# fleetanalytics-mcp — read-only Fleet Analytics MCP server. # Coolify auto-detects this Dockerfile: set the app port to 8892, attach the # domain (e.g. fleetmcp.rahamafresh.com) in the Coolify UI, set DATABASE_URL # (analytics_ro DSN) + MCP_AUTH_TOKENS as secrets, and connect the app to the # network that can reach timescale_db. See README.md / docs/ANALYTICS_MCP.md. FROM python:3.12-slim # uv for fast, reproducible dependency installs. COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/ WORKDIR /app # Install ONLY dependencies (flat module — the project itself is not a package). # Copy the lockfile and build --frozen so rebuilds are reproducible: without it, # `uv sync` re-resolves the >= ranges in pyproject.toml and a redeploy could pull a # newer, behaviour-changed mcp/starlette and break the running server. COPY pyproject.toml uv.lock ./ RUN uv sync --no-dev --no-install-project --frozen ENV PATH="/app/.venv/bin:$PATH" COPY analytics_mcp.py ./ # Run as a non-root user (least privilege; nothing here needs root). RUN useradd -m -u 10001 app && chown -R app:app /app USER app EXPOSE 8892 HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \ CMD python -c "import urllib.request,sys; sys.exit(0 if urllib.request.urlopen('http://localhost:8892/healthz').status==200 else 1)" || exit 1 CMD ["uvicorn", "analytics_mcp:app", "--host", "0.0.0.0", "--port", "8892", "--workers", "2"]