math2visual_system/docker-compose-peach.yml at main · ETH-PEACH-Lab/math2visual_system · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
services:
  app:
    build:
      context: .
      dockerfile: DockerfilePeach
      args:
        VITE_ENABLE_ANALYTICS: ${VITE_ENABLE_ANALYTICS:-false}
    image: ghcr.io/eth-peach-lab/math2visual_system/math2visual:latest
    container_name: math2visual
    ports:
      # Expose Gunicorn port for Peach server's nginx proxy
      - "5000:5000"
    volumes:
      # Mount Peach server data directory for persistence
      # This allows user uploads, analytics, and datasets to persist on the Peach server
      # On Peach server, data is stored in: /var/lib/peachlab/data/math2visual
      - ${PEACHLAB_DATA_DIR:-./backend/storage}:/app/storage
    env_file:
      - .env
    networks:
      - default-isg
    environment:
      # Peach server nginx proxy configuration
      - VIRTUAL_HOST=${VIRTUAL_HOST:-math2visual.peachhub.inf.ethz.ch}
      - VIRTUAL_PORT=5000
      - LETSENCRYPT_HOST=${LETSENCRYPT_HOST:-math2visual.peachhub.inf.ethz.ch}
      - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL:-junling.wang@ai.ethz.ch}
      # API keys
      - OPENAI_API_KEY=${OPENAI_API_KEY:-}
      - GEMINI_API_KEY=${GEMINI_API_KEY:-}
      # ClamAV configuration (service name defined below)
      - CLAMAV_HOST=clamav
      - CLAMAV_PORT=3310
      - SVG_STORAGE_MODE=local
      - SVG_DATASET_PATH=/app/storage/datasets/svg_dataset
      # Database configuration (PostgreSQL is always started for tutor sessions)
      # Default DATABASE_URL connects to the postgres service
      # To override, set DATABASE_URL in .env file or override inline
      # Password is set via POSTGRES_PASSWORD environment variable (defaults to math2visual_password)
      # Note: If you change POSTGRES_PASSWORD, also update DATABASE_URL to match
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-math2visual_password}
      - DATABASE_URL=${DATABASE_URL:-postgresql://math2visual_user:math2visual_password@postgres:5432/math2visual_analytics}
      - DATABASE_ECHO=false
      # Flask environment (affects CORS and other behaviors)
      - FLASK_ENV=production
      # CORS configuration (required for production - set your domain)
      # Example: CORS_ORIGINS=https://math2visual.example.com
      - CORS_ORIGINS=${CORS_ORIGINS:-}
      - FRONTEND_URL=${FRONTEND_URL:-}
    restart: unless-stopped
    labels:
      - com.centurylinklabs.watchtower.enable=true
    depends_on:
      postgres:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "python3", "-c", "import socket; s = socket.socket(); s.settimeout(2); result = s.connect_ex(('127.0.0.1', 5000)); s.close(); exit(0 if result == 0 else 1)"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s

  # ClamAV antivirus service (used by backend via pyClamd)
  clamav:
    image: clamav/clamav:latest
    container_name: math2visual-clamav
    restart: unless-stopped
    # ports:
    #  # Expose for debugging; app talks to it over the Docker network using CLAMAV_HOST/CLAMAV_PORT
    #  # - "3310:3310"
    volumes:
      # Persist virus database to avoid re-downloading on every restart
      - clamav-db:/var/lib/clamav
    networks:
      - default-isg
    environment:
      # Allow reasonably large files/streams for scanning
      - CLAMD_CONF_MaxFileSize=50M
      - CLAMD_CONF_MaxScanSize=50M
      - CLAMD_CONF_StreamMaxLength=50M
      # Configure freshclam to check for updates every 2 hours (12 times per day)
      # The official ClamAV image runs freshclam automatically in the background
      - FRESHCLAM_CONF_Checks=12
      # Update database on container start
      - UPDATE=true

  # PostgreSQL database (always started - required for tutor sessions and optional for analytics)
  postgres:
    image: postgres:16-alpine
    container_name: math2visual-postgres
    restart: unless-stopped
    # ports:
    #   # Expose for debugging; app talks to it over the Docker network using DATABASE_URL
    #   # - "5432:5432"
    volumes:
      # Persist database data across container restarts
      - postgres-data:/var/lib/postgresql/data
    env_file:
      - .env
    networks:
      - default-isg
    environment:
      - POSTGRES_DB=math2visual_analytics
      - POSTGRES_USER=math2visual_user
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-math2visual_password}
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U math2visual_user -d math2visual_analytics"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 10s

  # Cleanup service for temporary files (runs via cron every hour)
  # Note: This service uses a Docker Compose profile and will only start when explicitly enabled.
  # When analytics is enabled (VITE_ENABLE_ANALYTICS=true), do NOT start this service,
  # as it would delete tutor sessions that should be preserved for analytics.
  #
  # To start the cleanup service (when analytics is disabled):
  #   docker-compose --profile cleanup up -d
  #
  # To start without cleanup (when analytics is enabled):
  #   docker-compose up -d
  cleanup:
    profiles: ["cleanup"]
    build:
      context: .
      dockerfile: Dockerfile.cleanup
    container_name: math2visual-cleanup
    volumes:
      - ${PEACHLAB_DATA_DIR:-./backend/storage}:/app/storage
      - ${PEACHLAB_DATA_DIR:-./cleanup-logs}:/var/log
    env_file:
      - .env
    environment:
      - CLEANUP_OUTPUT_AGE_HOURS=24
      - CLEANUP_TEMP_SVG_AGE_HOURS=1
      - DATABASE_URL=${DATABASE_URL:-}
    # Set up cron job and start cron daemon
    command: |
      /bin/bash -c '
      echo "Cleanup service starting..." &&
      echo "PATH=/usr/local/bin:/usr/bin:/bin:/home/appuser/.local/bin" > /etc/cron.d/cleanup-cron &&
      echo "SHELL=/bin/bash" >> /etc/cron.d/cleanup-cron &&
      echo "0 * * * * appuser cd /app && /usr/local/bin/python3 scripts/cleanup_temp_files.py --age-hours $${CLEANUP_OUTPUT_AGE_HOURS:-24} --temp-svg-age-hours $${CLEANUP_TEMP_SVG_AGE_HOURS:-1} >> /var/log/cleanup.log 2>&1" >> /etc/cron.d/cleanup-cron &&
      echo "" >> /etc/cron.d/cleanup-cron &&
      chmod 0644 /etc/cron.d/cleanup-cron &&
      echo "Cron file contents:" &&
      cat /etc/cron.d/cleanup-cron &&
      printenv | grep -E "^CLEANUP_" >> /etc/environment &&
      touch /var/log/cleanup.log &&
      chown appuser:appuser /var/log/cleanup.log &&
      echo "Cron job configured. Cleanup will run every hour at minute 0." &&
      echo "Checking for other cron files..." &&
      ls -la /etc/cron.d/ &&
      echo "Starting cron daemon..." &&
      exec cron -f -L 15
      '
    restart: unless-stopped
    depends_on:
      - app
    healthcheck:
      # Disable healthcheck for cleanup service (cron runs in background)
      disable: true

# Named volumes for persistent data
volumes:
  # ClamAV virus database - persists virus definitions across container restarts
  clamav-db:
  # PostgreSQL data - persists analytics database across container restarts
  postgres-data:

networks:
  default-isg:
    external: true