DiarASR/docker-compose.yaml at public-main · SunPCSolutions/DiarASR · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
services:
  diarasr:
    build: .
    ports:
      - "8003:8003"
    env_file:
      - .env
    volumes:
      - cache:/home/app/.cache/huggingface:rw  # Writable cache directory (named volume)
      - tmp:/app/tmp:rw  # Writable temp directory (named volume)
    networks:
      - docknet
    deploy:
      resources:
        limits:
          memory: 12G
          cpus: '4.0'
        reservations:
          devices:
            - driver: nvidia
              count: all
              capabilities: [gpu]
    healthcheck:
      test: ["CMD", "python3", "-c", "import requests; requests.get('http://localhost:8003/docs')"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
    restart: unless-stopped

  # Vulnerability scanner service
  trivy:
    image: aquasecurity/trivy:latest
    command: ["image", "--exit-code", "1", "--no-progress", "diarasr:latest"]
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    depends_on:
      - diarasr
    profiles:
      - security-scan  # Only run when explicitly requested

volumes:
  cache:  # Named volume for Hugging Face model cache
  tmp:    # Named volume for temporary files

networks:
  docknet:
    external: true  # External network for inter-container communication