Add HF Space deployment (Dockerfile, nginx, startup script) and auto-detect WebSocket URL

.dockerignore

@@ -0,0 +1,21 @@
+__pycache__
+*.pyc
+.git
+.gitignore
+node_modules
+.next
+*.md
+!src/frontend/package.json
+!space/README.md
+src/backend/validation/
+src/backend/tracks/
+src/backend/test_*.py
+src/backend/analyze_*.py
+src/backend/check_*.py
+notebooks/
+demo/
+competition/
+models/
+docs/
+*.jsonl
+src/backend/validation/results/

Dockerfile

@@ -0,0 +1,71 @@
+# ── Stage 1: Build the Next.js frontend ──────────────────────────
+FROM node:20-slim AS frontend-build
+
+WORKDIR /app/frontend
+COPY src/frontend/package.json src/frontend/package-lock.json* ./
+RUN npm install --frozen-lockfile 2>/dev/null || npm install
+
+COPY src/frontend/ ./
+
+# Build-time env: WebSocket and API go through the same origin via nginx
+ENV NEXT_PUBLIC_WS_URL=""
+ENV NEXT_PUBLIC_API_URL=""
+
+RUN npm run build
+
+
+# ── Stage 2: Production image ────────────────────────────────────
+FROM python:3.10-slim
+
+# System deps: nginx + node (for Next.js SSR)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        nginx \
+        curl \
+        && curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+        && apt-get install -y --no-install-recommends nodejs \
+        && rm -rf /var/lib/apt/lists/*
+
+# ── Python backend ───────────────────────────────────────────────
+WORKDIR /app/backend
+COPY src/backend/requirements.txt ./
+
+# Install Python deps (skip torch/transformers — we use API mode only)
+RUN pip install --no-cache-dir \
+        fastapi==0.115.0 \
+        "uvicorn[standard]==0.30.6" \
+        websockets==12.0 \
+        pydantic-settings==2.5.2 \
+        python-dotenv==1.0.1 \
+        openai==1.51.0 \
+        httpx==0.27.2 \
+        chromadb==0.5.7 \
+        sentence-transformers==3.1.1 \
+        python-multipart==0.0.10
+
+# Copy backend source
+COPY src/backend/app/ ./app/
+COPY src/backend/data/ ./data/
+
+# ── Frontend built artifacts ─────────────────────────────────────
+WORKDIR /app/frontend
+COPY --from=frontend-build /app/frontend/.next ./.next
+COPY --from=frontend-build /app/frontend/node_modules ./node_modules
+COPY --from=frontend-build /app/frontend/package.json ./
+COPY --from=frontend-build /app/frontend/public ./public 2>/dev/null || true
+COPY src/frontend/next.config.js ./
+
+# ── Nginx config ─────────────────────────────────────────────────
+COPY space/nginx.conf /etc/nginx/nginx.conf
+
+# ── Startup script ───────────────────────────────────────────────
+COPY space/start.sh /app/start.sh
+RUN chmod +x /app/start.sh
+
+# HF Spaces expects port 7860
+EXPOSE 7860
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
+    CMD curl -f http://localhost:7860/api/health || exit 1
+
+CMD ["/app/start.sh"]

space/README.md

@@ -0,0 +1,35 @@
+---
+title: CDS Agent
+emoji: 🏥
+colorFrom: blue
+colorTo: green
+sdk: docker
+app_port: 7860
+fullWidth: true
+custom_domains:
+  - demo.briansheppard.com
+---
+
+# CDS Agent — Agentic Clinical Decision Support
+
+An agentic pipeline that orchestrates **MedGemma** (HAI-DEF) across six specialized clinical reasoning steps, augmented with drug safety APIs and guideline RAG, to produce comprehensive decision support reports in real time.
+
+## Architecture
+
+```
+Frontend (Next.js 14) ←WebSocket→ Backend (FastAPI)
+                                      │
+                            Orchestrator (6-step pipeline)
+                            ├── Step 1: Parse Patient Data (MedGemma)
+                            ├── Step 2: Clinical Reasoning (MedGemma)
+                            ├── Step 3: Drug Interaction Check (OpenFDA + RxNorm)
+                            ├── Step 4: Guideline Retrieval (ChromaDB RAG)
+                            ├── Step 5: Conflict Detection (MedGemma)
+                            └── Step 6: Synthesis (MedGemma)
+```
+
+## Links
+
+- **Code:** [github.com/bshepp/clinical-decision-support-agent](https://github.com/bshepp/clinical-decision-support-agent)
+- **Model:** [google/medgemma-27b-text-it](https://huggingface.co/google/medgemma-27b-text-it)
+- **Competition:** [MedGemma Impact Challenge](https://www.kaggle.com/competitions/med-gemma-impact-challenge)

space/nginx.conf

@@ -0,0 +1,80 @@
+worker_processes auto;
+pid /tmp/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    # Temp paths writable without root
+    client_body_temp_path /tmp/client_body;
+    proxy_temp_path       /tmp/proxy;
+    fastcgi_temp_path     /tmp/fastcgi;
+    uwsgi_temp_path       /tmp/uwsgi;
+    scgi_temp_path        /tmp/scgi;
+
+    sendfile    on;
+    tcp_nopush  on;
+    keepalive_timeout 65;
+
+    # Increase timeouts for long-running pipeline (~5 min max)
+    proxy_connect_timeout 300s;
+    proxy_send_timeout    300s;
+    proxy_read_timeout    300s;
+
+    # Larger buffers for clinical reports
+    proxy_buffer_size     128k;
+    proxy_buffers         4 256k;
+    proxy_busy_buffers_size 256k;
+
+    map $http_upgrade $connection_upgrade {
+        default upgrade;
+        ''      close;
+    }
+
+    server {
+        listen 7860;
+        server_name _;
+
+        # ── WebSocket: /ws/* → FastAPI backend ──────────────────
+        location /ws/ {
+            proxy_pass http://127.0.0.1:8002;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection $connection_upgrade;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_read_timeout 600s;
+            proxy_send_timeout 600s;
+        }
+
+        # ── REST API: /api/* → FastAPI backend ──────────────────
+        location /api/ {
+            proxy_pass http://127.0.0.1:8002;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        # ── Everything else → Next.js frontend ─────────────────
+        location / {
+            proxy_pass http://127.0.0.1:3000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        # ── Next.js static assets ──────────────────────────────
+        location /_next/ {
+            proxy_pass http://127.0.0.1:3000;
+            proxy_set_header Host $host;
+        }
+    }
+}

space/start.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+set -e
+
+echo "=== CDS Agent — Starting services ==="
+
+# ── 1. Start FastAPI backend ────────────────────────────────────
+echo "[1/3] Starting FastAPI backend on :8002 ..."
+cd /app/backend
+uvicorn app.main:app \
+    --host 0.0.0.0 \
+    --port 8002 \
+    --workers 1 \
+    --timeout-keep-alive 300 \
+    &
+
+# ── 2. Start Next.js frontend ──────────────────────────────────
+echo "[2/3] Starting Next.js frontend on :3000 ..."
+cd /app/frontend
+PORT=3000 node_modules/.bin/next start -p 3000 &
+
+# ── 3. Start nginx reverse proxy ───────────────────────────────
+echo "[3/3] Starting nginx on :7860 ..."
+sleep 3  # Give backend/frontend a moment to bind
+nginx -g 'daemon off;'

src/backend/app/config.py

@@ -14,7 +14,12 @@ class Settings(BaseSettings):
     debug: bool = True
 
     # CORS
-    cors_origins: List[str] = ["http://localhost:3000", "http://localhost:5173"]
+    cors_origins: List[str] = [
+        "http://localhost:3000",
+        "http://localhost:5173",
+        "https://demo.briansheppard.com",
+        "https://bshepp-cds-agent.hf.space",
+    ]
 
     # MedGemma
     medgemma_model_id: str = "google/medgemma"

src/frontend/src/hooks/useAgentWebSocket.ts

@@ -26,7 +26,20 @@ interface UseAgentWebSocketReturn {
   submitCase: (submission: CaseSubmission) => void;
 }
 
-const WS_URL = process.env.NEXT_PUBLIC_WS_URL || "ws://localhost:8002/ws/agent";
+function getWsUrl(): string {
+  // If explicitly set via env, use it
+  const envUrl = process.env.NEXT_PUBLIC_WS_URL;
+  if (envUrl) return envUrl;
+
+  // In browser: derive from current location (works for any deployment)
+  if (typeof window !== "undefined") {
+    const proto = window.location.protocol === "https:" ? "wss:" : "ws:";
+    return `${proto}//${window.location.host}/ws/agent`;
+  }
+
+  // SSR fallback
+  return "ws://localhost:8002/ws/agent";
+}
 
 export function useAgentWebSocket(): UseAgentWebSocketReturn {
   const [steps, setSteps] = useState<Step[]>([]);
@@ -47,7 +60,7 @@ export function useAgentWebSocket(): UseAgentWebSocketReturn {
       wsRef.current.close();
     }
 
-    const ws = new WebSocket(WS_URL);
+    const ws = new WebSocket(getWsUrl());
     wsRef.current = ws;
 
     ws.onopen = () => {