services: timescale_db: image: timescale/timescaledb-ha:pg16-ts2.15 restart: always environment: - POSTGRES_DB=${POSTGRES_DB} - POSTGRES_USER=${POSTGRES_USER} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # HA image's PGDATA is /home/postgres/pgdata/data, not /var/lib/postgresql/data. # Mount the named volume there so data survives container rebuilds. - PGDATA=/home/postgres/pgdata/data ports: - "5433:5432" volumes: - timescale-data:/home/postgres/pgdata healthcheck: test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"] interval: 10s timeout: 5s retries: 5 ingest_movement: build: context: . dockerfile: Dockerfile command: sh -c "python run_migrations.py && python ingest_movement_rev.py" restart: always depends_on: timescale_db: condition: service_healthy env_file: .env ingest_events: build: context: . dockerfile: Dockerfile command: sh -c "python run_migrations.py && python ingest_events_rev.py" restart: always depends_on: timescale_db: condition: service_healthy env_file: .env webhook_receiver: build: context: . dockerfile: Dockerfile command: sh -c "python run_migrations.py && uvicorn webhook_receiver_rev:app --host 0.0.0.0 --port 8888 --workers 2" restart: always depends_on: timescale_db: condition: service_healthy env_file: .env # No host port binding — Coolify's Traefik proxy routes traffic internally. # Set the webhook domain in Coolify UI pointing to this service on port 8888. healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8888/health"] interval: 30s timeout: 5s retries: 3 dashboard_api: # Stable read-API for the Live Position + Fleet Trips map dashboards. # Replaces the n8n webhooks (n8n was only a thin HTTP->SQL proxy). # Calls reporting.fn_live_positions / fn_vehicle_track / fn_trips_for_map. build: context: . dockerfile: Dockerfile command: sh -c "uvicorn dashboard_api_rev:app --host 0.0.0.0 --port 8890 --workers 2" restart: always depends_on: timescale_db: condition: service_healthy env_file: .env environment: # Browser origins allowed to call this API (the dashboard domains). - DASHBOARD_CORS_ORIGINS=${DASHBOARD_CORS_ORIGINS:-https://liveposition.rahamafresh.com,https://fleetintelligence.rahamafresh.com} # No host port binding — set a domain (e.g. fleetapi.rahamafresh.com) in the # Coolify UI pointing to this service on port 8890. The dashboards then point # their N8N_BASE at that domain; paths (/webhook/...) are unchanged. healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8890/health"] interval: 30s timeout: 5s retries: 3 grafana: build: context: ./grafana dockerfile: Dockerfile restart: always depends_on: timescale_db: condition: service_healthy env_file: .env environment: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} - GF_USERS_DEFAULT_THEME=dark - GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH=/etc/grafana/provisioning/dashboards-json/noc_fleet_dashboard.json volumes: - grafana-data:/var/lib/grafana # Provisioning is baked into the image via grafana/Dockerfile — no bind mount needed. # COOLIFY DOMAIN LOGIC: # You will set the actual URL in the Coolify UI, # but the service needs to expose port 3000 internally. pgbouncer: # Connection pooler in front of timescale_db. # Runbook: docs/reference/260507_pgbouncer_deployment.md # Internal Docker network only — no host port. SCRAM passthrough via # auth_query against the public.user_lookup() function (migration 10). image: edoburu/pgbouncer restart: always depends_on: timescale_db: condition: service_healthy env_file: .env environment: - DB_HOST=timescale_db - DB_PORT=5432 - DB_USER=${POSTGRES_USER} - DB_PASSWORD=${POSTGRES_PASSWORD} - DB_NAME=${POSTGRES_DB} - POOL_MODE=transaction - AUTH_TYPE=scram-sha-256 - AUTH_USER=pgbouncer # $$1 escapes docker-compose interpolation; pgbouncer sees literal $1. - AUTH_QUERY=SELECT uname, phash FROM public.user_lookup($$1) - MAX_CLIENT_CONN=200 - DEFAULT_POOL_SIZE=15 - MIN_POOL_SIZE=2 - RESERVE_POOL_SIZE=5 - SERVER_RESET_QUERY=DISCARD ALL - SERVER_IDLE_TIMEOUT=600 - ADMIN_USERS=${POSTGRES_USER} - LISTEN_PORT=6432 healthcheck: test: ["CMD-SHELL", "pg_isready -h 127.0.0.1 -p 6432 -U ${POSTGRES_USER}"] interval: 30s timeout: 5s retries: 3 db_backup: build: context: ./backup dockerfile: Dockerfile restart: always depends_on: timescale_db: condition: service_healthy env_file: .env environment: # pg_dump → rustfs. Credentials from .env (RUSTFS_*). # BACKUP_TIMES: comma-separated HH:MM list in local TZ (default Africa/Nairobi). - TZ=${TZ:-Africa/Nairobi} - BACKUP_TIMES=${BACKUP_TIMES:-02:30,08:30,14:30,20:30} - BACKUP_KEEP_DAYS=${BACKUP_KEEP_DAYS:-30} - BACKUP_RUN_ON_START=${BACKUP_RUN_ON_START:-0} - RUSTFS_ENDPOINT=${RUSTFS_ENDPOINT} - RUSTFS_ACCESS_KEY=${RUSTFS_ACCESS_KEY} - RUSTFS_SECRET_KEY=${RUSTFS_SECRET_KEY} - RUSTFS_BUCKET=${RUSTFS_BUCKET:-fleet-db} volumes: timescale-data: name: timescale-data grafana-data: name: grafana-data