mcp_server_project/docker-compose.yml at main · sdirishguy/mcp_server_project · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
services:
  mcp-server:
    build: .
    container_name: mcp-server
    ports:
      - "8000:8000"
    volumes:
      - ./logs:/app/logs
      - ./shared_host_folder:/app/shared_host_folder
      # Remove host_data mount - not used by application
    environment:
      - ENVIRONMENT=development
      - SERVER_PORT=8000
      - MCP_BASE_WORKING_DIR=/app/shared_host_folder
      - AUDIT_LOG_FILE=/app/logs/audit.log
      - ALLOW_ARBITRARY_SHELL_COMMANDS=false
      - LOG_LEVEL=INFO
      # Security: Use secrets in production instead of environment variables
      - JWT_SECRET=${JWT_SECRET:-change-this-in-production}
      - ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
      - ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin123}
      # Optional: API keys for LLM tools
      - OPENAI_API_KEY=${OPENAI_API_KEY:-}
      - GEMINI_API_KEY=${GEMINI_API_KEY:-}
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 10s
    # Production considerations:
    deploy:
      resources:
        limits:
          memory: 512M
          cpus: '0.5'
        reservations:
          memory: 256M
          cpus: '0.25'
    # Security
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL