Spaces:
Running
Running
| version: "0.5" | |
| log_level: info | |
| # Logs to stdout when log_location not set (required for Docker visibility) | |
| environment: | |
| - HOME=/home/user | |
| - PATH=/home/user/.local/bin:/usr/local/bin:/usr/bin:/bin | |
| processes: | |
| tailscale: | |
| command: >- | |
| sh -c ' | |
| if [ -n "$TS_AUTHKEY" ]; then | |
| echo "[vpn] Starting mesh network (userspace)..." | |
| tailscaled --tun=userspace-networking --state=/tmp/tailscaled --socket=/tmp/tailscaled.sock --socks5-server=localhost:1055 & | |
| sleep 3 | |
| tailscale --socket=/tmp/tailscaled.sock up --authkey="$TS_AUTHKEY" --hostname=neural-runner | |
| echo "[vpn] Up: $(tailscale --socket=/tmp/tailscaled.sock ip -4 2>/dev/null)" | |
| tail -f /dev/null | |
| else | |
| echo "[vpn] No TS_AUTHKEY β skipping" | |
| tail -f /dev/null | |
| fi' | |
| availability: | |
| restart: on_failure | |
| backoff_seconds: 10 | |
| max_restarts: 3 | |
| nextjs: | |
| command: sh -c 'node /home/user/app/frontend/server.js 2>&1 | sed -u "s/^/[nextjs] [${GIT_COMMIT:-unknown}] /"' | |
| working_dir: /home/user/app/frontend | |
| availability: | |
| restart: always | |
| backoff_seconds: 2 | |
| max_restarts: 0 # unlimited | |
| environment: | |
| - PORT=7860 | |
| - HOSTNAME=0.0.0.0 | |
| - MCP_GARMIN_URL=http://localhost:8080/mcp | |
| - MCP_COROS_URL=http://localhost:8081/mcp | |
| - MCP_AGENT_URL=http://localhost:8082/mcp | |
| - NODE_ENV=production | |
| readiness_probe: | |
| http_get: | |
| host: localhost | |
| port: 7860 | |
| path: /api/healthz | |
| initial_delay_seconds: 2 | |
| period_seconds: 30 | |
| timeout_seconds: 5 | |
| success_threshold: 1 | |
| failure_threshold: 3 | |
| garmin-mcp: | |
| command: sh -c 'python3 -m garmin_mcp --http --port 8080 2>&1 | sed -u "s/^/[garmin-mcp] [${GIT_COMMIT:-unknown}] /"' | |
| working_dir: /home/user/app | |
| environment: | |
| - TS_SOCKS_PROXY=socks5h://localhost:1055 | |
| depends_on: | |
| tailscale: | |
| condition: process_started | |
| availability: | |
| restart: on_failure | |
| backoff_seconds: 5 | |
| max_restarts: 3 | |
| coros-mcp: | |
| command: sh -c 'python3 -m coros_mcp --http --port 8081 2>&1 | sed -u "s/^/[coros-mcp] [${GIT_COMMIT:-unknown}] /"' | |
| working_dir: /home/user/app | |
| availability: | |
| restart: on_failure | |
| backoff_seconds: 5 | |
| max_restarts: 3 | |
| # No environment variables needed - fully stateless (memory-only) | |
| agent-tools: | |
| # bwrap sandbox: agent-tools can only write to /tmp/neural-runner/sessions/ (per-session dirs). | |
| # Tokens, app source, and secrets are invisible. Python/libs/fonts are read-only. | |
| command: >- | |
| sh -c 'mkdir -p /tmp/neural-runner/sessions && bwrap | |
| --ro-bind /usr /usr | |
| --ro-bind /lib /lib | |
| --ro-bind /bin /bin | |
| --ro-bind /sbin /sbin | |
| --symlink /usr/lib64 /lib64 | |
| --ro-bind /usr/local /usr/local | |
| --ro-bind /etc/resolv.conf /etc/resolv.conf | |
| --ro-bind /etc/ssl /etc/ssl | |
| --ro-bind /etc/nsswitch.conf /etc/nsswitch.conf | |
| --proc /proc | |
| --dev /dev | |
| --tmpfs /tmp | |
| --bind /tmp/neural-runner/sessions /tmp/neural-runner/sessions | |
| -- | |
| python3 -m agent_tools --http --port 8082 2>&1 | sed -u "s/^/[agent-tools] [${GIT_COMMIT:-unknown}] /"' | |
| working_dir: /home/user/app | |
| availability: | |
| restart: on_failure | |
| backoff_seconds: 5 | |
| max_restarts: 3 | |
| hf-storage-sync: | |
| command: sh -c 'python3 /home/user/app/hf-storage-sync.py 2>&1 | sed -u "s/^/[hf-storage-sync] /"' | |
| working_dir: /home/user/app | |
| environment: | |
| - SYNC_ROOT=/tmp/neural-runner | |
| - SYNC_DIRS=tokens,subagents | |
| availability: | |
| restart: on_failure | |
| backoff_seconds: 10 | |
| max_restarts: 3 | |