == worker
      resources:
        limits:
          memory: 1G
        reservations:
          memory: 512M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-slurp.rule=Host(`slurp.chorus.services`)"
        - "traefik.http.routers.chorus-slurp.entrypoints=web-secured"
        - "traefik.http.routers.chorus-slurp.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-slurp.loadbalancer.server.port=8000"
    environment:
      - SLURP_DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_slurp
      - SLURP_LOG_LEVEL=info
      - SLURP_AUTH_ENABLED=true
      - HYPERCORE_LOG_URL=http://hypercore-log:8000
      - BZZZ_COORDINATOR_URL=http://bzzz-coordinator:8080
    networks:
      - tengig
      - chorus_network
    volumes:
      - slurp_data:/app/data
    depends_on:
      - postgres
      - bzzz-coordinator

  # COOEE - RL Context Tuner
  slurp-rl-tuner:
    image: registry.home.deepblack.cloud/tony/chorus-slurp-rl-tuner:latest
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == worker
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-cooee.rule=Host(`chorus-cooee.home.deepblack.cloud`)"
        - "traefik.http.routers.chorus-cooee.entrypoints=web-secured"
        - "traefik.http.routers.chorus-cooee.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-cooee.loadbalancer.server.port=8000"
    environment:
      - RL_TUNER_DATABASE_URL=postgresql://chorus:choruspass@postgres:5432/chorus_rl_tuner
      - SLURP_CURATOR_URL=http://slurp-curator:8000
      - BZZZ_API_URL=http://bzzz-coordinator:8080
    networks:
      - tengig
      - chorus_network
    depends_on:
      - postgres
      - slurp-curator
      - bzzz-coordinator

  # Shared Infrastructure
  postgres:
    image: postgres:15
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager  # Keep database on manager for stability
      resources:
        limits:
          memory: 2G
        reservations:
          memory: 1G
    environment:
      - POSTGRES_DB=chorus
      - POSTGRES_USER=chorus
      - POSTGRES_PASSWORD=choruspass
    networks:
      - chorus_network
    volumes:
      - postgres_data:/var/lib/postgresql/data
      - ./init-db.sql:/docker-entrypoint-initdb.d/init-db.sql

  redis:
    image: redis:7-alpine
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager
      resources:
        limits:
          memory: 256M
        reservations:
          memory: 128M
    networks:
      - chorus_network
    volumes:
      - redis_data:/data

  # Monitoring Stack
  prometheus:
    image: prom/prometheus:latest
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-prometheus.rule=Host(`chorus-prometheus.home.deepblack.cloud`)"
        - "traefik.http.routers.chorus-prometheus.entrypoints=web-secured"
        - "traefik.http.routers.chorus-prometheus.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-prometheus.loadbalancer.server.port=9090"
    networks:
      - tengig
      - chorus_network
    volumes:
      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus_data:/prometheus

  grafana:
    image: grafana/grafana:latest
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=tengig"
        - "traefik.http.routers.chorus-grafana.rule=Host(`chorus-grafana.home.deepblack.cloud`)"
        - "traefik.http.routers.chorus-grafana.entrypoints=web-secured"
        - "traefik.http.routers.chorus-grafana.tls.certresolver=letsencryptresolver"
        - "traefik.http.services.chorus-grafana.loadbalancer.server.port=3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=chorusadmin
    networks:
      - tengig
      - chorus_network
    volumes:
      - grafana_data:/var/lib/grafana
      - ./monitoring/grafana/dashboards:/etc/grafana/provisioning/dashboards
      - ./monitoring/grafana/datasources:/etc/grafana/provisioning/datasources

volumes:
  postgres_data:
  redis_data:
  prometheus_data:
  grafana_data:
  bzzz_data:
  slurp_data:

networks:
  tengig:
    external: true
  chorus_network:
    driver: overlay
    attachable: true