akira/windmill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
windmill/docker-compose.yml
Akira 2dbe8c8a74 Windmill MCP サーバーを SSE 化してサーバーデプロイに対応 
- windmill_mcp.py: MCP_TRANSPORT 環境変数で stdio/sse を切り替え可能に
- mcp/Dockerfile: Python 3.12-slim ベースのコンテナイメージを追加
- docker-compose.yml: windmill_mcp サービスを追加(Traefik 経由で windmill-mcp.keinafarm.net に公開)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-02 01:39:31 +09:00

203 lines
6.3 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
x-logging: &default-logging
driver: "json-file"
options:
max-size: "${LOG_MAX_SIZE:-20m}"
max-file: "${LOG_MAX_FILE:-10}"
compress: "true"
networks:
traefik-net:
external: true # サーバー上の既存Traefikネットワーク
windmill-internal:
driver: bridge
services:
db:
deploy:
replicas: 1
image: postgres:16
shm_size: 1g
restart: unless-stopped
volumes:
- db_data:/var/lib/postgresql/data
expose:
- 5432
environment:
POSTGRES_PASSWORD: ${DATABASE_PASSWORD}
POSTGRES_DB: windmill
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U postgres" ]
interval: 10s
timeout: 5s
retries: 5
logging: *default-logging
networks:
- windmill-internal
windmill_server:
image: ${WM_IMAGE}
container_name: windmill_server
pull_policy: if_not_present
deploy:
replicas: 1
restart: unless-stopped
expose:
- 8000
environment:
- DATABASE_URL=${DATABASE_URL}
- MODE=server
- BASE_URL=https://windmill.keinafarm.net
- OAUTH_REDIRECT_BASE_URL=https://windmill.keinafarm.net
- GOOGLE_OAUTH_ENABLED=true
- GOOGLE_OAUTH_CLIENT_ID=${GOOGLE_OAUTH_CLIENT_ID}
- GOOGLE_OAUTH_CLIENT_SECRET=${GOOGLE_OAUTH_CLIENT_SECRET}
depends_on:
db:
condition: service_healthy
volumes:
- worker_logs:/tmp/windmill/logs
# Git同期のために、カレントディレクトリリポジトリルートを/workspaceにマウント
# これにより、コンテナ内から .git ディレクトリにアクセス可能となり、git pushが可能になる
- .:/workspace
labels:
- "traefik.enable=true"
# HTTPSルーター
- "traefik.http.routers.windmill.rule=Host(`windmill.keinafarm.net`)"
- "traefik.http.routers.windmill.entrypoints=websecure"
- "traefik.http.routers.windmill.tls=true"
- "traefik.http.routers.windmill.tls.certresolver=letsencrypt"
- "traefik.http.services.windmill.loadbalancer.server.port=8000"
# HTTPからHTTPSへのリダイレクト
- "traefik.http.routers.windmill-http.rule=Host(`windmill.keinafarm.net`)"
- "traefik.http.routers.windmill-http.entrypoints=web"
- "traefik.http.routers.windmill-http.middlewares=windmill-https-redirect"
- "traefik.http.middlewares.windmill-https-redirect.redirectscheme.scheme=https"
networks:
- traefik-net
- windmill-internal
logging: *default-logging
windmill_worker:
image: ${WM_IMAGE}
pull_policy: if_not_present
deploy:
replicas: 3
resources:
limits:
cpus: "1"
memory: 2048M
restart: unless-stopped
environment:
- DATABASE_URL=${DATABASE_URL}
- MODE=worker
- WORKER_GROUP=default
depends_on:
db:
condition: service_healthy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- worker_dependency_cache:/tmp/windmill/cache
- worker_logs:/tmp/windmill/logs
# WorkerからもGit同期が必要な場合に備えてマウント
- .:/workspace
networks:
- windmill-internal
logging: *default-logging
windmill_worker_native:
image: ${WM_IMAGE}
pull_policy: if_not_present
deploy:
replicas: 1
resources:
limits:
cpus: "1"
memory: 2048M
restart: unless-stopped
environment:
- DATABASE_URL=${DATABASE_URL}
- MODE=worker
- WORKER_GROUP=native
- NUM_WORKERS=8
- SLEEP_QUEUE=200
depends_on:
db:
condition: service_healthy
volumes:
- worker_logs:/tmp/windmill/logs
networks:
- windmill-internal
logging: *default-logging
windmill_extra:
image: ghcr.io/windmill-labs/windmill-extra:${WM_VERSION}
pull_policy: if_not_present
restart: unless-stopped
expose:
- 3001
- 3002
- 3003
environment:
- ENABLE_LSP=true
- ENABLE_MULTIPLAYER=false
- ENABLE_DEBUGGER=true
- DEBUGGER_PORT=3003
- ENABLE_NSJAIL=false
- REQUIRE_SIGNED_DEBUG_REQUESTS=false
- WINDMILL_BASE_URL=http://windmill_server:8000
volumes:
- lsp_cache:/pyls/.cache
networks:
- windmill-internal
logging: *default-logging
labels:
# LSPなどのWebSocket用設定Caddyfileの代替
- "traefik.enable=true"
# LSPへのルーティング (/ws/* -> 3001)
- "traefik.http.routers.windmill-lsp.rule=Host(`windmill.keinafarm.net`) && PathPrefix(`/ws/`)"
- "traefik.http.routers.windmill-lsp.entrypoints=websecure"
- "traefik.http.routers.windmill-lsp.tls=true"
- "traefik.http.services.windmill-lsp.loadbalancer.server.port=3001"
# Debuggerへのルーティング (/ws_debug/* -> 3003)
- "traefik.http.routers.windmill-debug.rule=Host(`windmill.keinafarm.net`) && PathPrefix(`/ws_debug/`)"
- "traefik.http.routers.windmill-debug.entrypoints=websecure"
- "traefik.http.routers.windmill-debug.tls=true"
- "traefik.http.services.windmill-debug.loadbalancer.server.port=3003"
windmill_mcp:
build:
context: ./mcp
dockerfile: Dockerfile
container_name: windmill_mcp
restart: unless-stopped
expose:
- 8001
environment:
- WINDMILL_TOKEN=${WINDMILL_TOKEN}
- WINDMILL_URL=https://windmill.keinafarm.net
- WINDMILL_WORKSPACE=admins
- MCP_TRANSPORT=sse
- MCP_HOST=0.0.0.0
- MCP_PORT=8001
labels:
- "traefik.enable=true"
# HTTPS ルーター
- "traefik.http.routers.windmill-mcp.rule=Host(`windmill-mcp.keinafarm.net`)"
- "traefik.http.routers.windmill-mcp.entrypoints=websecure"
- "traefik.http.routers.windmill-mcp.tls=true"
- "traefik.http.routers.windmill-mcp.tls.certresolver=letsencrypt"
- "traefik.http.services.windmill-mcp.loadbalancer.server.port=8001"
# HTTP → HTTPS リダイレクト
- "traefik.http.routers.windmill-mcp-http.rule=Host(`windmill-mcp.keinafarm.net`)"
- "traefik.http.routers.windmill-mcp-http.entrypoints=web"
- "traefik.http.routers.windmill-mcp-http.middlewares=windmill-https-redirect"
networks:
- traefik-net
logging: *default-logging
volumes:
db_data: null
worker_dependency_cache: null
worker_logs: null
lsp_cache: null
Reference in New Issue View Git Blame Copy Permalink