ros/automaker
1
0
Fork 0
mirror of https://github.com/AutoMaker-Org/automaker.git synced 2026-01-29 22:02:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
abc55cf5e9e7cd685aa8018ae128d74313ee1eeb
automaker/docker-compose.yml
Illia Filippov abc55cf5e9 feat: add Docker containerization for isolated execution & docs 
Provide Docker Compose configuration allowing users to run Automaker
in complete isolation from their host filesystem, addressing security
concerns about AI agents having direct system access.
2025-12-20 01:49:06 +01:00

70 lines
2.0 KiB
YAML
Raw Blame History

# Automaker Docker Compose
# Runs Automaker in complete isolation from your host filesystem.
# The container cannot access any files on your laptop - only Docker-managed volumes.
#
# Usage:
# docker-compose up -d
# Then open http://localhost:3007
#
# See docs/docker-isolation.md for full documentation.
services:
# Frontend UI
ui:
build:
context: .
dockerfile: apps/ui/Dockerfile
container_name: automaker-ui
restart: unless-stopped
ports:
- "3007:80"
depends_on:
- server
# Backend API Server
server:
build:
context: .
dockerfile: apps/server/Dockerfile
container_name: automaker-server
restart: unless-stopped
ports:
- "3008:3008"
environment:
# Required
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
# Optional - authentication (leave empty to disable)
- AUTOMAKER_API_KEY=${AUTOMAKER_API_KEY:-}
# Optional - restrict to specific directories within container only
# These paths are INSIDE the container, not on your host
- ALLOWED_PROJECT_DIRS=${ALLOWED_PROJECT_DIRS:-/projects}
# Optional - data directory for sessions, etc. (container-only)
- DATA_DIR=/data
# Optional - CORS origin (default allows all)
- CORS_ORIGIN=${CORS_ORIGIN:-*}
# Optional - additional API keys
- OPENAI_API_KEY=${OPENAI_API_KEY:-}
- GOOGLE_API_KEY=${GOOGLE_API_KEY:-}
volumes:
# ONLY named volumes - these are isolated from your host filesystem
# This volume persists data between restarts but is container-managed
- automaker-data:/data
# NO host directory mounts - container cannot access your laptop files
# If you need to work on a project, create it INSIDE the container
# or use a separate docker-compose override file
# Security: Run as non-root user (already set in Dockerfile)
# Security: No privileged mode
# Security: No host network access
# Security: No host filesystem mounts
volumes:
automaker-data:
# Named volume - completely isolated from host filesystem
Reference in New Issue View Git Blame Copy Permalink