docker-compose.yml

services:
  open-webui:
    image: ghcr.io/open-webui/open-webui:main
    container_name: open-webui
    ports:
      - "4000:8080"
    volumes:
      - open-webui:/app/backend/data
    extra_hosts:
      - host.docker.internal:host-gateway
    restart: always
    depends_on:
      - postgres
      - tools
    networks:
      - internal

  tools:
    container_name: openwebui_tools
    build:
      context: ./tools
      dockerfile: Dockerfile
    env_file: .env
    restart: on-failure

    networks:
    - internal

  postgres:
    image: postgres:latest
    container_name: openwebui_postgres
    restart: always
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=mypassword
      - POSTGRES_DB=openwebui_db
    volumes:
      - pgdata:/var/lib/postgresql/data 
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - internal

  # 8080
  searxng:
    image: searxng/searxng:latest
    container_name: searxng
    volumes:
      - ./searxng.yml:/etc/searxng/settings.yml:ro,Z
      - searxng_data:/etc/searxng:rw
    restart: always

    # DELETEME: for local testing only (extern port closed)
    ports:
      - "4001:8080"
    networks:
      - internal

  coderunner:
    build:
      context: ./coderunner
      dockerfile: Dockerfile
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-fsS", "http://127.0.0.1:8787/openapi.json"]
      interval: 30s
      timeout: 3s
      retries: 3
      start_period: 10s

    user: "1000:1000"
    group_add:
      - "977"

    # death
    environment:
      DOCKER_HOST: "unix:///var/run/docker.sock"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:Z
      # - ./tmp:/tmp

    read_only: true
    tmpfs:
      - /run:rw,nosuid,nodev
      - /tmp:rw,exec,nosuid,nodev,size=64m

    security_opt:
      - no-new-privileges:true
      - label=disable
    networks:
      - internal

  browser:
    build:
      context: ./browser
      dockerfile: Dockerfile
    container_name: browser
    networks:
      - internal
    # playwright/chromium has larger /dev/shm :D
    shm_size: "1gb"
    user: "1000:1000"
    environment:
      WEBUI_IP: "0.0.0.0"
      WEBUI_PORT: "7788"
    ports:
      - "7788:7788"
    tmpfs:
      - /opt/web-ui/tmp:rw,exec,nosuid,nodev,mode=1777,size=64m
    volumes:
      - webui_data:/data
      # - webui_env:/opt/web-ui/.env
    healthcheck:
      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:7788').read()"]
      interval: 30s
      timeout: 5s
      retries: 5
    restart: unless-stopped

volumes:
  open-webui:
  pgdata:
  searxng_data:
  webui_data:

networks:
  internal:
    driver: bridge
initial commit (no RAG server) 2025-09-10 16:26:35 -04:00			`services:`
			`open-webui:`
			`image: ghcr.io/open-webui/open-webui:main`
			`container_name: open-webui`
			`ports:`
			`- "4000:8080"`
			`volumes:`
			`- open-webui:/app/backend/data`
			`extra_hosts:`
			`- host.docker.internal:host-gateway`
			`restart: always`
			`depends_on:`
			`- postgres`
added shitty roku integration 2025-09-11 17:28:09 -04:00			`- tools`
initial commit (no RAG server) 2025-09-10 16:26:35 -04:00			`networks:`
			`- internal`

added shitty roku integration 2025-09-11 17:28:09 -04:00			`tools:`
			`container_name: openwebui_tools`
			`build:`
			`context: ./tools`
			`dockerfile: Dockerfile`
			`env_file: .env`
added catch for no roku ip 2025-09-12 10:01:18 -04:00			`restart: on-failure`
added shitty roku integration 2025-09-11 17:28:09 -04:00
			`networks:`
			`- internal`

initial commit (no RAG server) 2025-09-10 16:26:35 -04:00			`postgres:`
			`image: postgres:latest`
			`container_name: openwebui_postgres`
			`restart: always`
			`environment:`
			`- POSTGRES_USER=postgres`
			`- POSTGRES_PASSWORD=mypassword`
			`- POSTGRES_DB=openwebui_db`
			`volumes:`
			`- pgdata:/var/lib/postgresql/data`
			`healthcheck:`
			`test: ["CMD-SHELL", "pg_isready -U postgres"]`
			`interval: 10s`
			`timeout: 5s`
			`retries: 5`
			`networks:`
			`- internal`

			`# 8080`
			`searxng:`
			`image: searxng/searxng:latest`
			`container_name: searxng`
			`volumes:`
			`- ./searxng.yml:/etc/searxng/settings.yml:ro,Z`
			`- searxng_data:/etc/searxng:rw`
			`restart: always`

			`# DELETEME: for local testing only (extern port closed)`
			`ports:`
			`- "4001:8080"`
			`networks:`
			`- internal`

			`coderunner:`
			`build:`
			`context: ./coderunner`
			`dockerfile: Dockerfile`
			`restart: unless-stopped`
			`healthcheck:`
			`test: ["CMD", "curl", "-fsS", "http://127.0.0.1:8787/openapi.json"]`
			`interval: 30s`
			`timeout: 3s`
			`retries: 3`
			`start_period: 10s`

			`user: "1000:1000"`
			`group_add:`
			`- "977"`

			`# death`
			`environment:`
			`DOCKER_HOST: "unix:///var/run/docker.sock"`
			`volumes:`
			`- /var/run/docker.sock:/var/run/docker.sock:Z`
			`# - ./tmp:/tmp`

			`read_only: true`
			`tmpfs:`
			`- /run:rw,nosuid,nodev`
			`- /tmp:rw,exec,nosuid,nodev,size=64m`

			`security_opt:`
			`- no-new-privileges:true`
			`- label=disable`
			`networks:`
			`- internal`

			`browser:`
			`build:`
			`context: ./browser`
			`dockerfile: Dockerfile`
			`container_name: browser`
			`networks:`
			`- internal`
			`# playwright/chromium has larger /dev/shm :D`
			`shm_size: "1gb"`
			`user: "1000:1000"`
			`environment:`
			`WEBUI_IP: "0.0.0.0"`
			`WEBUI_PORT: "7788"`
			`ports:`
			`- "7788:7788"`
			`tmpfs:`
			`- /opt/web-ui/tmp:rw,exec,nosuid,nodev,mode=1777,size=64m`
			`volumes:`
			`- webui_data:/data`
			`# - webui_env:/opt/web-ui/.env`
			`healthcheck:`
			`test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:7788').read()"]`
			`interval: 30s`
			`timeout: 5s`
			`retries: 5`
			`restart: unless-stopped`

			`volumes:`
			`open-webui:`
			`pgdata:`
			`searxng_data:`
			`webui_data:`

			`networks:`
			`internal:`
			`driver: bridge`