stack/docker/docker-compose.yml

services:
  postgres:
    build:
      context: ./postgres
      dockerfile: Dockerfile
    container_name: mosaic-postgres
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-mosaic}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-mosaic_dev_password}
      POSTGRES_DB: ${POSTGRES_DB:-mosaic}
    ports:
      - "${POSTGRES_PORT:-5432}:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-mosaic} -d ${POSTGRES_DB:-mosaic}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s
    networks:
      - mosaic-network

  valkey:
    image: valkey/valkey:8-alpine
    container_name: mosaic-valkey
    restart: unless-stopped
    ports:
      - "${VALKEY_PORT:-6379}:6379"
    volumes:
      - valkey_data:/data
    healthcheck:
      test: ["CMD", "valkey-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 10s
    networks:
      - mosaic-network

  coordinator:
    build:
      context: ../apps/coordinator
      dockerfile: Dockerfile
    container_name: mosaic-coordinator
    restart: unless-stopped
    environment:
      GITEA_WEBHOOK_SECRET: ${GITEA_WEBHOOK_SECRET}
      GITEA_URL: ${GITEA_URL:-https://git.mosaicstack.dev}
      LOG_LEVEL: ${LOG_LEVEL:-info}
      HOST: 0.0.0.0
      PORT: 8000
      # Telemetry (task completion tracking & predictions)
      MOSAIC_TELEMETRY_ENABLED: ${MOSAIC_TELEMETRY_ENABLED:-false}
      MOSAIC_TELEMETRY_SERVER_URL: ${MOSAIC_TELEMETRY_SERVER_URL:-http://telemetry-api:8000}
      MOSAIC_TELEMETRY_API_KEY: ${MOSAIC_TELEMETRY_API_KEY:-}
      MOSAIC_TELEMETRY_INSTANCE_ID: ${MOSAIC_TELEMETRY_INSTANCE_ID:-}
      MOSAIC_TELEMETRY_DRY_RUN: ${MOSAIC_TELEMETRY_DRY_RUN:-false}
    ports:
      - "8000:8000"
    healthcheck:
      test:
        [
          "CMD",
          "python",
          "-c",
          "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')",
        ]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 5s
    networks:
      - mosaic-network

  openbao:
    image: quay.io/openbao/openbao:2.5.0
    container_name: mosaic-openbao
    restart: unless-stopped
    user: root
    ports:
      - "127.0.0.1:${OPENBAO_PORT:-8200}:8200"
    volumes:
      - openbao_data:/openbao/data
      - openbao_init:/openbao/init
      - ./openbao/config.hcl:/openbao/config/config.hcl:ro
    environment:
      VAULT_ADDR: http://0.0.0.0:8200
      SKIP_SETCAP: "true"
    entrypoint: ["dumb-init", "--"]
    command: ["bao", "server", "-config=/openbao/config/config.hcl"]
    cap_add:
      - IPC_LOCK
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "wget --spider --quiet 'http://127.0.0.1:8200/v1/sys/health?standbyok=true&uninitcode=200&sealedcode=200'",
        ]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 10s
    networks:
      - mosaic-network
    labels:
      com.mosaic.service: "secrets"
      com.mosaic.description: "OpenBao secrets management"

  openbao-init:
    image: quay.io/openbao/openbao:2.5.0
    container_name: mosaic-openbao-init
    restart: unless-stopped
    user: root
    volumes:
      - openbao_init:/openbao/init
      - ./openbao/init.sh:/init.sh:ro
    environment:
      VAULT_ADDR: http://openbao:8200
    command: /init.sh
    depends_on:
      openbao:
        condition: service_healthy
    networks:
      - mosaic-network
    labels:
      com.mosaic.service: "secrets-init"
      com.mosaic.description: "OpenBao auto-initialization sidecar"

  # ======================
  # Telemetry API (Optional - for local development)
  # ======================
  # Uncomment to run the telemetry API locally for self-contained development.
  # For production, use an external telemetry API URL instead.
  # telemetry-api:
  #   image: git.mosaicstack.dev/mosaic/telemetry-api:latest
  #   container_name: mosaic-telemetry-api
  #   restart: unless-stopped
  #   environment:
  #     HOST: 0.0.0.0
  #     PORT: 8000
  #   ports:
  #     - "8001:8000"
  #   healthcheck:
  #     test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
  #     interval: 30s
  #     timeout: 10s
  #     retries: 3
  #     start_period: 10s
  #   networks:
  #     - mosaic-network

volumes:
  postgres_data:
    name: mosaic-postgres-data
  valkey_data:
    name: mosaic-valkey-data
  openbao_data:
    name: mosaic-openbao-data
  openbao_init:
    name: mosaic-openbao-init

networks:
  mosaic-network:
    name: mosaic-network
    driver: bridge