# BreakPilot Compliance SDK - Mac Mini Deployment # Hardware: Mac Mini M4 Pro, 64GB RAM # LLM: Qwen 2.5 32B via Ollama version: '3.8' services: # ============================================================================= # API Gateway # ============================================================================= api-gateway: image: ghcr.io/breakpilot/compliance-sdk-gateway:latest build: context: ../../services/api-gateway dockerfile: Dockerfile ports: - "443:8080" - "80:8080" environment: - ENVIRONMENT=production - PORT=8080 - DATABASE_URL=postgres://breakpilot:${DB_PASSWORD:-breakpilot}@postgres:5432/compliance - REDIS_URL=redis://redis:6379 - JWT_SECRET=${JWT_SECRET:-change-me-in-production} - COMPLIANCE_ENGINE_URL=http://compliance-engine:8081 - RAG_SERVICE_URL=http://rag-service:8082 - SECURITY_SCANNER_URL=http://security-scanner:8083 - MINIO_ENDPOINT=minio:9000 - MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY:-breakpilot} - MINIO_SECRET_KEY=${MINIO_SECRET_KEY:-breakpilot123} depends_on: - postgres - redis - compliance-engine - rag-service restart: unless-stopped networks: - compliance-net # ============================================================================= # Compliance Engine # ============================================================================= compliance-engine: image: ghcr.io/breakpilot/compliance-engine:latest build: context: ../../services/compliance-engine dockerfile: Dockerfile environment: - ENVIRONMENT=production - PORT=8081 - DATABASE_URL=postgres://breakpilot:${DB_PASSWORD:-breakpilot}@postgres:5432/compliance depends_on: - postgres restart: unless-stopped networks: - compliance-net # ============================================================================= # RAG Service # ============================================================================= rag-service: image: ghcr.io/breakpilot/rag-service:latest build: context: ../../services/rag-service dockerfile: Dockerfile environment: - ENVIRONMENT=production - PORT=8082 - QDRANT_URL=http://qdrant:6333 - OLLAMA_URL=http://host.docker.internal:11434 - EMBEDDING_MODEL=bge-m3 - LLM_MODEL=qwen2.5:32b depends_on: - qdrant restart: unless-stopped networks: - compliance-net extra_hosts: - "host.docker.internal:host-gateway" # ============================================================================= # Security Scanner # ============================================================================= security-scanner: image: ghcr.io/breakpilot/security-scanner:latest build: context: ../../services/security-scanner dockerfile: Dockerfile environment: - ENVIRONMENT=production - PORT=8083 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - scan-data:/app/scans restart: unless-stopped networks: - compliance-net # ============================================================================= # PostgreSQL Database # ============================================================================= postgres: image: postgres:16-alpine environment: - POSTGRES_USER=breakpilot - POSTGRES_PASSWORD=${DB_PASSWORD:-breakpilot} - POSTGRES_DB=compliance volumes: - postgres-data:/var/lib/postgresql/data - ./init-db.sql:/docker-entrypoint-initdb.d/init.sql:ro ports: - "5432:5432" restart: unless-stopped networks: - compliance-net healthcheck: test: ["CMD-SHELL", "pg_isready -U breakpilot"] interval: 10s timeout: 5s retries: 5 # ============================================================================= # Redis Cache # ============================================================================= redis: image: redis:7-alpine command: redis-server --appendonly yes volumes: - redis-data:/data ports: - "6379:6379" restart: unless-stopped networks: - compliance-net healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 5s retries: 5 # ============================================================================= # Qdrant Vector Database # ============================================================================= qdrant: image: qdrant/qdrant:v1.12.1 volumes: - qdrant-data:/qdrant/storage ports: - "6333:6333" - "6334:6334" restart: unless-stopped networks: - compliance-net environment: - QDRANT__SERVICE__GRPC_PORT=6334 # ============================================================================= # MinIO Object Storage # ============================================================================= minio: image: minio/minio:latest command: server /data --console-address ":9001" environment: - MINIO_ROOT_USER=${MINIO_ACCESS_KEY:-breakpilot} - MINIO_ROOT_PASSWORD=${MINIO_SECRET_KEY:-breakpilot123} volumes: - minio-data:/data ports: - "9000:9000" - "9001:9001" restart: unless-stopped networks: - compliance-net healthcheck: test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"] interval: 30s timeout: 20s retries: 3 # ============================================================================= # Maintenance Agent (for remote updates) # ============================================================================= maintenance-agent: image: ghcr.io/breakpilot/maintenance-agent:latest environment: - BREAKPILOT_API_KEY=${MAINTENANCE_API_KEY:-} - DEVICE_ID=${DEVICE_ID:-mac-mini-001} volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./:/app/deployment:ro restart: unless-stopped networks: - compliance-net networks: compliance-net: driver: bridge volumes: postgres-data: redis-data: qdrant-data: minio-data: scan-data: