services: # ─── PostgreSQL with pgvector ─────────────────────────── db: image: pgvector/pgvector:pg17 restart: unless-stopped environment: POSTGRES_USER: postgres POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres} POSTGRES_DB: hp_prod_tracker ports: - "5491:5432" volumes: - pgdata:/var/lib/postgresql/data - ./docker/db-init.sql:/docker-entrypoint-initdb.d/01-pgvector.sql:ro healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 5s timeout: 5s retries: 5 # ─── Next.js app ─────────────────────────────────────── app: build: context: . dockerfile: Dockerfile restart: unless-stopped ports: - "3001:3000" environment: DATABASE_URL: postgresql://postgres:${DB_PASSWORD:-postgres}@db:5432/hp_prod_tracker?schema=public # Ollama — points to internal GPU server for embeddings + chat fallback OLLAMA_HOST: ${OLLAMA_HOST:-http://10.24.42.219:11434} OLLAMA_CHAT_HOST: ${OLLAMA_CHAT_HOST:-http://10.24.42.219:11434} OLLAMA_CHAT_MODEL: ${OLLAMA_CHAT_MODEL:-gemma4:latest} OLLAMA_EMBED_MODEL: ${OLLAMA_EMBED_MODEL:-nomic-embed-text} NODE_ENV: production AUTH_SECRET: ${AUTH_SECRET} AUTH_TRUST_HOST: "true" # Azure SPA registration — PKCE in browser, no client secret AZURE_CLIENT_ID: ${AZURE_CLIENT_ID} AZURE_TENANT_ID: ${AZURE_TENANT_ID} AZURE_REDIRECT_URI: ${AZURE_REDIRECT_URI:-} CRON_SECRET: ${CRON_SECRET:-change-me} API_KEY: ${API_KEY:-} ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-} ANTHROPIC_MODEL: ${ANTHROPIC_MODEL:-} DEV_BYPASS_AUTH: ${DEV_BYPASS_AUTH:-false} DEV_USER_ID: ${DEV_USER_ID:-} volumes: - uploads_data:/data/uploads depends_on: db: condition: service_healthy healthcheck: test: ["CMD-SHELL", "wget -q --spider http://localhost:3000/api/health || exit 1"] interval: 15s timeout: 5s retries: 3 start_period: 30s volumes: pgdata: uploads_data: