fix(deploy): add MOSAIC_SECRET_KEY + docker socket to api service (MS22)

2026-03-01 11:42:10 -06:00
parent deafcdc84b
commit 3d978c0291
1 changed files with 6 additions and 0 deletions
--- a/docker-compose.swarm.portainer.yml
+++ b/docker-compose.swarm.portainer.yml
@@ -121,6 +121,10 @@ services:
      OLLAMA_ENDPOINT: ${OLLAMA_ENDPOINT}
      OPENBAO_ADDR: ${OPENBAO_ADDR}
      ENCRYPTION_KEY: ${ENCRYPTION_KEY}
+      # MS22: fleet encryption key (AES-256-GCM for provider API keys, agent tokens)
+      MOSAIC_SECRET_KEY: ${MOSAIC_SECRET_KEY}
+      # MS22: Docker socket for per-user container lifecycle (optional: set DOCKER_HOST for TCP)
+      DOCKER_HOST: ${DOCKER_HOST:-}
      # Matrix bridge (optional — configure after Synapse is running)
      MATRIX_HOMESERVER_URL: ${MATRIX_HOMESERVER_URL:-http://synapse:8008}
      MATRIX_ACCESS_TOKEN: ${MATRIX_ACCESS_TOKEN:-}
@@ -142,6 +146,8 @@ services:
      NEXT_PUBLIC_APP_URL: ${NEXT_PUBLIC_APP_URL}
      NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL}
      TRUSTED_ORIGINS: ${TRUSTED_ORIGINS:-}
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
    healthcheck:
      test:
        [