Skip to content

fix: harden docker-compose credentials and add api memory limit#46

Merged
atkaridarshan04 merged 1 commit into
mainfrom
feat/dockerize
May 20, 2026
Merged

fix: harden docker-compose credentials and add api memory limit#46
atkaridarshan04 merged 1 commit into
mainfrom
feat/dockerize

Conversation

@atkaridarshan04
Copy link
Copy Markdown
Collaborator

@atkaridarshan04 atkaridarshan04 commented May 20, 2026

Summary

Hardens docker-compose.yml against two security gaps: hardcoded Postgres/Redis credentials and an unbounded api container memory limit. Updates .env.example and docs to match.

Changes

  • docker-compose.yml — Postgres credentials replaced with ${POSTGRES_USER:-inference}, ${POSTGRES_PASSWORD:?...} (required, fails fast if unset), ${POSTGRES_DB:-inference_engine}
  • docker-compose.yml — Redis starts with --requirepass "${REDIS_PASSWORD:-}" (empty = no auth); healthcheck updated accordingly
  • docker-compose.ymlapi service gains deploy.resources.limits.memory: ${API_MEMORY_LIMIT:-4g}; worker and api DATABASE_URL/REDIS_URL now use variable substitution instead of hardcoded literals
  • .env.example — documents POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB, REDIS_PASSWORD, API_MEMORY_LIMIT with "CHANGE IN PRODUCTION" warnings
  • docs/integrations/docker-compose.md — updated environment variables section; added dedicated sections for Postgres credentials, Redis password, and API memory limit; added two troubleshooting rows

Type

  • Bug fix
  • New feature
  • Refactor
  • Docs
  • Chore / dependency update

Testing

  • pytest passes
  • Coverage ≥ 70%
  • Tested manually — full stack started via docker compose up, all 4 phases of bash scripts/curl_test.sh passed

Related Issues

Closes #40

@atkaridarshan04 atkaridarshan04 added this to the v1 milestone May 20, 2026
@atkaridarshan04 atkaridarshan04 requested a review from AK11105 May 20, 2026 07:52
@atkaridarshan04 atkaridarshan04 self-assigned this May 20, 2026
@atkaridarshan04 atkaridarshan04 added bug Something isn't working documentation Improvements or additions to documentation and removed documentation Improvements or additions to documentation labels May 20, 2026
AK11105
AK11105 reviewed May 20, 2026
View reviewed changes
Comment thread .env.example
Copy link
Copy Markdown
Owner

@AK11105 AK11105 May 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better placeholder values can exist imo

@atkaridarshan04 atkaridarshan04 merged commit 0761b81 into main May 20, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AK11105 AK11105 AK11105 approved these changes

Assignees

@atkaridarshan04 atkaridarshan04

Labels

bug Something isn't working

Projects

None yet

Milestone

v1

Development

Successfully merging this pull request may close these issues.

infra: add memory limit to api service and parameterize DB/Redis credentials in docker-compose

2 participants

@atkaridarshan04 @AK11105