e54242178f
Lean python:3.12-slim platform image (cockpit + CLI + workers, 214 MB — no GPU, no model). docker-compose.yml runs cockpit + mock-cert on a persistent psyc-data volume. DATA_DIR is now overridable via PSYC_DATA_DIR so the container's data path is explicit. docs/deploy.md covers Proxmox hosting, first-run ingestion, and the honest caveats — no built-in auth (deploy behind the perimeter), the GPU model server is separate, egress-proxy config. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
38 lines
1.0 KiB
YAML
38 lines
1.0 KiB
YAML
# psyc — company-network deployment (cockpit + mock destination receiver).
|
|
#
|
|
# docker compose up -d --build
|
|
#
|
|
# WARNING: psyc has no built-in authentication. The cockpit exposes cases, the
|
|
# ledger, and sealed-package metadata to anyone who can reach port 8767. Deploy
|
|
# behind the company reverse proxy / SSO / VPN, or firewall the ports to the
|
|
# SOC subnet. See docs/deploy.md.
|
|
|
|
services:
|
|
cockpit:
|
|
build: .
|
|
image: psyc:latest
|
|
command: ["psyc", "serve", "--host", "0.0.0.0", "--port", "8767"]
|
|
ports:
|
|
- "8767:8767"
|
|
volumes:
|
|
- psyc-data:/data
|
|
restart: unless-stopped
|
|
# Behind a company egress proxy, uncomment and set:
|
|
# environment:
|
|
# HTTPS_PROXY: http://proxy.corp:3128
|
|
# HTTP_PROXY: http://proxy.corp:3128
|
|
|
|
mock-cert:
|
|
image: psyc:latest
|
|
command: ["psyc", "mock-cert", "--host", "0.0.0.0", "--port", "8770"]
|
|
ports:
|
|
- "8770:8770"
|
|
volumes:
|
|
- psyc-data:/data
|
|
depends_on:
|
|
- cockpit
|
|
restart: unless-stopped
|
|
|
|
volumes:
|
|
psyc-data:
|