Rockachopa/Timmy-time-dashboard
1
0
Fork 2
Code Issues 7 Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove dead taskosaur/postgres/redis services, fix root user (#32)
All checks were successful
Tests / lint (pull_request) Successful in 5s
Details
Tests / test (pull_request) Successful in 53s
Details

Browse Source 
- Remove taskosaur, postgres, redis services (zero Python references)
- Remove postgres-data, redis-data volumes
- Remove taskosaur env vars from dashboard and .env.example
- Change user: "0:0" to user: "" (override per-environment)
- Update header comments to reflect actual services
- celery-worker/openfang remain behind profiles
- Net: -93 lines of dead config
This commit is contained in:
Kimi Agent
2026-03-14 18:52:44 -04:00
parent b01c1cb582
commit e6bde2f907
3 changed files with 7 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.env.example
View File

@@ -93,8 +93,3 @@
# - No source bind mounts — code is baked into the image # - No source bind mounts — code is baked into the image
# - Set TIMMY_ENV=production to enforce security checks # - Set TIMMY_ENV=production to enforce security checks
# - All secrets below MUST be set before production deployment # - All secrets below MUST be set before production deployment
#
# Taskosaur secrets (change from dev defaults):
# TASKOSAUR_JWT_SECRET=<generate with: python3 -c "import secrets; print(secrets.token_hex(32))">
# TASKOSAUR_JWT_REFRESH_SECRET=<generate with: python3 -c "import secrets; print(secrets.token_hex(32))">
# TASKOSAUR_ENCRYPTION_KEY=<generate with: python3 -c "import secrets; print(secrets.token_hex(32))">

1
docker-compose.prod.yml
View File

@@ -14,7 +14,6 @@
# #
# Security note: Set all secrets in .env before deploying. # Security note: Set all secrets in .env before deploying.
# Required: L402_HMAC_SECRET, L402_MACAROON_SECRET # Required: L402_HMAC_SECRET, L402_MACAROON_SECRET
# Recommended: TASKOSAUR_JWT_SECRET, TASKOSAUR_ENCRYPTION_KEY
services: services:

101
docker-compose.yml
View File

@@ -2,20 +2,17 @@
# #
# Services # Services
# dashboard FastAPI app (always on) # dashboard FastAPI app (always on)
# taskosaur Taskosaur PM + AI task execution # celery-worker (behind 'celery' profile)
# postgres PostgreSQL 16 (for Taskosaur) # openfang (behind 'openfang' profile)
# redis Redis 7 (for Taskosaur queues)
# #
# Usage # Usage
# make docker-build build the image # make docker-build build the image
# make docker-up start dashboard + taskosaur # make docker-up start dashboard
# make docker-down stop everything # make docker-down stop everything
# make docker-logs tail logs # make docker-logs tail logs
# #
# ── Security note: root user in dev ───────────────────────────────────────── # ── Security note ─────────────────────────────────────────────────────────
# This dev compose runs containers as root (user: "0:0") so that # Override user per-environment — see docker-compose.dev.yml / docker-compose.prod.yml
# bind-mounted host files (./src, ./static) are readable regardless of
# host UID/GID — the #1 cause of 403 errors on macOS.
# #
# ── Ollama host access ────────────────────────────────────────────────────── # ── Ollama host access ──────────────────────────────────────────────────────
# By default OLLAMA_URL points to http://host.docker.internal:11434 which # By default OLLAMA_URL points to http://host.docker.internal:11434 which
@@ -31,7 +28,7 @@ services:
build: . build: .
image: timmy-time:latest image: timmy-time:latest
container_name: timmy-dashboard container_name: timmy-dashboard
user: "0:0" # dev only — see security note above user: "" # see security note above
ports: ports:
- "8000:8000" - "8000:8000"
volumes: volumes:
@@ -45,15 +42,8 @@ services:
GROK_ENABLED: "${GROK_ENABLED:-false}" GROK_ENABLED: "${GROK_ENABLED:-false}"
XAI_API_KEY: "${XAI_API_KEY:-}" XAI_API_KEY: "${XAI_API_KEY:-}"
GROK_DEFAULT_MODEL: "${GROK_DEFAULT_MODEL:-grok-3-fast}" GROK_DEFAULT_MODEL: "${GROK_DEFAULT_MODEL:-grok-3-fast}"
# Celery/Redis — background task queue
REDIS_URL: "redis://redis:6379/0"
# Taskosaur API — dashboard can reach it on the internal network
TASKOSAUR_API_URL: "http://taskosaur:3000/api"
extra_hosts: extra_hosts:
- "host.docker.internal:host-gateway" # Linux: maps to host IP - "host.docker.internal:host-gateway" # Linux: maps to host IP
depends_on:
taskosaur:
condition: service_healthy
networks: networks:
- timmy-net - timmy-net
restart: unless-stopped restart: unless-stopped
@@ -64,93 +54,20 @@ services:
retries: 3 retries: 3
start_period: 30s start_period: 30s
# ── Taskosaur — project management + conversational AI tasks ───────────
# https://github.com/Taskosaur/Taskosaur
taskosaur:
image: ghcr.io/taskosaur/taskosaur:latest
container_name: taskosaur
ports:
- "3000:3000" # Backend API + Swagger docs at /api/docs
- "3001:3001" # Frontend UI
environment:
DATABASE_URL: "postgresql://taskosaur:taskosaur@postgres:5432/taskosaur"
REDIS_HOST: "redis"
REDIS_PORT: "6379"
JWT_SECRET: "${TASKOSAUR_JWT_SECRET:-dev-jwt-secret-change-in-prod}"
JWT_REFRESH_SECRET: "${TASKOSAUR_JWT_REFRESH_SECRET:-dev-refresh-secret-change-in-prod}"
ENCRYPTION_KEY: "${TASKOSAUR_ENCRYPTION_KEY:-dev-encryption-key-change-in-prod}"
FRONTEND_URL: "http://localhost:3001"
NEXT_PUBLIC_API_BASE_URL: "http://localhost:3000/api"
NODE_ENV: "development"
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- timmy-net
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
interval: 30s
timeout: 5s
retries: 5
start_period: 60s
# ── PostgreSQL — Taskosaur database ────────────────────────────────────
postgres:
image: postgres:16-alpine
container_name: taskosaur-postgres
environment:
POSTGRES_USER: taskosaur
POSTGRES_PASSWORD: taskosaur
POSTGRES_DB: taskosaur
volumes:
- postgres-data:/var/lib/postgresql/data
networks:
- timmy-net
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U taskosaur"]
interval: 10s
timeout: 5s
retries: 5
start_period: 10s
# ── Redis — Taskosaur queue backend ────────────────────────────────────
redis:
image: redis:7-alpine
container_name: taskosaur-redis
volumes:
- redis-data:/data
networks:
- timmy-net
restart: unless-stopped
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
start_period: 5s
# ── Celery Worker — background task processing ────────────────────────── # ── Celery Worker — background task processing ──────────────────────────
celery-worker: celery-worker:
build: . build: .
image: timmy-time:latest image: timmy-time:latest
container_name: timmy-celery-worker container_name: timmy-celery-worker
user: "0:0" user: ""
command: ["celery", "-A", "infrastructure.celery.app", "worker", "--loglevel=info", "--concurrency=2"] command: ["celery", "-A", "infrastructure.celery.app", "worker", "--loglevel=info", "--concurrency=2"]
volumes: volumes:
- timmy-data:/app/data - timmy-data:/app/data
- ./src:/app/src - ./src:/app/src
environment: environment:
REDIS_URL: "redis://redis:6379/0"
OLLAMA_URL: "${OLLAMA_URL:-http://host.docker.internal:11434}" OLLAMA_URL: "${OLLAMA_URL:-http://host.docker.internal:11434}"
extra_hosts: extra_hosts:
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
depends_on:
redis:
condition: service_healthy
networks: networks:
- timmy-net - timmy-net
restart: unless-stopped restart: unless-stopped
@@ -193,10 +110,6 @@ volumes:
device: "${PWD}/data" device: "${PWD}/data"
openfang-data: openfang-data:
driver: local driver: local
postgres-data:
driver: local
redis-data:
driver: local
# ── Internal network ──────────────────────────────────────────────────────── # ── Internal network ────────────────────────────────────────────────────────
networks: networks: