tiny-forge/docker-compose.yml

services:
  docker-watcher:
    build: .
    image: docker-watcher:latest
    container_name: docker-watcher
    restart: unless-stopped
    ports:
      - "8080:8080"
    volumes:
      # Mount Docker socket for container management.
      - /var/run/docker.sock:/var/run/docker.sock
      # Persistent data (SQLite database).
      - docker-watcher-data:/app/data
      # Optional seed config (read on first launch only).
      - ./docker-watcher.yaml:/app/docker-watcher.yaml:ro
    environment:
      # Required: protects all credentials stored in the database.
      - ENCRYPTION_KEY=${ENCRYPTION_KEY:?Set ENCRYPTION_KEY in .env}
      # Required on first launch: password for the default admin user.
      - ADMIN_PASSWORD=${ADMIN_PASSWORD:?Set ADMIN_PASSWORD in .env}
      # Optional: override seed file location.
      - SEED_FILE=/app/docker-watcher.yaml
      # Optional: override data directory.
      - DATA_DIR=/app/data
      # Optional: override listen address.
      - LISTEN_ADDR=:8080
      # Optional: override NPM URL (otherwise uses value from settings).
      # - NPM_URL=http://npm:81
      # Optional: override polling interval.
      # - POLLING_INTERVAL=5m
    networks:
      - staging-net
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8080/api/auth/login"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 10s

volumes:
  docker-watcher-data:
    driver: local

# NOTE: The staging-net network must exist before starting.
# Create it with: docker network create staging-net
networks:
  staging-net:
    external: true