christian/matrix-ai-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
947699c988c2b5271b86a333c4c75e95fc3e4c53
matrix-ai-agent/docker-compose.yml
Christian Gick 108144696b feat(MAT-107): memory encryption & user isolation 
- Per-user Fernet encryption for fact/chunk_text/summary fields
- Postgres RLS with memory_app restricted role
- SSL for memory-db connections
- Data migration script (migrate_encrypt.py)
- DB migration (migrate_rls.sql)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-06 15:56:14 +00:00

75 lines
2.0 KiB
YAML
Raw Blame History

services:
agent:
build:
context: .
dockerfile: Dockerfile
command: python agent.py start
env_file: .env
restart: unless-stopped
network_mode: host
bot:
build:
context: .
dockerfile: Dockerfile
command: python bot.py
env_file: .env
restart: unless-stopped
environment:
- LITELLM_BASE_URL
- LITELLM_API_KEY
- DEFAULT_MODEL
- MEMORY_SERVICE_URL=http://memory-service:8090
- PORTAL_URL
- BOT_API_KEY
volumes:
- bot-data:/data
depends_on:
memory-service:
condition: service_healthy
memory-db:
image: pgvector/pgvector:pg17
restart: unless-stopped
environment:
POSTGRES_USER: memory
POSTGRES_PASSWORD: ${MEMORY_DB_PASSWORD:-memory}
POSTGRES_DB: memories
volumes:
- memory-pgdata:/var/lib/postgresql/data
- ./memory-db-ssl/server.crt:/var/lib/postgresql/server.crt:ro
- ./memory-db-ssl/server.key:/var/lib/postgresql/server.key:ro
command: >
postgres
-c ssl=on
-c ssl_cert_file=/var/lib/postgresql/server.crt
-c ssl_key_file=/var/lib/postgresql/server.key
healthcheck:
test: ["CMD-SHELL", "pg_isready -U memory -d memories"]
interval: 5s
timeout: 3s
retries: 5
memory-service:
build: ./memory-service
restart: unless-stopped
environment:
DATABASE_URL: postgresql://memory_app:${MEMORY_APP_PASSWORD}@memory-db:5432/memories?sslmode=require
MEMORY_ENCRYPTION_KEY: ${MEMORY_ENCRYPTION_KEY}
MEMORY_DB_OWNER_PASSWORD: ${MEMORY_DB_PASSWORD:-memory}
LITELLM_BASE_URL: ${LITELLM_BASE_URL}
LITELLM_API_KEY: ${LITELLM_MASTER_KEY}
EMBED_MODEL: ${EMBED_MODEL:-text-embedding-3-small}
depends_on:
memory-db:
condition: service_healthy
healthcheck:
test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:8090/health')"]
interval: 10s
timeout: 5s
retries: 3
volumes:
bot-data:
memory-pgdata:
Reference in New Issue View Git Blame Copy Permalink