-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
executable file
·100 lines (95 loc) · 3.06 KB
/
docker-compose.yml
File metadata and controls
executable file
·100 lines (95 loc) · 3.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# =============================================================================
# PromptWAF — Production Docker Compose Stack
# =============================================================================
# Usage:
# cp .env.example .env # Configure your environment
# docker compose up -d # Start all services
# docker compose logs -f # View logs
# docker compose down # Tear down
# =============================================================================
services:
# -------------------------------------------------------------------------
# PromptWAF — FastAPI LLM Security Proxy
# -------------------------------------------------------------------------
prompt-waf:
build:
context: .
dockerfile: Dockerfile
container_name: promptwaf
restart: unless-stopped
ports:
- "${WAF_PORT:-8000}:8000"
env_file:
- .env
environment:
# Connect to the Redis service for distributed rate limiting
- REDIS_URL=redis://redis:6379/0
depends_on:
redis:
condition: service_healthy
networks:
- waf-network
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 30s
timeout: 5s
retries: 3
start_period: 10s
# -------------------------------------------------------------------------
# Redis — Distributed Rate Limiting Backend
# -------------------------------------------------------------------------
redis:
image: redis:7-alpine
container_name: promptwaf-redis
restart: unless-stopped
ports:
- "${REDIS_PORT:-6379}:6379"
volumes:
- redis-data:/data
command: >
redis-server
--appendonly yes
--maxmemory 128mb
--maxmemory-policy allkeys-lru
networks:
- waf-network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 3s
retries: 5
# -------------------------------------------------------------------------
# Prometheus — Metrics Collection & Alerting
# -------------------------------------------------------------------------
prometheus:
image: prom/prometheus:latest
container_name: promptwaf-prometheus
restart: unless-stopped
ports:
- "${PROMETHEUS_PORT:-9090}:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
- prometheus-data:/prometheus
command:
- "--config.file=/etc/prometheus/prometheus.yml"
- "--storage.tsdb.retention.time=30d"
- "--web.enable-lifecycle"
depends_on:
prompt-waf:
condition: service_healthy
networks:
- waf-network
# ---------------------------------------------------------------------------
# Volumes
# ---------------------------------------------------------------------------
volumes:
redis-data:
driver: local
prometheus-data:
driver: local
# ---------------------------------------------------------------------------
# Networks
# ---------------------------------------------------------------------------
networks:
waf-network:
driver: bridge