| services: | |
| windsurf-api: | |
| # Pull the prebuilt image by default (released via .github/workflows/release.yml). | |
| # `build:` is kept for local dev: `docker compose up --build` rebuilds from source, | |
| # and Compose will fall back to building when the image isn't available locally | |
| # AND can't be pulled (e.g. before the first stable tag exists, or on a fork). | |
| image: ghcr.io/dwgx/windsurf-api:latest | |
| build: | |
| context: . | |
| dockerfile: Dockerfile | |
| # Remove container_name to allow Compose to scale replicas | |
| restart: unless-stopped | |
| init: true | |
| env_file: | |
| - .env | |
| environment: | |
| PORT: 3003 | |
| DATA_DIR: /data | |
| LS_BINARY_PATH: /opt/windsurf/language_server_linux_x64 | |
| # REPLICA_ISOLATE=1 puts telemetry under per-container subdirs. | |
| # Default off β accounts.json now always lives at the shared | |
| # /data/accounts.json regardless of this flag (see src/config.js | |
| # sharedDataDir). Set to 1 only if you scale replicas>1 and accept | |
| # that runtime-config / model-access / cache / cascade pool stay | |
| # replica-local until externalized. See issue #67 / #69. | |
| REPLICA_ISOLATE: 0 | |
| # Do not expose ports directly when load balancing | |
| expose: | |
| - "3003" | |
| volumes: | |
| - ./.docker-data/data:/data | |
| - ./.docker-data/opt/windsurf:/opt/windsurf | |
| - ./.docker-data/tmp/windsurf-workspace:/tmp/windsurf-workspace | |
| # Optional: mount the docker socket to enable in-dashboard one-click | |
| # updates for docker deployments. With this mount the dashboard's | |
| # "Check for update" button can pull the latest image AND trigger | |
| # `docker compose up -d` to recreate the container β no manual | |
| # SSH/exec needed. SECURITY: a process with access to docker.sock | |
| # is effectively root on the host (it can spawn privileged | |
| # containers, mount any path, etc.). Only enable on machines where | |
| # the dashboard is locked down (DASHBOARD_PASSWORD set, not exposed | |
| # publicly without a strong API_KEY). Leave commented for the | |
| # default secure-by-default deployment. | |
| # - /var/run/docker.sock:/var/run/docker.sock | |
| # Default to a single replica. Each replica keeps its own in-memory | |
| # response cache, cascade reuse pool, runtime-config, and model-access | |
| # list β those are NOT yet shared. Multi-replica is opt-in: | |
| # `docker compose up -d --scale windsurf-api=3` after you've set up | |
| # external coordination for those state files. See issue #69. | |
| deploy: | |
| replicas: 1 | |
| nginx: | |
| image: nginx:alpine | |
| container_name: windsurf-lb | |
| restart: unless-stopped | |
| ports: | |
| - "${PORT:-3003}:80" | |
| volumes: | |
| - ./nginx.conf:/etc/nginx/nginx.conf:ro | |
| depends_on: | |
| - windsurf-api | |