fix: resolve Portainer deployment Redis and CORS failures
Remove Docker Compose profiles from postgres and valkey services so they start by default without --profile flag. Add NEXT_PUBLIC_APP_URL, NEXT_PUBLIC_API_URL, and TRUSTED_ORIGINS to the API service environment so CORS works in production. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
84
.env.example
84
.env.example
@@ -19,7 +19,7 @@ NEXT_PUBLIC_API_URL=http://localhost:3001
|
||||
# ======================
|
||||
# PostgreSQL Database
|
||||
# ======================
|
||||
# Bundled PostgreSQL (when database profile enabled)
|
||||
# Bundled PostgreSQL
|
||||
# SECURITY: Change POSTGRES_PASSWORD to a strong random password in production
|
||||
DATABASE_URL=postgresql://mosaic:REPLACE_WITH_SECURE_PASSWORD@postgres:5432/mosaic
|
||||
POSTGRES_USER=mosaic
|
||||
@@ -28,7 +28,7 @@ POSTGRES_DB=mosaic
|
||||
POSTGRES_PORT=5432
|
||||
|
||||
# External PostgreSQL (managed service)
|
||||
# Disable 'database' profile and point DATABASE_URL to your external instance
|
||||
# To use an external instance, update DATABASE_URL above
|
||||
# Example: DATABASE_URL=postgresql://user:pass@rds.amazonaws.com:5432/mosaic
|
||||
|
||||
# PostgreSQL Performance Tuning (Optional)
|
||||
@@ -39,7 +39,7 @@ POSTGRES_MAX_CONNECTIONS=100
|
||||
# ======================
|
||||
# Valkey Cache (Redis-compatible)
|
||||
# ======================
|
||||
# Bundled Valkey (when cache profile enabled)
|
||||
# Bundled Valkey
|
||||
VALKEY_URL=redis://valkey:6379
|
||||
VALKEY_HOST=valkey
|
||||
VALKEY_PORT=6379
|
||||
@@ -47,7 +47,7 @@ VALKEY_PORT=6379
|
||||
VALKEY_MAXMEMORY=256mb
|
||||
|
||||
# External Redis/Valkey (managed service)
|
||||
# Disable 'cache' profile and point VALKEY_URL to your external instance
|
||||
# To use an external instance, update VALKEY_URL above
|
||||
# Example: VALKEY_URL=redis://elasticache.amazonaws.com:6379
|
||||
# Example with auth: VALKEY_URL=redis://:password@redis.example.com:6379
|
||||
|
||||
@@ -244,12 +244,16 @@ MOSAIC_API_DOMAIN=api.mosaic.local
|
||||
MOSAIC_WEB_DOMAIN=mosaic.local
|
||||
MOSAIC_AUTH_DOMAIN=auth.mosaic.local
|
||||
|
||||
# External Traefik network name (for upstream mode)
|
||||
# External Traefik network name (for upstream mode and swarm)
|
||||
# Must match the network name of your existing Traefik instance
|
||||
TRAEFIK_NETWORK=traefik-public
|
||||
TRAEFIK_DOCKER_NETWORK=traefik-public
|
||||
|
||||
# TLS/SSL Configuration
|
||||
TRAEFIK_TLS_ENABLED=true
|
||||
TRAEFIK_ENTRYPOINT=websecure
|
||||
# Cert resolver name (leave empty if TLS is handled externally or using self-signed certs)
|
||||
TRAEFIK_CERTRESOLVER=
|
||||
# For Let's Encrypt (production):
|
||||
TRAEFIK_ACME_EMAIL=admin@example.com
|
||||
# For self-signed certificates (development), leave TRAEFIK_ACME_EMAIL empty
|
||||
@@ -285,6 +289,15 @@ GITEA_WEBHOOK_SECRET=REPLACE_WITH_RANDOM_WEBHOOK_SECRET
|
||||
# The coordinator service uses this key to authenticate with the API
|
||||
COORDINATOR_API_KEY=REPLACE_WITH_RANDOM_API_KEY_MINIMUM_32_CHARS
|
||||
|
||||
# Anthropic API Key (used by coordinator for issue parsing)
|
||||
# Get your API key from: https://console.anthropic.com/
|
||||
ANTHROPIC_API_KEY=REPLACE_WITH_ANTHROPIC_API_KEY
|
||||
|
||||
# Coordinator tuning
|
||||
COORDINATOR_POLL_INTERVAL=5.0
|
||||
COORDINATOR_MAX_CONCURRENT_AGENTS=10
|
||||
COORDINATOR_ENABLED=true
|
||||
|
||||
# ======================
|
||||
# Rate Limiting
|
||||
# ======================
|
||||
@@ -329,16 +342,34 @@ RATE_LIMIT_STORAGE=redis
|
||||
# ======================
|
||||
# Matrix bot integration for chat-based control via Matrix protocol
|
||||
# Requires a Matrix account with an access token for the bot user
|
||||
# MATRIX_HOMESERVER_URL=https://matrix.example.com
|
||||
# MATRIX_ACCESS_TOKEN=
|
||||
# MATRIX_BOT_USER_ID=@mosaic-bot:example.com
|
||||
# MATRIX_CONTROL_ROOM_ID=!roomid:example.com
|
||||
# MATRIX_WORKSPACE_ID=your-workspace-uuid
|
||||
# Set these AFTER deploying Synapse and creating the bot account.
|
||||
#
|
||||
# SECURITY: MATRIX_WORKSPACE_ID must be a valid workspace UUID from your database.
|
||||
# All Matrix commands will execute within this workspace context for proper
|
||||
# multi-tenant isolation. Each Matrix bot instance should be configured for
|
||||
# a single workspace.
|
||||
MATRIX_HOMESERVER_URL=http://synapse:8008
|
||||
MATRIX_ACCESS_TOKEN=
|
||||
MATRIX_BOT_USER_ID=@mosaic-bot:matrix.example.com
|
||||
MATRIX_SERVER_NAME=matrix.example.com
|
||||
# MATRIX_CONTROL_ROOM_ID=!roomid:matrix.example.com
|
||||
# MATRIX_WORKSPACE_ID=your-workspace-uuid
|
||||
|
||||
# ======================
|
||||
# Matrix / Synapse Deployment
|
||||
# ======================
|
||||
# Domains for Traefik routing to Matrix services
|
||||
MATRIX_DOMAIN=matrix.example.com
|
||||
ELEMENT_DOMAIN=chat.example.com
|
||||
|
||||
# Synapse database (created automatically by synapse-db-init in the swarm compose)
|
||||
SYNAPSE_POSTGRES_DB=synapse
|
||||
SYNAPSE_POSTGRES_USER=synapse
|
||||
SYNAPSE_POSTGRES_PASSWORD=REPLACE_WITH_SECURE_SYNAPSE_DB_PASSWORD
|
||||
|
||||
# Image tags for Matrix services
|
||||
SYNAPSE_IMAGE_TAG=latest
|
||||
ELEMENT_IMAGE_TAG=latest
|
||||
|
||||
# ======================
|
||||
# Orchestrator Configuration
|
||||
@@ -363,11 +394,11 @@ AI_PROVIDER=ollama
|
||||
# For remote Ollama: http://your-ollama-server:11434
|
||||
OLLAMA_MODEL=llama3.1:latest
|
||||
|
||||
# Claude API Configuration (when AI_PROVIDER=claude)
|
||||
# OPTIONAL: Only required if AI_PROVIDER=claude
|
||||
# Claude API Key
|
||||
# Required by the orchestrator service in swarm deployment.
|
||||
# Also used when AI_PROVIDER=claude for other services.
|
||||
# Get your API key from: https://console.anthropic.com/
|
||||
# Note: Claude Max subscription users should use AI_PROVIDER=ollama instead
|
||||
# CLAUDE_API_KEY=sk-ant-...
|
||||
CLAUDE_API_KEY=REPLACE_WITH_CLAUDE_API_KEY
|
||||
|
||||
# OpenAI API Configuration (when AI_PROVIDER=openai)
|
||||
# OPTIONAL: Only required if AI_PROVIDER=openai
|
||||
@@ -405,6 +436,9 @@ TTS_PREMIUM_URL=http://chatterbox-tts:8881/v1
|
||||
TTS_FALLBACK_ENABLED=false
|
||||
TTS_FALLBACK_URL=http://openedai-speech:8000/v1
|
||||
|
||||
# Whisper model for Speaches STT engine
|
||||
SPEACHES_WHISPER_MODEL=Systran/faster-whisper-large-v3-turbo
|
||||
|
||||
# Speech Service Limits
|
||||
# Maximum upload file size in bytes (default: 25MB)
|
||||
SPEECH_MAX_UPLOAD_SIZE=25000000
|
||||
@@ -439,28 +473,6 @@ MOSAIC_TELEMETRY_INSTANCE_ID=your-instance-uuid-here
|
||||
# Useful for development and debugging telemetry payloads
|
||||
MOSAIC_TELEMETRY_DRY_RUN=false
|
||||
|
||||
# ======================
|
||||
# Matrix Dev Environment (docker-compose.matrix.yml overlay)
|
||||
# ======================
|
||||
# These variables configure the local Matrix dev environment.
|
||||
# Only used when running: docker compose -f docker/docker-compose.yml -f docker/docker-compose.matrix.yml up
|
||||
#
|
||||
# Synapse homeserver
|
||||
# SYNAPSE_CLIENT_PORT=8008
|
||||
# SYNAPSE_FEDERATION_PORT=8448
|
||||
# SYNAPSE_POSTGRES_DB=synapse
|
||||
# SYNAPSE_POSTGRES_USER=synapse
|
||||
# SYNAPSE_POSTGRES_PASSWORD=synapse_dev_password
|
||||
#
|
||||
# Element Web client
|
||||
# ELEMENT_PORT=8501
|
||||
#
|
||||
# Matrix bridge connection (set after running docker/matrix/scripts/setup-bot.sh)
|
||||
# MATRIX_HOMESERVER_URL=http://localhost:8008
|
||||
# MATRIX_ACCESS_TOKEN=<obtained from setup-bot.sh>
|
||||
# MATRIX_BOT_USER_ID=@mosaic-bot:localhost
|
||||
# MATRIX_SERVER_NAME=localhost
|
||||
|
||||
# ======================
|
||||
# Logging & Debugging
|
||||
# ======================
|
||||
|
||||
Reference in New Issue
Block a user