ThreatHunt/docker-compose.yml

services:
  backend:
    build:
      context: .
      dockerfile: Dockerfile.backend
    container_name: threathunt-backend
    ports:
      - "8000:8000"
    environment:
      # â”€â”€ LLM Cluster (Wile / Roadrunner via Tailscale) â”€â”€
      TH_WILE_HOST: "100.110.190.12"
      TH_ROADRUNNER_HOST: "100.110.190.11"
      TH_OLLAMA_PORT: "11434"
      TH_OPEN_WEBUI_URL: "https://ai.guapo613.beer"

      # â”€â”€ Database â”€â”€
      TH_DATABASE_URL: "sqlite+aiosqlite:///./threathunt.db"

      # â”€â”€ Auth â”€â”€
      TH_JWT_SECRET: "change-me-in-production"

      # â”€â”€ Enrichment API keys (set your own) â”€â”€
      # TH_VIRUSTOTAL_API_KEY: ""
      # TH_ABUSEIPDB_API_KEY: ""
      # TH_SHODAN_API_KEY: ""

      # â”€â”€ Agent behaviour â”€â”€
      TH_AGENT_MAX_TOKENS: "4096"
      TH_AGENT_TEMPERATURE: "0.3"
    volumes:
      - ./backend:/app
      - backend-data:/app/data
    networks:
      - threathunt
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/api/agent/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s

  frontend:
    build:
      context: .
      dockerfile: Dockerfile.frontend
    container_name: threathunt-frontend
    ports:
      - "3000:3000"
    depends_on:
      - backend
    networks:
      - threathunt
    healthcheck:
      test: ["CMD", "curl", "-f", "http://127.0.0.1:3000/"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s

networks:
  threathunt:
    driver: bridge

volumes:
  backend-data:
    driver: local