diff --git a/deployment/docker/Dockerfile.ingest-options b/deployment/docker/Dockerfile.ingest-options index a7efdd2..0a231cd 100644 --- a/deployment/docker/Dockerfile.ingest-options +++ b/deployment/docker/Dockerfile.ingest-options @@ -3,13 +3,16 @@ FROM oven/bun:1.3.11 WORKDIR /app ENV NODE_ENV=production +ENV VIRTUAL_ENV=/opt/ingest-options-venv +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" COPY . . RUN apt-get update \ - && apt-get install -y --no-install-recommends python3 python3-pip \ + && apt-get install -y --no-install-recommends python3 python3-pip python3-venv \ && rm -rf /var/lib/apt/lists/* \ - && pip3 install --no-cache-dir -r services/ingest-options/py/requirements.txt \ + && python3 -m venv "${VIRTUAL_ENV}" \ + && "${VIRTUAL_ENV}/bin/pip" install --no-cache-dir -r services/ingest-options/py/requirements.txt \ && bun install --frozen-lockfile ENTRYPOINT ["bun"] diff --git a/deployment/docker/README.md b/deployment/docker/README.md index 33066bc..830f545 100644 --- a/deployment/docker/README.md +++ b/deployment/docker/README.md @@ -6,7 +6,7 @@ It is separate from the repo-root `docker-compose.yml`, which is still the light ## What this stack does -- Assumes Nginx Proxy Manager is the edge proxy and runs on the same Docker network. +- Assumes Nginx Proxy Manager is the edge proxy and runs on the shared Docker network named `bridge`. - Keeps `web` and `api` internal to the Docker network instead of publishing host ports. - Targets a two-subdomain routing model by default: - `app.` -> `web:3000` @@ -27,7 +27,8 @@ It is separate from the repo-root `docker-compose.yml`, which is still the light - A Linux VPS with Docker Engine and Docker Compose v2 installed - Enough RAM for ClickHouse plus the Bun services -- Nginx Proxy Manager running in Docker on the same host/network path you plan to use +- Nginx Proxy Manager running in Docker on the same host +- A shared Docker network named `bridge` Optional: @@ -66,17 +67,15 @@ docker compose logs -f api web compute candles ingest-options ingest-equities 5. Make sure NPM can reach the stack network. -The Compose project name is pinned to `islandflow-vps`, so the default network name will be: +This deployment attaches `web` and `api` to the external Docker network named `bridge`, in addition to the stack-local network. + +If your NPM container is not already attached to `bridge`, connect it once: ```bash -islandflow-vps_default +docker network connect bridge ``` -If your NPM container is separate, connect it once: - -```bash -docker network connect islandflow-vps_default -``` +If your NPM stack uses a different shared user-defined network, update the `bridge` network block in `deployment/docker/docker-compose.yml` to point at that external network name, then redeploy. The important part is that NPM, `web`, and `api` all share the same external Docker network. 6. Create these NPM proxy hosts: @@ -152,6 +151,11 @@ The web app should be built with `NEXT_PUBLIC_API_URL=https://api.` so b The API host needs websocket support enabled because the app uses `/ws/*` endpoints for live streams. +Because `web` and `api` are both attached to `bridge`, NPM can target them directly by container DNS name: + +- `web` +- `api` + ## Updating the deployment When you pull new code: @@ -203,7 +207,7 @@ Only use `-v` if you intentionally want to wipe ClickHouse, Redis, and JetStream ## Known caveats - The root `.env.example` still contains a `REPLAY_ENABLED` comment, but the current replay service does not read that variable. Use the Compose replay profile instead. -- This stack does not publish `web` or `api` to host ports. NPM must be able to resolve `web` and `api` over the shared Docker network. +- This stack does not publish `web` or `api` to host ports. NPM must be able to resolve `web` and `api` over the shared `bridge` network. - The stack assumes a single-node VPS deployment. If you later split infra or add external managed services, update the three core connection URLs in `.env`. ## Smoke checks diff --git a/deployment/docker/docker-compose.yml b/deployment/docker/docker-compose.yml index 7849c15..db08455 100644 --- a/deployment/docker/docker-compose.yml +++ b/deployment/docker/docker-compose.yml @@ -29,6 +29,9 @@ services: init: true expose: - "3000" + networks: + - default + - bridge depends_on: api: condition: service_healthy @@ -50,6 +53,9 @@ services: command: ["services/api/src/index.ts"] expose: - "4000" + networks: + - default + - bridge healthcheck: test: [ @@ -120,6 +126,11 @@ services: volumes: - nats-data:/data +networks: + bridge: + external: true + name: bridge + volumes: clickhouse-data: redis-data: