Oliver/social-reporting-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
social-reporting-tool/docker-compose.yml
DJP dfc2a38861 Security hardening: fix 17 audit findings (C2-C7, H1-H4, H6-H8, M1-M5, M7) 
Critical: restrict CORS, move Apify token to Auth header, add path traversal
validation, prompt injection delimiters, require production credentials.
High: security headers, cookie hardening, rate limiting, XSS fixes, error sanitization.
Medium: SSRF prevention, body size limit, Docker non-root, DB creds from env.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-08 10:59:48 -04:00

41 lines
1.2 KiB
YAML
Raw Blame History

services:
db:
image: postgres:16-alpine
ports:
- "${DB_PORT:-5436}:5432"
environment:
POSTGRES_DB: social_listening
POSTGRES_USER: sl_user
POSTGRES_PASSWORD: ${DB_PASSWORD:-sl_pass}
volumes:
- pgdata:/var/lib/postgresql/data
- ./db/init.sql:/docker-entrypoint-initdb.d/init.sql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U sl_user -d social_listening"]
interval: 3s
timeout: 3s
retries: 10
social-listening:
build: .
ports:
- "127.0.0.1:${DASHBOARD_PORT:-3456}:3456"
env_file:
- .env
depends_on:
db:
condition: service_healthy
volumes:
- ./agents/social-listening/outputs:/app/agents/social-listening/outputs
- ./agents/social-listening/briefs:/app/agents/social-listening/briefs
environment:
- APIFY_LIVE_APPROVED=${APIFY_LIVE_APPROVED:-false}
- TEST_MODE=${TEST_MODE:-false}
- DASHBOARD_PORT=3456
- DATABASE_URL=postgresql://sl_user:${DB_PASSWORD:-sl_pass}@db:5432/social_listening
- DASH_USER=${DASH_USER:-admin}
- DASH_PASS=${DASH_PASS:-changeme}
- ALLOWED_ORIGIN=${ALLOWED_ORIGIN:-}
volumes:
pgdata:
Reference in a new issue View git blame Copy permalink