nucleo000/nucleoDocs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
514a7ef6a78136d05a81d67c5c18a7dacb7b168a
nucleoDocs/docker-compose.yml
josedario87 a84c7b9114
Some checks failed
build-and-deploy / build (push) Successful in 8s
Details
build-and-deploy / deploy (push) Failing after 2s
Details
Implementar MCP Docker Server personalizado 
- Creado servidor MCP en TypeScript con @modelcontextprotocol/sdk
- Implementadas 13 herramientas Docker seguras usando dockerode:
  * docker_ps: Listar contenedores
  * docker_logs: Ver logs de contenedores
  * docker_inspect: Inspeccionar contenedor
  * docker_stats: Estadísticas de recursos
  * docker_top: Procesos del contenedor
  * docker_start/stop/restart: Gestión de contenedores
  * docker_exec: Ejecutar comandos
  * docker_images/networks/volumes: Listar recursos
  * docker_info: Información del sistema
- Configurado servidor HTTP con Express en puerto 3000
- Agregado endpoint /mcp para protocolo MCP
- Agregado health check en /health
- Actualizado docker-compose.yml para usar imagen personalizada
- Configurado GitHub Actions para build y deploy automático
- Socket Docker montado en modo solo lectura para seguridad
2025-10-13 19:12:34 -06:00

86 lines
3.7 KiB
YAML
Raw Blame History

version: '3.8'
services:
app:
image: ${REG}/${REPO_OWNER}/${APP_NAME}:latest
container_name: ${APP_NAME}
restart: unless-stopped
environment:
# Node Environment
- NODE_ENV=production
- NUXT_HOST=0.0.0.0
- NUXT_PORT=3000
# Public URL
- NUXT_PUBLIC_APP_URL=${NUXT_PUBLIC_APP_URL}
networks:
- principal
- traefik-network
labels:
# Traefik labels
- "traefik.enable=true"
- "traefik.docker.network=traefik-network"
# Service (shared by both routers)
- "traefik.http.services.${APP_NAME}.loadbalancer.server.port=3000"
# Router 1: Public PWA resources (no auth) - Higher priority
- "traefik.http.routers.${APP_NAME}-public.rule=Host(`${APP_DOMAIN}`) && (PathPrefix(`/manifest.webmanifest`) || PathPrefix(`/sw.js`) || PathPrefix(`/workbox-`) || PathPrefix(`/icon-`) || PathPrefix(`/apple-touch-icon`) || PathPrefix(`/favicon.ico`) || PathPrefix(`/robots.txt`) || PathPrefix(`/offline.html`) || PathPrefix(`/api/_nuxt_icon/`))"
- "traefik.http.routers.${APP_NAME}-public.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}-public.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}-public.priority=100"
- "traefik.http.routers.${APP_NAME}-public.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}-public.middlewares=${APP_NAME}-headers,${APP_NAME}-cors"
# Router 2: Protected application (with auth) - Normal priority
- "traefik.http.routers.${APP_NAME}.rule=Host(`${APP_DOMAIN}`)"
- "traefik.http.routers.${APP_NAME}.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}.priority=10"
- "traefik.http.routers.${APP_NAME}.service=${APP_NAME}"
- "traefik.http.routers.${APP_NAME}.middlewares=authentik-forward-auth@file,${APP_NAME}-headers"
# Custom headers middleware
- "traefik.http.middlewares.${APP_NAME}-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
# CORS middleware for public resources
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolallowmethods=GET,OPTIONS"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolalloworiginlist=https://${APP_DOMAIN}"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.${APP_NAME}-cors.headers.addvaryheader=true"
mcp-docker:
image: ${REG}/${REPO_OWNER}/mcp-docker-server:latest
container_name: ${APP_NAME}-mcp-docker
restart: unless-stopped
environment:
- PORT=3000
volumes:
# Montar el socket de Docker para acceso al daemon
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- principal
- traefik-network
labels:
# Traefik labels - Exposición sin autenticación
- "traefik.enable=true"
- "traefik.docker.network=traefik-network"
# Service
- "traefik.http.services.${APP_NAME}-mcp.loadbalancer.server.port=3000"
# Router sin autenticación con PathPrefix para /mcp
- "traefik.http.routers.${APP_NAME}-mcp.rule=Host(`${MCP_DOMAIN}`) && PathPrefix(`/mcp`)"
- "traefik.http.routers.${APP_NAME}-mcp.entrypoints=websecure"
- "traefik.http.routers.${APP_NAME}-mcp.tls.certresolver=letsencrypt"
- "traefik.http.routers.${APP_NAME}-mcp.service=${APP_NAME}-mcp"
# Headers personalizados para MCP
- "traefik.http.middlewares.${APP_NAME}-mcp-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.${APP_NAME}-mcp.middlewares=${APP_NAME}-mcp-headers"
networks:
principal:
external: true
traefik-network:
external: true
Reference in New Issue View Git Blame Copy Permalink