Add ThreatHunt agent backend/frontend scaffolding

2026-03-01 05:50:21 -05:00 · 2025-12-29 10:22:57 -05:00
parent dc2dcd02c1
commit d0c9f88268
35 changed files with 21929 additions and 42 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,76 @@
+version: "3.8"
+
+services:
+  backend:
+    build:
+      context: .
+      dockerfile: Dockerfile.backend
+    container_name: threathunt-backend
+    ports:
+      - "8000:8000"
+    environment:
+      # Agent provider configuration
+      # Set one of these to enable the agent:
+      # THREAT_HUNT_AGENT_PROVIDER=local
+      # THREAT_HUNT_LOCAL_MODEL_PATH=/models/model.gguf
+      #
+      # THREAT_HUNT_AGENT_PROVIDER=networked
+      # THREAT_HUNT_NETWORKED_ENDPOINT=http://inference-service:5000
+      # THREAT_HUNT_NETWORKED_KEY=your-api-key
+      #
+      # THREAT_HUNT_AGENT_PROVIDER=online
+      # THREAT_HUNT_ONLINE_API_KEY=sk-your-openai-key
+      # THREAT_HUNT_ONLINE_MODEL=gpt-3.5-turbo
+      
+      # Auto-detect available provider (tries local -> networked -> online)
+      THREAT_HUNT_AGENT_PROVIDER: auto
+      
+      # Optional agent settings
+      THREAT_HUNT_AGENT_MAX_TOKENS: "1024"
+      THREAT_HUNT_AGENT_REASONING: "true"
+      THREAT_HUNT_AGENT_HISTORY_LENGTH: "10"
+      THREAT_HUNT_AGENT_FILTER_SENSITIVE: "true"
+    volumes:
+      # Optional: Mount local models for local provider
+      # - ./models:/models:ro
+      - ./backend:/app
+    depends_on:
+      - frontend
+    networks:
+      - threathunt
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8000/api/agent/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+
+  frontend:
+    build:
+      context: .
+      dockerfile: Dockerfile.frontend
+    container_name: threathunt-frontend
+    ports:
+      - "3000:3000"
+    environment:
+      # API endpoint configuration
+      REACT_APP_API_URL: http://localhost:8000
+    networks:
+      - threathunt
+    healthcheck:
+      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+
+networks:
+  threathunt:
+    driver: bridge
+
+volumes:
+  # Optional: Persistent storage for models or data
+  # models:
+  #   driver: local
+  # data:
+  #   driver: local