sharang/certifai
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity
Files
809ca1597984d42fb85b0019035c3ad5ccab8ac7
certifai/docker-compose.yml
Sharang Parnerkar 809ca15979
All checks were successful
CI / Format (push) Successful in 3s
Details
CI / Clippy (push) Successful in 2m56s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Deploy (push) Has been skipped
Details
fix(docker): fix keycloak health check and deprecation warnings 
Keycloak 26 image does not include curl, so the health check fails.
Switch to bash TCP check against /realms/master. Also replace deprecated
KEYCLOAK_ADMIN env vars with KC_BOOTSTRAP_ADMIN_USERNAME/PASSWORD, remove
obsolete compose version key, and add start_period for slower machines.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 21:47:06 +01:00

84 lines
2.5 KiB
YAML
Raw Blame History

services:
keycloak:
image: quay.io/keycloak/keycloak:26.0
container_name: certifai-keycloak
environment:
KC_BOOTSTRAP_ADMIN_USERNAME: admin
KC_BOOTSTRAP_ADMIN_PASSWORD: admin
KC_DB: dev-mem
KC_HEALTH_ENABLED: "true"
ports:
- "8080:8080"
command:
- start-dev
- --import-realm
volumes:
- ./keycloak/realm-export.json:/opt/keycloak/data/import/realm-export.json:ro
- ./keycloak/themes/certifai:/opt/keycloak/themes/certifai:ro
healthcheck:
test: ["CMD-SHELL", "exec 3<>/dev/tcp/localhost/8080 && echo -e 'GET /realms/master HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && head -1 <&3 | grep -q '200 OK'"]
interval: 10s
timeout: 5s
retries: 10
start_period: 30s
mongo:
image: mongo:latest
restart: unless-stopped
ports:
- 27017:27017
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: example
searxng:
image: searxng/searxng:latest
container_name: certifai-searxng
restart: unless-stopped
ports:
- "8888:8080"
environment:
- SEARXNG_BASE_URL=http://localhost:8888
volumes:
- ./searxng:/etc/searxng:rw
librechat:
image: ghcr.io/danny-avila/librechat:latest
container_name: certifai-librechat
restart: unless-stopped
ports:
- "3080:3080"
depends_on:
keycloak:
condition: service_healthy
mongo:
condition: service_started
environment:
# MongoDB (shared instance, separate database)
MONGO_URI: mongodb://root:example@mongo:27017/librechat?authSource=admin
# Keycloak OIDC SSO
OPENID_ISSUER: http://localhost:8080/realms/certifai
OPENID_CLIENT_ID: certifai-librechat
OPENID_CLIENT_SECRET: certifai-librechat-secret
OPENID_CALLBACK_URL: /oauth/openid/callback
OPENID_SCOPE: openid profile email
OPENID_BUTTON_LABEL: Login with CERTifAI
OPENID_AUTH_EXTRA_PARAMS: prompt=none
# Disable local auth (SSO only)
ALLOW_EMAIL_LOGIN: "false"
ALLOW_REGISTRATION: "false"
ALLOW_SOCIAL_LOGIN: "true"
ALLOW_SOCIAL_REGISTRATION: "true"
# App settings
APP_TITLE: CERTifAI Chat
CUSTOM_FOOTER: CERTifAI - Sovereign GenAI Infrastructure
HOST: 0.0.0.0
PORT: "3080"
NO_INDEX: "true"
volumes:
- ./librechat/librechat.yaml:/app/librechat.yaml:ro
- ./librechat/logo.svg:/app/client/public/assets/logo.svg:ro
- librechat-data:/app/data
volumes:
librechat-data:
Reference in New Issue View Git Blame Copy Permalink