semantic-cache-routing-workshop/docker-compose.yml at main · redis-developer/semantic-cache-routing-workshop · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
services:

  # Workbench
  workbench:
    image: nginx:alpine
    container_name: workshop-workbench
    ports:
      - "80:80"
    volumes:
      - ./workbench:/usr/share/nginx/html:ro
      - ./workbench/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./workbench/proxy:/etc/nginx/proxy:ro
    depends_on:
      - api
      - docs
      - vscode
      - web
      - redisinsight

  # Documentation server (Docsify)
  docs:
    image: nginx:alpine
    container_name: workshop-docs
    volumes:
      - ./docs:/usr/share/nginx/html:ro

  # VS Code in the browser (code-server)
  # ─────────────────────────────────────────────────────────────────────────
  # Security: code-server performs WebSocket origin checks (added in v4.10.1)
  # to prevent cross-site WebSocket hijacking. When behind PS Portal:
  #
  # 1. The browser's Origin header = workbench URL (e.g., https://rl-s-labs-xyz.labs.ps-redis.com)
  # 2. The Host header = VS Code URL (e.g., 8080-p-rl-s-labs-xyz.labs.ps-redis.com)
  # 3. These don't match, so WebSockets are blocked (error 1006)
  #
  # Since PS Portal dynamically generates hostnames per VM, we cannot predict
  # them. Using --trusted-origins "*" allows all origins through the check.
  # This is safe because PS Portal itself provides the authentication layer.
  # ─────────────────────────────────────────────────────────────────────────
  vscode:
    build:
      context: .
      dockerfile: ./docker/vscode/Dockerfile
    container_name: workshop-vscode
    volumes:
      - ./code:/home/coder/code
    command: >-
      --auth none
      --bind-addr 0.0.0.0:8080
      --disable-workspace-trust
      --trusted-origins "*"
      /home/coder/code

  # Web terminal with Node.js
  # restart: unless-stopped ensures the container restarts if someone types
  # "exit" in the terminal, which would otherwise stop the tmux session
  web:
    build: ./docker/web
    container_name: workshop-web
    restart: unless-stopped
    volumes:
      - ./code/web:/app
      - /app/node_modules
      - /var/run/docker.sock:/var/run/docker.sock

  # Python API
  api:
    build:
      context: .
      dockerfile: ./docker/api/Dockerfile
    container_name: workshop-api
    env_file:
      - ./code/api/.env
    volumes:
      - ./code/api:/app
    depends_on:
      - redis

  # Redis
  redis:
    image: redis:latest
    container_name: workshop-redis

  # Redis Insight
  redisinsight:
    image: redis/redisinsight:latest
    container_name: workshop-redisinsight
    environment:
      - RI_PROXY_PATH=/redisinsight
      - RI_REDIS_HOST=redis
      - RI_REDIS_PORT=6379
      - RI_REDIS_ALIAS=Workshop Redis
    volumes:
      - redisinsight-data:/data
    depends_on:
      - redis

volumes:
  redisinsight-data: