gortium/compose
1
1
Fork 0
Code Issues Pull Requests 18 Actions Packages Projects Releases Wiki Activity

refactor: fusionne Honcho + OpenConcho dans un seul container nginx/FastAPI
Some checks failed
Build Hermes agent / build (pull_request) Has been cancelled
Details
Build ollama (gfx906) / build (pull_request) Has been cancelled
Details

Browse Source 
- Honcho (FastAPI) et OpenConcho (React SPA) dans un seul Dockerfile multi-stage
- nginx proxy /v3/ /v2/ /health /openapi.json vers Honcho sur localhost:8000
- Supprime le service openconcho séparé et le dossier orphelin
- Routeur Traefik unique à honcho.lazyworkhorse.net (port 80 — nginx)
- Plus besoin d'exposer Honcho séparément (API accessible via nginx proxy)
This commit is contained in:
Hermes
2026-05-23 00:00:17 -04:00
parent fcebd4f1cd
commit 285351e82c
4 changed files with 103 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
ai/compose.yml
View File

@@ -161,13 +161,11 @@ services:
- "303" - "303"
- "26" - "26"
# --- Honcho: AI-native user modeling --- # --- Honcho + OpenConcho combiné: API + Web UI nginx/FastAPI ---
honcho: honcho-ui:
build: ./honcho build: ./honcho
container_name: honcho container_name: honcho-ui
restart: unless-stopped restart: unless-stopped
ports:
- "127.0.0.1:8001:8000"
environment: environment:
- DB_CONNECTION_URI=postgresql+psycopg://honcho:honcho_pass@honcho-db:5432/honcho - DB_CONNECTION_URI=postgresql+psycopg://honcho:honcho_pass@honcho-db:5432/honcho
- CACHE_URL=redis://honcho-redis:6379/0 - CACHE_URL=redis://honcho-redis:6379/0
@@ -181,47 +179,27 @@ services:
- ai_net - ai_net
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.honcho-http.rule=Host(`api.honcho.lazyworkhorse.net`)"
# Router for HTTP + redirect to HTTPS
- "traefik.http.routers.honcho-http.rule=Host(`honcho.lazyworkhorse.net`)"
- "traefik.http.routers.honcho-http.entrypoints=web" - "traefik.http.routers.honcho-http.entrypoints=web"
- "traefik.http.routers.honcho-http.middlewares=redirect-to-https" - "traefik.http.routers.honcho-http.middlewares=redirect-to-https"
- "traefik.http.routers.honcho-https.rule=Host(`api.honcho.lazyworkhorse.net`)"
# Router for HTTPS with TLS — protected by Authelia
- "traefik.http.routers.honcho-https.rule=Host(`honcho.lazyworkhorse.net`)"
- "traefik.http.routers.honcho-https.entrypoints=websecure" - "traefik.http.routers.honcho-https.entrypoints=websecure"
- "traefik.http.routers.honcho-https.tls=true" - "traefik.http.routers.honcho-https.tls=true"
- "traefik.http.routers.honcho-https.tls.certresolver=njalla" - "traefik.http.routers.honcho-https.tls.certresolver=njalla"
- "traefik.http.routers.honcho-https.middlewares=hermes-auth" - "traefik.http.routers.honcho-https.middlewares=hermes-auth"
- "traefik.http.services.honcho.loadbalancer.server.port=8000"
# Service Loadbalancer (nginx port)
- "traefik.http.services.honcho.loadbalancer.server.port=80"
depends_on: depends_on:
honcho-db: honcho-db:
condition: service_healthy condition: service_healthy
honcho-redis: honcho-redis:
condition: service_healthy condition: service_healthy
# --- OpenConcho: Honcho web UI ---
openconcho:
build: ./openconcho
container_name: openconcho
restart: unless-stopped
networks:
- ai_backend
- ai_net
labels:
- "traefik.enable=true"
# Router for HTTP + redirect to HTTPS
- "traefik.http.routers.openconcho-http.rule=Host(`honcho.lazyworkhorse.net`)"
- "traefik.http.routers.openconcho-http.entrypoints=web"
- "traefik.http.routers.openconcho-http.middlewares=redirect-to-https"
# Router for HTTPS with TLS — protected by Authelia
- "traefik.http.routers.openconcho-https.rule=Host(`honcho.lazyworkhorse.net`)"
- "traefik.http.routers.openconcho-https.entrypoints=websecure"
- "traefik.http.routers.openconcho-https.tls=true"
- "traefik.http.routers.openconcho-https.tls.certresolver=njalla"
- "traefik.http.routers.openconcho-https.middlewares=hermes-auth"
# Service Loadbalancer
- "traefik.http.services.openconcho.loadbalancer.server.port=80"
honcho-db: honcho-db:
image: pgvector/pgvector:pg15 image: pgvector/pgvector:pg15
container_name: honcho-db container_name: honcho-db

50
ai/honcho/Dockerfile
View File

@@ -1,6 +1,5 @@
# build stage — fetches and builds Honcho from source # build stage — fetches and builds Honcho from source
# Using buildkit cache mounts for speed across rebuilds FROM python:3.13-slim-bookworm AS honcho-builder
FROM python:3.13-slim-bookworm AS builder
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y --no-install-recommends git && \ apt-get install -y --no-install-recommends git && \
@@ -8,7 +7,6 @@ RUN apt-get update && \
COPY --from=ghcr.io/astral-sh/uv:0.9.24 /uv /bin/uv COPY --from=ghcr.io/astral-sh/uv:0.9.24 /uv /bin/uv
# Clone Honcho at a pinned commit for reproducibility
ARG HONCHO_REPO=https://github.com/plastic-labs/honcho ARG HONCHO_REPO=https://github.com/plastic-labs/honcho
ARG HONCHO_REF=main ARG HONCHO_REF=main
RUN git clone --depth 1 --branch ${HONCHO_REF} ${HONCHO_REPO} /app RUN git clone --depth 1 --branch ${HONCHO_REF} ${HONCHO_REPO} /app
@@ -21,21 +19,51 @@ ENV UV_PYTHON=/usr/local/bin/python3.13
RUN uv sync --frozen RUN uv sync --frozen
# --- runtime stage --- # build stage — builds OpenConcho SPA
FROM node:22-bookworm AS openconcho-builder
ENV PNPM_HOME=/pnpm
ENV PATH=$PNPM_HOME:$PATH
RUN corepack enable && corepack prepare pnpm@latest --activate
WORKDIR /app
RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/*
ARG OPENCONCHO_SHA=e490d911fcb27ee193558fd9a28856cde2057665
RUN git clone --depth 1 https://github.com/offendingcommit/openconcho.git /app && \
git -C /app fetch --depth 1 origin ${OPENCONCHO_SHA} && \
git -C /app checkout ${OPENCONCHO_SHA}
RUN pnpm install --frozen-lockfile
RUN pnpm --filter @openconcho/web build
# runtime stage — nginx + Honcho FastAPI
FROM python:3.13-slim-bookworm FROM python:3.13-slim-bookworm
RUN groupadd --system app && \ RUN apt-get update && apt-get install -y --no-install-recommends nginx && \
useradd --system --gid app --create-home app rm -rf /var/log/nginx/* && \
rm -rf /var/lib/apt/lists/*
COPY --from=builder /app /app
# Honcho
COPY --from=honcho-builder /app /app
WORKDIR /app WORKDIR /app
ENV PATH="/app/.venv/bin:$PATH" ENV PATH="/app/.venv/bin:$PATH"
ENV HOME=/app ENV HOME=/app
COPY config.toml /app/config.toml
COPY --chown=app:app config.toml /app/config.toml # OpenConcho SPA
COPY --from=openconcho-builder /app/packages/web/dist /usr/share/nginx/html
# nginx config (proxies /v3/, /v2/ to Honcho on localhost:8000)
COPY honcho-nginx.conf /etc/nginx/conf.d/default.conf
RUN rm -f /etc/nginx/sites-enabled/default
RUN groupadd --system app && \
useradd --system --gid app --create-home app && \
chown -R app:app /app /usr/share/nginx/html
USER app USER app
EXPOSE 8000
CMD ["fastapi", "run", "--host", "0.0.0.0", "src/main.py"] EXPOSE 80
CMD ["sh", "-c", "nginx && exec fastapi run --host 127.0.0.1 --port 8000 src/main.py"]

52
ai/honcho/honcho-nginx.conf Normal file
View File

@@ -0,0 +1,52 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
index index.html;
# Honcho API proxy
location /v3/ {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /v2/ {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Honcho health
location /health {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# OpenAPI docs
location /openapi.json {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# SPA: fallback to index.html for client-side routing
location / {
try_files $uri $uri/ /index.html;
}
}

23
ai/openconcho/Dockerfile
View File

@@ -1,23 +0,0 @@
# build stage
FROM node:22-bookworm AS builder
ENV PNPM_HOME=/pnpm
ENV PATH=$PNPM_HOME:$PATH
RUN corepack enable && corepack prepare pnpm@latest --activate
WORKDIR /app
RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/*
ARG OPENCONCHO_SHA=e490d911fcb27ee193558fd9a28856cde2057665
RUN git clone --depth 1 https://github.com/offendingcommit/openconcho.git /app && \
git -C /app fetch --depth 1 origin ${OPENCONCHO_SHA} && \
git -C /app checkout ${OPENCONCHO_SHA}
RUN pnpm install --frozen-lockfile
RUN pnpm --filter @openconcho/web build
# runtime stage
FROM nginx:alpine
COPY --from=builder /app/packages/web/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]