fix: load PaddleOCR model in background thread

The import and model loading can take minutes and was blocking the startup event, causing health checks to timeout. Now loads in a background thread — health endpoint returns 200 immediately with status 'loading' until model is ready. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix: add detailed logging for PaddleOCR model loading debug
2026-03-13 10:21:59 +01:00 · 2026-03-13 10:19:10 +01:00 · 2026-03-13 10:12:32 +01:00 · 2026-03-13 09:54:52 +01:00 · 2026-03-12 14:16:04 +01:00 · 2026-03-12 13:32:54 +01:00
10 changed files with 435 additions and 5 deletions
--- a/.env.coolify.example
+++ b/.env.coolify.example
@@ -0,0 +1,65 @@
+# =========================================================
+# BreakPilot Core — Coolify Environment Variables
+# =========================================================
+# Copy these into Coolify's environment variable UI
+# for the breakpilot-core Docker Compose resource.
+# =========================================================
+
+# --- External PostgreSQL (Coolify-managed) ---
+POSTGRES_HOST=<coolify-postgres-hostname>
+POSTGRES_PORT=5432
+POSTGRES_USER=breakpilot
+POSTGRES_PASSWORD=CHANGE_ME_STRONG_PASSWORD
+POSTGRES_DB=breakpilot_db
+
+# --- Security ---
+JWT_SECRET=CHANGE_ME_RANDOM_64_CHARS
+JWT_REFRESH_SECRET=CHANGE_ME_ANOTHER_RANDOM_64_CHARS
+INTERNAL_API_KEY=CHANGE_ME_INTERNAL_KEY
+
+# --- External S3 Storage ---
+S3_ENDPOINT=<s3-endpoint-host:port>
+S3_ACCESS_KEY=CHANGE_ME_S3_ACCESS_KEY
+S3_SECRET_KEY=CHANGE_ME_S3_SECRET_KEY
+S3_BUCKET=breakpilot-rag
+S3_SECURE=true
+
+# --- External Qdrant (Coolify-managed) ---
+QDRANT_URL=http://<coolify-qdrant-hostname>:6333
+QDRANT_API_KEY=
+
+# --- SMTP (Real mail server) ---
+SMTP_HOST=smtp.example.com
+SMTP_PORT=587
+SMTP_USERNAME=noreply@breakpilot.ai
+SMTP_PASSWORD=CHANGE_ME_SMTP_PASSWORD
+SMTP_FROM_NAME=BreakPilot
+SMTP_FROM_ADDR=noreply@breakpilot.ai
+
+# --- Session ---
+SESSION_TTL_HOURS=24
+
+# --- Frontend URLs (build args) ---
+NEXT_PUBLIC_CORE_API_URL=https://api-core.breakpilot.ai
+FRONTEND_URL=https://www.breakpilot.ai
+
+# --- Stripe (Billing) ---
+STRIPE_SECRET_KEY=
+STRIPE_WEBHOOK_SECRET=
+STRIPE_PUBLISHABLE_KEY=
+BILLING_SUCCESS_URL=https://www.breakpilot.ai/billing/success
+BILLING_CANCEL_URL=https://www.breakpilot.ai/billing/cancel
+TRIAL_PERIOD_DAYS=14
+
+# --- Embedding Service ---
+EMBEDDING_BACKEND=local
+LOCAL_EMBEDDING_MODEL=BAAI/bge-m3
+LOCAL_RERANKER_MODEL=cross-encoder/ms-marco-MiniLM-L-6-v2
+PDF_EXTRACTION_BACKEND=pymupdf
+OPENAI_API_KEY=
+COHERE_API_KEY=
+LOG_LEVEL=INFO
+
+# --- Ollama (optional, for RAG embeddings) ---
+OLLAMA_URL=
+OLLAMA_EMBED_MODEL=bge-m3
--- a/.gitea/workflows/deploy-coolify.yml
+++ b/.gitea/workflows/deploy-coolify.yml
@@ -0,0 +1,27 @@
+name: Deploy to Coolify
+
+on:
+  push:
+    branches:
+      - coolify
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Deploy via Coolify API
+        run: |
+          echo "Deploying breakpilot-core to Coolify..."
+          HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+            -X POST \
+            -H "Authorization: Bearer ${{ secrets.COOLIFY_API_TOKEN }}" \
+            -H "Content-Type: application/json" \
+            -d '{"uuid": "${{ secrets.COOLIFY_RESOURCE_UUID }}", "force_rebuild": true}' \
+            "${{ secrets.COOLIFY_BASE_URL }}/api/v1/deploy")
+
+          echo "HTTP Status: $HTTP_STATUS"
+          if [ "$HTTP_STATUS" -ne 200 ] && [ "$HTTP_STATUS" -ne 201 ]; then
+            echo "Deployment failed with status $HTTP_STATUS"
+            exit 1
+          fi
+          echo "Deployment triggered successfully!"
--- a/admin-core/Dockerfile
+++ b/admin-core/Dockerfile
@@ -18,6 +18,9 @@ ARG NEXT_PUBLIC_API_URL
 # Set environment variables for build
 ENV NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL

+# Ensure public directory exists
+RUN mkdir -p public
+
 # Build the application
 RUN npm run build

@@ -30,8 +33,8 @@ WORKDIR /app
 ENV NODE_ENV=production

 # Create non-root user
-RUN addgroup --system --gid 1001 nodejs
-RUN adduser --system --uid 1001 nextjs
+RUN addgroup -S -g 1001 nodejs
+RUN adduser -S -u 1001 -G nodejs nextjs

 # Copy built assets
 COPY --from=builder /app/public ./public
--- a/backend-core/Dockerfile
+++ b/backend-core/Dockerfile
@@ -43,11 +43,12 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
    && rm -rf /var/lib/apt/lists/*

 # Install DevSecOps tools (gitleaks, trivy, grype, syft)
-ARG TARGETARCH=arm64
+ARG TARGETARCH
 RUN set -eux; \
+    ARCH="${TARGETARCH:-$(dpkg --print-architecture)}"; \
    # Gitleaks
    GITLEAKS_VERSION=8.21.2; \
-    if [ "$TARGETARCH" = "arm64" ]; then GITLEAKS_ARCH=arm64; else GITLEAKS_ARCH=x64; fi; \
+    if [ "$ARCH" = "arm64" ]; then GITLEAKS_ARCH=arm64; else GITLEAKS_ARCH=x64; fi; \
    curl -sSfL "https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_${GITLEAKS_ARCH}.tar.gz" \
      | tar xz -C /usr/local/bin gitleaks; \
    # Trivy
--- a/docker-compose.coolify.yml
+++ b/docker-compose.coolify.yml
@@ -0,0 +1,195 @@
+# =========================================================
+# BreakPilot Core — Shared Infrastructure (Coolify)
+# =========================================================
+# Deployed via Coolify. SSL termination handled by Traefik.
+# External services (managed separately in Coolify):
+#   - PostgreSQL (PostGIS), Qdrant, S3-compatible storage
+# Network: breakpilot-network (shared across all 3 repos)
+# =========================================================
+
+networks:
+  breakpilot-network:
+    name: breakpilot-network
+    driver: bridge
+
+volumes:
+  valkey_data:
+  embedding_models:
+  paddleocr_models:
+
+services:
+
+  # =========================================================
+  # CACHE
+  # =========================================================
+  valkey:
+    image: valkey/valkey:8-alpine
+    container_name: bp-core-valkey
+    volumes:
+      - valkey_data:/data
+    command: valkey-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru
+    healthcheck:
+      test: ["CMD", "valkey-cli", "ping"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
+  # =========================================================
+  # SHARED SERVICES
+  # =========================================================
+  consent-service:
+    build:
+      context: ./consent-service
+      dockerfile: Dockerfile
+    container_name: bp-core-consent-service
+    expose:
+      - "8081"
+    environment:
+      DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}
+      JWT_SECRET: ${JWT_SECRET}
+      JWT_REFRESH_SECRET: ${JWT_REFRESH_SECRET}
+      PORT: 8081
+      ENVIRONMENT: production
+      ALLOWED_ORIGINS: "*"
+      VALKEY_URL: redis://valkey:6379/0
+      SESSION_TTL_HOURS: ${SESSION_TTL_HOURS:-24}
+      SMTP_HOST: ${SMTP_HOST}
+      SMTP_PORT: ${SMTP_PORT:-587}
+      SMTP_USERNAME: ${SMTP_USERNAME}
+      SMTP_PASSWORD: ${SMTP_PASSWORD}
+      SMTP_FROM_NAME: ${SMTP_FROM_NAME:-BreakPilot}
+      SMTP_FROM_ADDR: ${SMTP_FROM_ADDR:-noreply@breakpilot.ai}
+      FRONTEND_URL: ${FRONTEND_URL:-https://www.breakpilot.ai}
+    depends_on:
+      valkey:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "wget", "-q", "--spider", "http://127.0.0.1:8081/health"]
+      interval: 30s
+      timeout: 10s
+      start_period: 15s
+      retries: 3
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
+  # =========================================================
+  # RAG & EMBEDDING SERVICES
+  # =========================================================
+  rag-service:
+    build:
+      context: ./rag-service
+      dockerfile: Dockerfile
+    container_name: bp-core-rag-service
+    expose:
+      - "8097"
+    environment:
+      PORT: 8097
+      QDRANT_URL: ${QDRANT_URL}
+      QDRANT_API_KEY: ${QDRANT_API_KEY:-}
+      MINIO_ENDPOINT: ${S3_ENDPOINT}
+      MINIO_ACCESS_KEY: ${S3_ACCESS_KEY}
+      MINIO_SECRET_KEY: ${S3_SECRET_KEY}
+      MINIO_BUCKET: ${S3_BUCKET:-breakpilot-rag}
+      MINIO_SECURE: ${S3_SECURE:-true}
+      EMBEDDING_SERVICE_URL: http://embedding-service:8087
+      OLLAMA_URL: ${OLLAMA_URL:-}
+      OLLAMA_EMBED_MODEL: ${OLLAMA_EMBED_MODEL:-bge-m3}
+      JWT_SECRET: ${JWT_SECRET}
+      ENVIRONMENT: production
+    depends_on:
+      embedding-service:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://127.0.0.1:8097/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 15s
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
+  embedding-service:
+    build:
+      context: ./embedding-service
+      dockerfile: Dockerfile
+    container_name: bp-core-embedding-service
+    volumes:
+      - embedding_models:/root/.cache/huggingface
+    environment:
+      EMBEDDING_BACKEND: ${EMBEDDING_BACKEND:-local}
+      LOCAL_EMBEDDING_MODEL: ${LOCAL_EMBEDDING_MODEL:-BAAI/bge-m3}
+      LOCAL_RERANKER_MODEL: ${LOCAL_RERANKER_MODEL:-cross-encoder/ms-marco-MiniLM-L-6-v2}
+      PDF_EXTRACTION_BACKEND: ${PDF_EXTRACTION_BACKEND:-pymupdf}
+      OPENAI_API_KEY: ${OPENAI_API_KEY:-}
+      COHERE_API_KEY: ${COHERE_API_KEY:-}
+      LOG_LEVEL: ${LOG_LEVEL:-INFO}
+    deploy:
+      resources:
+        limits:
+          memory: 8G
+    healthcheck:
+      test: ["CMD", "python", "-c", "import httpx; r=httpx.get('http://127.0.0.1:8087/health'); r.raise_for_status()"]
+      interval: 30s
+      timeout: 10s
+      start_period: 120s
+      retries: 3
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
+  # =========================================================
+  # OCR SERVICE (PaddleOCR PP-OCRv5 Latin)
+  # =========================================================
+  paddleocr-service:
+    build:
+      context: ./paddleocr-service
+      dockerfile: Dockerfile
+    container_name: bp-core-paddleocr
+    ports:
+      - "8095:8095"
+    environment:
+      PADDLEOCR_API_KEY: ${PADDLEOCR_API_KEY:-}
+      FLAGS_use_mkldnn: "0"
+    volumes:
+      - paddleocr_models:/root/.paddleocr
+    deploy:
+      resources:
+        limits:
+          memory: 4G
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://127.0.0.1:8095/health"]
+      interval: 30s
+      timeout: 10s
+      start_period: 300s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
+  # =========================================================
+  # HEALTH AGGREGATOR
+  # =========================================================
+  health-aggregator:
+    build:
+      context: ./scripts
+      dockerfile: Dockerfile.health
+    container_name: bp-core-health
+    expose:
+      - "8099"
+    environment:
+      PORT: 8099
+      CHECK_SERVICES: "valkey:6379,consent-service:8081,rag-service:8097,embedding-service:8087,paddleocr-service:8095"
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://127.0.0.1:8099/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+    restart: unless-stopped
+    networks:
+      - breakpilot-network
+
--- a/paddleocr-service/Dockerfile
+++ b/paddleocr-service/Dockerfile
@@ -0,0 +1,16 @@
+FROM python:3.11-slim
+WORKDIR /app
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgl1 libglib2.0-0 libgomp1 curl \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+EXPOSE 8095
+HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 \
+    CMD curl -f http://127.0.0.1:8095/health || exit 1
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8095"]
--- a/paddleocr-service/main.py
+++ b/paddleocr-service/main.py
@@ -0,0 +1,111 @@
+"""PaddleOCR Remote Service — PP-OCRv5 Latin auf x86_64."""
+
+import io
+import logging
+import os
+import threading
+
+import numpy as np
+from fastapi import FastAPI, File, Header, HTTPException, UploadFile
+from PIL import Image
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+app = FastAPI(title="PaddleOCR Service")
+
+_engine = None
+_ready = False
+_loading = False
+API_KEY = os.environ.get("PADDLEOCR_API_KEY", "")
+
+
+def _load_model():
+    """Load PaddleOCR model in background thread."""
+    global _engine, _ready
+    try:
+        logger.info("Importing paddleocr...")
+        from paddleocr import PaddleOCR
+
+        logger.info("Import done. Loading PaddleOCR model...")
+        try:
+            _engine = PaddleOCR(
+                lang="en",
+                ocr_version="PP-OCRv5",
+                use_angle_cls=True,
+                show_log=False,
+            )
+            logger.info("Using PP-OCRv5 (en)")
+        except Exception as e:
+            logger.info(f"PP-OCRv5 failed ({e}), trying latin fallback...")
+            _engine = PaddleOCR(
+                lang="latin",
+                use_angle_cls=True,
+                show_log=False,
+            )
+            logger.info("Using PP-OCRv4 fallback (latin)")
+        _ready = True
+        logger.info("PaddleOCR model loaded successfully — ready to serve")
+    except Exception as e:
+        logger.error(f"Failed to load PaddleOCR model: {e}")
+
+
+@app.on_event("startup")
+def startup_load_model():
+    """Start model loading in background so health check passes immediately."""
+    global _loading
+    _loading = True
+    thread = threading.Thread(target=_load_model, daemon=True)
+    thread.start()
+    logger.info("Model loading started in background thread")
+
+
+@app.get("/health")
+def health():
+    if _ready:
+        return {"status": "ok", "model": "PP-OCRv5-latin"}
+    if _loading:
+        return {"status": "loading"}
+    return {"status": "error"}
+
+
+@app.post("/ocr")
+async def ocr(
+    file: UploadFile = File(...),
+    x_api_key: str = Header(default=""),
+):
+    if API_KEY and x_api_key != API_KEY:
+        raise HTTPException(status_code=401, detail="Invalid API key")
+
+    if not _ready:
+        raise HTTPException(status_code=503, detail="Model still loading")
+
+    img_bytes = await file.read()
+    img = Image.open(io.BytesIO(img_bytes)).convert("RGB")
+    img_np = np.array(img)
+
+    result = _engine.ocr(img_np)
+
+    words = []
+    for line in result[0] or []:
+        box, (text, conf) = line[0], line[1]
+        x_min = min(p[0] for p in box)
+        y_min = min(p[1] for p in box)
+        x_max = max(p[0] for p in box)
+        y_max = max(p[1] for p in box)
+        words.append(
+            {
+                "text": text.strip(),
+                "left": int(x_min),
+                "top": int(y_min),
+                "width": int(x_max - x_min),
+                "height": int(y_max - y_min),
+                "conf": round(conf * 100, 1),
+            }
+        )
+
+    return {
+        "words": words,
+        "image_width": img_np.shape[1],
+        "image_height": img_np.shape[0],
+    }
--- a/paddleocr-service/requirements.txt
+++ b/paddleocr-service/requirements.txt
@@ -0,0 +1,7 @@
+paddlepaddle==2.6.2
+paddleocr==2.8.1
+fastapi>=0.110.0
+uvicorn>=0.25.0
+python-multipart>=0.0.6
+Pillow>=10.0.0
+numpy>=1.24.0
--- a/rag-service/config.py
+++ b/rag-service/config.py
@@ -6,6 +6,7 @@ class Settings:

    # Qdrant
    QDRANT_URL: str = os.getenv("QDRANT_URL", "http://localhost:6333")
+    QDRANT_API_KEY: str = os.getenv("QDRANT_API_KEY", "")

    # MinIO
    MINIO_ENDPOINT: str = os.getenv("MINIO_ENDPOINT", "localhost:9000")
--- a/rag-service/qdrant_client_wrapper.py
+++ b/rag-service/qdrant_client_wrapper.py
@@ -46,7 +46,11 @@ class QdrantClientWrapper:
    @property
    def client(self) -> QdrantClient:
        if self._client is None:
-            self._client = QdrantClient(url=settings.QDRANT_URL, timeout=30)
+            self._client = QdrantClient(
+                url=settings.QDRANT_URL,
+                api_key=settings.QDRANT_API_KEY or None,
+                timeout=30,
+            )
            logger.info("Connected to Qdrant at %s", settings.QDRANT_URL)
        return self._client
Author	SHA1	Message	Date
Benjamin Admin	5ee3cc0104	fix: load PaddleOCR model in background thread Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details The import and model loading can take minutes and was blocking the startup event, causing health checks to timeout. Now loads in a background thread — health endpoint returns 200 immediately with status 'loading' until model is ready. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 10:21:59 +01:00
Benjamin Admin	b36712247b	fix: add detailed logging for PaddleOCR model loading debug Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 10:19:10 +01:00
Benjamin Admin	86b11c7e5f	fix: catch all exceptions in PaddleOCR version fallback Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details PaddleOCR 2.8.1 throws a generic Exception (not ValueError) when ocr_version='PP-OCRv5' is used. Broadened except clause to catch any error and fall back to lang='latin' for older versions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 10:12:32 +01:00
Benjamin Admin	8003dcac39	fix: PaddleOCR 3.4.0 compatibility — use lang=en with PP-OCRv5 Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details PaddleOCR 3.4.0 removed 'latin' language support, causing ValueError at startup. Now uses lang='en' with ocr_version='PP-OCRv5' and falls back to lang='latin' for older PaddleOCR versions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-13 09:54:52 +01:00
Benjamin Admin	778c44226e	fix: expose port 8095 directly (bypass Traefik 60s timeout) Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 14:16:04 +01:00
Benjamin Admin	79891063dd	fix: pin PaddlePaddle 2.6.2 + PaddleOCR 2.8.1 (stable, no PIR bug) Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details PaddlePaddle 3.x hat oneDNN/PIR Executor Bug. Zurueck auf 2.6.2 mit bewaeherter ocr() API statt predict(). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 13:32:54 +01:00
Benjamin Admin	2c9b0dc448	fix: disable oneDNN (FLAGS_use_mkldnn=0) for PaddlePaddle compat Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 13:25:36 +01:00
Benjamin Admin	3133615044	fix: add libgomp1 (OpenMP) + remove unused lang parameter Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details PaddlePaddle braucht libgomp.so.1 fuer Inferenz. lang wird ignoriert bei explizitem model_name. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 13:19:47 +01:00
Benjamin Admin	2bc0f87325	fix: PaddleOCR model pre-load at startup + 5min healthcheck grace Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Model wird beim Container-Start geladen (nicht erst beim ersten Request). Health-Check start_period auf 300s erhoeht fuer initialen Download. /health gibt "loading" zurueck bis Modell bereit ist. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 13:12:14 +01:00
Benjamin Admin	4ee38d6f0b	fix: remove show_log (unknown in PaddleOCR v3 API) Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 12:52:52 +01:00
Benjamin Admin	992d4f2a6b	fix: PaddleOCR v3 API — explicit model name + predict() statt ocr() Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details lang="latin" braucht text_recognition_model_name in PP-OCRv5. Neue API nutzt predict() statt ocr(), Ergebnis-Format angepasst. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 12:47:07 +01:00
Benjamin Admin	8f5f9641c7	fix: libgl1-mesa-glx → libgl1 (Debian bookworm) Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 10:33:28 +01:00
Benjamin Admin	7cdb53051f	feat: PaddleOCR Service (PP-OCRv5 Latin auf x86_64) Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Microservice fuer PaddleOCR auf Hetzner. FastAPI mit /ocr und /health Endpoints, API-Key Auth, 4GB Memory Limit, Modell-Cache Volume. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 10:20:41 +01:00
Sharang Parnerkar	d834753a98	Remove services not needed by SDK from Coolify deployment Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Remove backend-core, billing-service, night-scheduler, and admin-core as they are not used by any compliance/SDK service. Update health-aggregator CHECK_SERVICES to reference consent-service instead. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-10 13:29:23 +01:00
Sharang Parnerkar	395011d0f4	Add healthchecks to backend-core, consent-service, billing-service, admin-core Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Coolify/Traefik requires healthchecks to route traffic to containers. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-08 00:57:43 +01:00
Sharang Parnerkar	9e1660f954	Remove Traefik labels from coolify compose — Coolify handles routing Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-08 00:05:26 +01:00
Sharang Parnerkar	13ff930b5e	Fix admin-core build: ensure public directory exists before build Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:44:30 +01:00
Sharang Parnerkar	5d1c837f49	Fix backend-core TARGETARCH: auto-detect instead of hardcoded arm64 Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details The Dockerfile hardcoded TARGETARCH=arm64 for Mac Mini. Coolify server is x86_64, causing exit code 126 (wrong binary arch). Now uses Docker BuildKit's auto-detected TARGETARCH with dpkg fallback. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:37:59 +01:00
Sharang Parnerkar	1dd9662037	Add QDRANT_API_KEY support to rag-service Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details - Add QDRANT_API_KEY to config.py (empty string = no auth) - Pass api_key to QdrantClient constructor (None when empty) - Add QDRANT_API_KEY to coolify compose and env example Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:11 +01:00
Sharang Parnerkar	4626edb232	Sync coolify compose with main: remove voice-service, update rag/embedding Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details - Remove voice-service (removed in main branch) - Remove voice_session_data volume - Add OLLAMA_URL and OLLAMA_EMBED_MODEL to rag-service - Update embedding-service default model to BAAI/bge-m3, memory 4G→8G - Update health-aggregator CHECK_SERVICES (remove voice-service) - Update .env.coolify.example accordingly Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:23:52 +01:00
Sharang Parnerkar	3c29b621ac	Merge remote-tracking branch 'origin/main' into coolify	2026-03-07 23:10:41 +01:00
Sharang Parnerkar	755570d474	fix: use Alpine-compatible addgroup/adduser flags in Dockerfiles Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Replace --system/--gid/--uid (Debian syntax) with -S/-g/-u (BusyBox/Alpine). Coolify ARG injection causes exit code 255 with Debian-style flags. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-06 22:38:31 +01:00
Sharang Parnerkar	e890b1490a	refactor(coolify): externalize postgres, qdrant, S3; remove jitsi/synapse Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details - Remove PostgreSQL, Qdrant, MinIO services (managed separately in Coolify) - Remove Jitsi stack (web, xmpp, jicofo, jvb) and Synapse/synapse-db - Add POSTGRES_HOST, QDRANT_URL, S3_ENDPOINT/S3_ACCESS_KEY/S3_SECRET_KEY env vars - Remove Traefik labels from internal-only services - Health aggregator no longer checks external services - Core now has 10 services: valkey + 9 application services Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-03 09:23:20 +01:00
Sharang Parnerkar	d15de16c47	feat: add Coolify deployment configuration Some checks failed Deploy to Coolify / deploy (push) Has been cancelled Details Add docker-compose.coolify.yml (17 services), .env.coolify.example, and Gitea Action workflow for Coolify API deployment. Removes nginx, vault, gitea, woodpecker, mailpit, and dev-only services. Adds Traefik labels for *.breakpilot.ai domain routing with Let's Encrypt SSL. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-25 10:43:02 +01:00