From a8135747b1cdd1b2753f29cf2defaa7dfc51b8a8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 19 Apr 2026 06:41:56 +0000 Subject: [PATCH 1/2] Plan: fix missing services + add verify-compose CI workflow Agent-Logs-Url: https://github.com/xormania/ai-docker-stack/sessions/49f0b31e-3acc-459d-bc5f-278b1d1e8940 Co-authored-by: xormania <127287135+xormania@users.noreply.github.com> --- .env | 151 +++++++++++++++++++-------- .github/workflows/verify-compose.yml | 44 ++++++++ 2 files changed, 150 insertions(+), 45 deletions(-) create mode 100644 .github/workflows/verify-compose.yml diff --git a/.env b/.env index 3676b77..03eef9a 100644 --- a/.env +++ b/.env @@ -1,8 +1,14 @@ -# stack identity +# ------------------------------------------------------------------- +# Project +# ------------------------------------------------------------------- + COMPOSE_PROJECT_NAME=ai-docker-stack TZ=America/New_York -# versions / images +# ------------------------------------------------------------------- +# Images +# ------------------------------------------------------------------- + OLLAMA_IMAGE=ollama/ollama:latest OPEN_WEBUI_IMAGE=ghcr.io/open-webui/open-webui:main JUPYTER_IMAGE=quay.io/jupyter/pytorch-notebook:latest @@ -28,59 +34,41 @@ MINIO_IMAGE=minio/minio INFINITY_IMAGE=infiniflow/infinity:nightly OBSIDIAN_REMOTE_IMAGE=sytone/obsidian-remote:latest COUCHDB_IMAGE=couchdb:3.3 +OPENCLAW_IMAGE=ghcr.io/openclaw/openclaw:latest + +# ------------------------------------------------------------------- +# Published ports +# ------------------------------------------------------------------- -# ports OPEN_WEBUI_PORT=3000 -GITEA_HTTP_PORT=3001 -GITEA_SSH_PORT=222 -N8N_PORT=5678 +JUPYTER_PORT=8888 +OPEN_NOTEBOOKLM_PORT=8502 +OPEN_NOTEBOOKLM_API_PORT=5055 +DIFY_WEB_PORT=80 FLOWISE_PORT=3003 OPENHANDS_PORT=3004 +N8N_PORT=5678 +MERCURE_PORT=8084 +GITEA_HTTP_PORT=3001 +GITEA_SSH_PORT=222 SEARXNG_PORT=8082 ANYTHINGLLM_PORT=3002 RAGFLOW_PORT=8083 UNSTRUCTURED_API_PORT=8021 -MERCURE_PORT=8084 -JUPYTER_PORT=8888 -OPEN_NOTEBOOKLM_PORT=8502 -OPEN_NOTEBOOKLM_API_PORT=5055 -OBSIDIAN_REMOTE_PORT=8081 +MONGODB_PORT=27017 QDRANT_PORT=6333 SURREALDB_PORT=8000 -MONGODB_PORT=27017 MINIO_API_PORT=9000 MINIO_CONSOLE_PORT=9001 +OBSIDIAN_REMOTE_PORT=8081 COUCHDB_PORT=5984 -DIFY_WEB_PORT=80 - -# core credentials -POSTGRES_USER=admin -POSTGRES_PASSWORD=change-me -POSTGRES_DB_N8N=n8n -POSTGRES_DB_DIFY=dify -POSTGRES_DB_FLOWISE=flowise - -MYSQL_ROOT_PASSWORD=change-me -MYSQL_DATABASE_RAGFLOW=ragflow -MYSQL_USER_RAGFLOW=ragflow -MYSQL_PASSWORD_RAGFLOW=change-me - -COUCHDB_USER=admin -COUCHDB_PASSWORD=change-me - -MINIO_ROOT_USER=minio -MINIO_ROOT_PASSWORD=change-me - -SURREALDB_USER=root -SURREALDB_PASS=change-me +OPENCLAW_PORT=3400 -MERCURE_PUBLISHER_JWT_KEY=change-me-secret -MERCURE_SUBSCRIBER_JWT_KEY=change-me-secret -SERVER_NAME=:80 +# ------------------------------------------------------------------- +# Internal hosts +# ------------------------------------------------------------------- -# service hosts OLLAMA_HOST=ollama -OPEN_WEBUI_HOST=open-webui POSTGRES_HOST=postgres MONGODB_HOST=mongodb QDRANT_HOST=qdrant @@ -95,13 +83,21 @@ N8N_HOST=n8n MERCURE_HOST=mercure SEARXNG_HOST=searxng -# service internal ports +# ------------------------------------------------------------------- +# Internal ports +# ------------------------------------------------------------------- + OLLAMA_PORT=11434 POSTGRES_PORT=5432 REDIS_PORT=6379 MYSQL_PORT=3306 +GITEA_PORT=3000 +SEARXNG_INTERNAL_PORT=8080 + +# ------------------------------------------------------------------- +# Derived internal URLs +# ------------------------------------------------------------------- -# derived internal URLs OLLAMA_BASE_URL=http://ollama:11434 QDRANT_URL=http://qdrant:6333 QDRANT_ENDPOINT=http://qdrant:6333 @@ -112,11 +108,76 @@ GITEA_BASE_URL=http://gitea:3000 N8N_BASE_URL=http://n8n:5678 MERCURE_URL=http://mercure/.well-known/mercure SEARXNG_URL=http://searxng:8080 -COUCHDB_URL=http://admin:change-me@couchdb:5984 +MONGODB_URL=mongodb://mongodb:27017 + +# ------------------------------------------------------------------- +# Credentials +# ------------------------------------------------------------------- + +POSTGRES_USER=admin +POSTGRES_PASSWORD=change-me +POSTGRES_DB_N8N=n8n +POSTGRES_DB_DIFY=dify +POSTGRES_DB_FLOWISE=flowise + +MYSQL_ROOT_PASSWORD=change-me +MYSQL_DATABASE_RAGFLOW=ragflow +MYSQL_USER_RAGFLOW=ragflow +MYSQL_PASSWORD_RAGFLOW=change-me + +MINIO_ROOT_USER=minio +MINIO_ROOT_PASSWORD=change-me + +COUCHDB_USER=admin +COUCHDB_PASSWORD=change-me + +SURREALDB_USER=root +SURREALDB_PASS=change-me + +MERCURE_PUBLISHER_JWT_KEY=change-me-secret +MERCURE_SUBSCRIBER_JWT_KEY=change-me-secret +SERVER_NAME=:80 -# bootstrap / feature toggles -OLLAMA_BOOTSTRAP_MODEL=qwen3.5:current JUPYTER_TOKEN=change-me + +# ------------------------------------------------------------------- +# App-specific convenience values +# ------------------------------------------------------------------- + +DIFY_DB_USERNAME=${POSTGRES_USER} +DIFY_DB_PASSWORD=${POSTGRES_PASSWORD} +DIFY_DB_HOST=${POSTGRES_HOST} +DIFY_DB_DATABASE=${POSTGRES_DB_DIFY} +DIFY_REDIS_HOST=${REDIS_HOST} +DIFY_VECTOR_STORE=qdrant +DIFY_QDRANT_HOST=${QDRANT_HOST} + +FLOWISE_DATABASE_TYPE=postgres +FLOWISE_DATABASE_HOST=${POSTGRES_HOST} +FLOWISE_DATABASE_PORT=${POSTGRES_PORT} +FLOWISE_DATABASE_USER=${POSTGRES_USER} +FLOWISE_DATABASE_PASSWORD=${POSTGRES_PASSWORD} +FLOWISE_DATABASE_NAME=${POSTGRES_DB_FLOWISE} + +N8N_DB_TYPE=postgresdb +N8N_DB_POSTGRESDB_HOST=${POSTGRES_HOST} +N8N_DB_POSTGRESDB_DATABASE=${POSTGRES_DB_N8N} +N8N_DB_POSTGRESDB_USER=${POSTGRES_USER} +N8N_DB_POSTGRESDB_PASSWORD=${POSTGRES_PASSWORD} + +ANYTHINGLLM_STORAGE_DIR=/app/server/storage +ANYTHINGLLM_VECTOR_DB=qdrant + +RAGFLOW_MYSQL_PASSWORD=${MYSQL_ROOT_PASSWORD} + OBSIDIAN_PUID=1000 OBSIDIAN_PGID=1000 -OPENHANDS_ENABLE_DOCKER_SOCKET=false \ No newline at end of file + +# ------------------------------------------------------------------- +# Bootstrap / features +# ------------------------------------------------------------------- + +OLLAMA_BOOTSTRAP_MODEL=qwen3.5:current +OPENHANDS_ENABLE_DOCKER_SOCKET=false +OPENCLAW_EGRESS_MODE=allowlist +OPENCLAW_SANDBOX_MODE=docker-sandbox \ No newline at end of file diff --git a/.github/workflows/verify-compose.yml b/.github/workflows/verify-compose.yml new file mode 100644 index 0000000..9a20977 --- /dev/null +++ b/.github/workflows/verify-compose.yml @@ -0,0 +1,44 @@ +name: Verify Compose Integrity + +on: + push: + paths: + - 'compose*.yaml' + - 'env/**' + - '.env.example' + - '.github/workflows/verify-compose.yml' + pull_request: + paths: + - 'compose*.yaml' + - 'env/**' + - '.env.example' + - '.github/workflows/verify-compose.yml' + +jobs: + verify: + name: Validate Docker Compose Files + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up environment + run: cp .env.example .env + + - name: Validate base compose + run: docker compose -f compose.yaml config --quiet + + - name: Validate apps compose + run: docker compose -f compose.yaml -f compose.apps.yaml config --quiet + + - name: Validate dev compose + run: docker compose -f compose.yaml -f compose.dev.yaml config --quiet + + - name: Validate openclaw compose + run: docker compose -f compose.yaml -f compose.openclaw.yaml config --quiet + + - name: Validate security compose + run: docker compose -f compose.yaml -f compose.openclaw.yaml -f compose.security.yaml config --quiet + + - name: Validate agent-access compose + run: docker compose -f compose.yaml -f compose.apps.yaml -f compose.agent-access.yaml config --quiet From 9dd95667580bb9694fd2983fbde8af21f91946dc Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 19 Apr 2026 06:44:33 +0000 Subject: [PATCH 2/2] Add verify-compose CI workflow and fix missing services/env vars Agent-Logs-Url: https://github.com/xormania/ai-docker-stack/sessions/49f0b31e-3acc-459d-bc5f-278b1d1e8940 Co-authored-by: xormania <127287135+xormania@users.noreply.github.com> --- .env | 11 +++++++++++ .env.example | 11 +++++++++++ .github/workflows/verify-compose.yml | 4 +++- compose.apps.yaml | 11 ++++++++++- compose.yaml | 27 ++++++++++++++++++++++++++- 5 files changed, 61 insertions(+), 3 deletions(-) diff --git a/.env b/.env index 03eef9a..8dfb34a 100644 --- a/.env +++ b/.env @@ -109,6 +109,7 @@ N8N_BASE_URL=http://n8n:5678 MERCURE_URL=http://mercure/.well-known/mercure SEARXNG_URL=http://searxng:8080 MONGODB_URL=mongodb://mongodb:27017 +COUCHDB_URL=http://admin:change-me@couchdb:5984 # ------------------------------------------------------------------- # Credentials @@ -140,6 +141,16 @@ SERVER_NAME=:80 JUPYTER_TOKEN=change-me +# Redis has no authentication by default; set a password here to enable it +REDIS_PASSWORD= + +# Generic connection variables used by agent services (e.g. security overlay) +POSTGRES_DB=n8n + +MYSQL_USER=ragflow +MYSQL_PASSWORD=change-me +MYSQL_DATABASE=ragflow + # ------------------------------------------------------------------- # App-specific convenience values # ------------------------------------------------------------------- diff --git a/.env.example b/.env.example index 03eef9a..8dfb34a 100644 --- a/.env.example +++ b/.env.example @@ -109,6 +109,7 @@ N8N_BASE_URL=http://n8n:5678 MERCURE_URL=http://mercure/.well-known/mercure SEARXNG_URL=http://searxng:8080 MONGODB_URL=mongodb://mongodb:27017 +COUCHDB_URL=http://admin:change-me@couchdb:5984 # ------------------------------------------------------------------- # Credentials @@ -140,6 +141,16 @@ SERVER_NAME=:80 JUPYTER_TOKEN=change-me +# Redis has no authentication by default; set a password here to enable it +REDIS_PASSWORD= + +# Generic connection variables used by agent services (e.g. security overlay) +POSTGRES_DB=n8n + +MYSQL_USER=ragflow +MYSQL_PASSWORD=change-me +MYSQL_DATABASE=ragflow + # ------------------------------------------------------------------- # App-specific convenience values # ------------------------------------------------------------------- diff --git a/.github/workflows/verify-compose.yml b/.github/workflows/verify-compose.yml index 9a20977..45998a9 100644 --- a/.github/workflows/verify-compose.yml +++ b/.github/workflows/verify-compose.yml @@ -18,6 +18,8 @@ jobs: verify: name: Validate Docker Compose Files runs-on: ubuntu-latest + permissions: + contents: read steps: - name: Checkout uses: actions/checkout@v4 @@ -41,4 +43,4 @@ jobs: run: docker compose -f compose.yaml -f compose.openclaw.yaml -f compose.security.yaml config --quiet - name: Validate agent-access compose - run: docker compose -f compose.yaml -f compose.apps.yaml -f compose.agent-access.yaml config --quiet + run: docker compose -f compose.yaml -f compose.apps.yaml -f compose.openclaw.yaml -f compose.agent-access.yaml config --quiet diff --git a/compose.apps.yaml b/compose.apps.yaml index e924b08..1612fcf 100644 --- a/compose.apps.yaml +++ b/compose.apps.yaml @@ -129,4 +129,13 @@ services: container_name: unstructured-api restart: always ports: - - "${UNSTRUCTURED_API_PORT}:8000" \ No newline at end of file + - "${UNSTRUCTURED_API_PORT}:8000" + + openhands: + image: ${OPENHANDS_IMAGE} + container_name: openhands + restart: always + environment: + OPENHANDS_ENABLE_DOCKER_SOCKET: ${OPENHANDS_ENABLE_DOCKER_SOCKET} + ports: + - "${OPENHANDS_PORT}:3000" \ No newline at end of file diff --git a/compose.yaml b/compose.yaml index cabfe41..8adc5e8 100644 --- a/compose.yaml +++ b/compose.yaml @@ -59,6 +59,27 @@ services: - ./env/base.env command: start --user ${SURREALDB_USER} --pass ${SURREALDB_PASS} rocksdb:/mydata/mydatabase.db + qdrant: + image: ${QDRANT_IMAGE} + container_name: qdrant + restart: always + volumes: + - qdrant-data:/qdrant/storage + + mongodb: + image: ${MONGODB_IMAGE} + container_name: mongodb + restart: always + volumes: + - mongodb-data:/data/db + + infinity: + image: ${INFINITY_IMAGE} + container_name: infinity + restart: always + volumes: + - infinity-data:/var/infinity + mercure: image: ${MERCURE_IMAGE} container_name: mercure @@ -66,4 +87,8 @@ services: env_file: - ./env/base.env ports: - - "${MERCURE_PORT}:80" \ No newline at end of file + - "${MERCURE_PORT}:80" +volumes: + qdrant-data: + mongodb-data: + infinity-data: