version: '3.9' # To add more services: # 1. Add service block below # 2. Add to cd-production.yml workflow_dispatch options # 3. Add Caddy routes to production Caddyfile services: # ============================================ # Backend Services (Production) # ============================================ mana-core-auth: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/mana-core-auth:${AUTH_VERSION:-latest} container_name: mana-core-auth-prod restart: always environment: NODE_ENV: production PORT: 3001 DATABASE_URL: ${AUTH_DATABASE_URL} REDIS_HOST: ${REDIS_HOST} REDIS_PORT: ${REDIS_PORT} REDIS_PASSWORD: ${REDIS_PASSWORD} # JWT keys managed automatically by Better Auth (EdDSA) - stored in auth.jwks table JWT_ISSUER: ${JWT_ISSUER:-manacore} JWT_AUDIENCE: ${JWT_AUDIENCE:-manacore} # Brevo Email Service BREVO_API_KEY: ${BREVO_API_KEY} EMAIL_SENDER_ADDRESS: ${EMAIL_SENDER_ADDRESS:-noreply@manacore.ai} EMAIL_SENDER_NAME: ${EMAIL_SENDER_NAME:-ManaCore} # URLs BASE_URL: ${BASE_URL:-https://auth.manacore.ai} FRONTEND_URL: ${FRONTEND_URL:-https://manacore.ai} ports: - "127.0.0.1:3001:3001" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3001/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '1' memory: 512M reservations: cpus: '0.5' memory: 256M maerchenzauber-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/maerchenzauber-backend:${MAERCHENZAUBER_VERSION:-latest} container_name: maerchenzauber-backend-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3002 MANA_SERVICE_URL: http://mana-core-auth:3001 SUPABASE_URL: ${MAERCHENZAUBER_SUPABASE_URL} SUPABASE_ANON_KEY: ${MAERCHENZAUBER_SUPABASE_ANON_KEY} SUPABASE_SERVICE_ROLE_KEY: ${MAERCHENZAUBER_SUPABASE_SERVICE_ROLE_KEY} AZURE_OPENAI_ENDPOINT: ${AZURE_OPENAI_ENDPOINT} AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY} AZURE_OPENAI_API_VERSION: ${AZURE_OPENAI_API_VERSION:-2024-12-01-preview} ports: - "127.0.0.1:3002:3002" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/health"] interval: 30s timeout: 10s retries: 3 networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '2' memory: 1G reservations: cpus: '1' memory: 512M chat-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/chat-backend:${CHAT_VERSION:-latest} container_name: chat-backend-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3002 MANA_SERVICE_URL: http://mana-core-auth:3001 SUPABASE_URL: ${CHAT_SUPABASE_URL} SUPABASE_SERVICE_KEY: ${CHAT_SUPABASE_SERVICE_KEY} AZURE_OPENAI_ENDPOINT: ${AZURE_OPENAI_ENDPOINT} AZURE_OPENAI_API_KEY: ${AZURE_OPENAI_API_KEY} AZURE_OPENAI_API_VERSION: ${AZURE_OPENAI_API_VERSION:-2024-12-01-preview} ports: - "127.0.0.1:3003:3002" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3002/api/health"] interval: 30s timeout: 10s retries: 3 networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '2' memory: 1G reservations: cpus: '1' memory: 512M manadeck-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/manadeck-backend:${MANADECK_VERSION:-latest} container_name: manadeck-backend-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3003 MANA_SERVICE_URL: http://mana-core-auth:3001 SUPABASE_URL: ${MANADECK_SUPABASE_URL} SUPABASE_SERVICE_KEY: ${MANADECK_SUPABASE_SERVICE_KEY} ports: - "127.0.0.1:3004:3003" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3003/health"] interval: 30s timeout: 10s retries: 3 networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '1' memory: 512M reservations: cpus: '0.5' memory: 256M nutriphi-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/nutriphi-backend:${NUTRIPHI_VERSION:-latest} container_name: nutriphi-backend-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3004 MANA_SERVICE_URL: http://mana-core-auth:3001 SUPABASE_URL: ${NUTRIPHI_SUPABASE_URL} SUPABASE_SERVICE_KEY: ${NUTRIPHI_SUPABASE_SERVICE_KEY} ports: - "127.0.0.1:3005:3004" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3004/health"] interval: 30s timeout: 10s retries: 3 networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '1' memory: 512M reservations: cpus: '0.5' memory: 256M news-api: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/news-api:${NEWS_VERSION:-latest} container_name: news-api-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3005 MANA_SERVICE_URL: http://mana-core-auth:3001 ports: - "127.0.0.1:3006:3005" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3005/health"] interval: 30s timeout: 10s retries: 3 networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '1' memory: 512M reservations: cpus: '0.5' memory: 256M picture-backend: image: ${DOCKER_REGISTRY:-ghcr.io/memo-2023}/picture-backend:${PICTURE_VERSION:-latest} container_name: picture-backend-prod restart: always depends_on: mana-core-auth: condition: service_healthy environment: NODE_ENV: production PORT: 3006 DATABASE_URL: ${PICTURE_DATABASE_URL} MANA_CORE_AUTH_URL: http://mana-core-auth:3001 # Replicate API for AI image generation REPLICATE_API_TOKEN: ${REPLICATE_API_TOKEN} # S3/MinIO storage S3_ENDPOINT: ${S3_ENDPOINT} S3_REGION: ${S3_REGION} S3_ACCESS_KEY: ${S3_ACCESS_KEY} S3_SECRET_KEY: ${S3_SECRET_KEY} MANACORE_STORAGE_PUBLIC_URL: ${MANACORE_STORAGE_PUBLIC_URL} # Credit system MANA_CORE_SERVICE_KEY: ${MANA_CORE_SERVICE_KEY} APP_ID: picture ports: - "127.0.0.1:3007:3006" healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3006/api/v1/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s networks: - manacore-prod logging: driver: "json-file" options: max-size: "50m" max-file: "5" deploy: resources: limits: cpus: '2' memory: 1G reservations: cpus: '1' memory: 512M # ============================================ # Monitoring (Optional but recommended) # ============================================ # Uncomment if you want container monitoring # watchtower: # image: containrrr/watchtower # container_name: watchtower-prod # restart: always # volumes: # - /var/run/docker.sock:/var/run/docker.sock # command: --interval 300 --cleanup # networks: # - manacore-prod # ============================================ # Networks # ============================================ networks: manacore-prod: driver: bridge name: manacore-production