provisioning/schemas/platform/templates/docker-compose/platform-stack.enterprise.yml.ncl

# Docker Compose Platform Stack - Enterprise Mode
# High availability, monitoring, load balancing, production-ready
# Multiple replicas, external databases, comprehensive observability

{
  version = "3.8",

  services = {
    postgres = {
      image = "postgres:15-alpine",
      container_name = "postgres-primary",
      environment = {
        POSTGRES_DB = "provisioning",
        POSTGRES_USER = "provisioning",
        POSTGRES_PASSWORD = "provisioning_prod",
        POSTGRES_INITDB_ARGS = "-c max_connections=200 -c shared_buffers=256MB",
      },
      volumes = [
        "postgres_primary:/var/lib/postgresql/data",
      ],
      networks = ["provisioning"],
      restart = "always",
      healthcheck = {
        test = ["CMD-SHELL", "pg_isready -U provisioning"],
        interval = "10s",
        timeout = "5s",
        retries = 5,
      },
    },

    surrealdb-1 = {
      image = "surrealdb/surrealdb:latest",
      container_name = "surrealdb-1",
      command = "start --log=warn --bind 0.0.0.0:8000",
      ports = [
        "8001:8000",
      ],
      volumes = [
        "surrealdb_1:/var/lib/surrealdb",
      ],
      networks = ["provisioning"],
      restart = "always",
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:8000/health"],
        interval = "10s",
        timeout = "5s",
        retries = 5,
      },
    },

    surrealdb-2 = {
      image = "surrealdb/surrealdb:latest",
      container_name = "surrealdb-2",
      command = "start --log=warn --bind 0.0.0.0:8000",
      ports = [
        "8002:8000",
      ],
      volumes = [
        "surrealdb_2:/var/lib/surrealdb",
      ],
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["surrealdb-1"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:8000/health"],
        interval = "10s",
        timeout = "5s",
        retries = 5,
      },
    },

    orchestrator-1 = {
      image = "provisioning-orchestrator:latest",
      container_name = "orchestrator-1",
      ports = [
        "9091:9090",
      ],
      environment = {
        ORCHESTRATOR_MODE = "enterprise",
        ORCHESTRATOR_SERVER_HOST = "0.0.0.0",
        ORCHESTRATOR_SERVER_PORT = "9090",
        ORCHESTRATOR_STORAGE_BACKEND = "surrealdb_server",
        ORCHESTRATOR_SURREALDB_URL = "surrealdb://surrealdb-1:8000",
        ORCHESTRATOR_QUEUE_MAX_CONCURRENT_TASKS = "50",
        ORCHESTRATOR_BATCH_PARALLEL_LIMIT = "20",
        ORCHESTRATOR_LOG_LEVEL = "info",
      },
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["surrealdb-1"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:9090/health"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
        start_period = "40s",
      },
    },

    orchestrator-2 = {
      image = "provisioning-orchestrator:latest",
      container_name = "orchestrator-2",
      ports = [
        "9092:9090",
      ],
      environment = {
        ORCHESTRATOR_MODE = "enterprise",
        ORCHESTRATOR_SERVER_HOST = "0.0.0.0",
        ORCHESTRATOR_SERVER_PORT = "9090",
        ORCHESTRATOR_STORAGE_BACKEND = "surrealdb_server",
        ORCHESTRATOR_SURREALDB_URL = "surrealdb://surrealdb-2:8000",
        ORCHESTRATOR_QUEUE_MAX_CONCURRENT_TASKS = "50",
        ORCHESTRATOR_BATCH_PARALLEL_LIMIT = "20",
        ORCHESTRATOR_LOG_LEVEL = "info",
      },
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["surrealdb-2"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:9090/health"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
        start_period = "40s",
      },
    },

    orchestrator-3 = {
      image = "provisioning-orchestrator:latest",
      container_name = "orchestrator-3",
      ports = [
        "9093:9090",
      ],
      environment = {
        ORCHESTRATOR_MODE = "enterprise",
        ORCHESTRATOR_SERVER_HOST = "0.0.0.0",
        ORCHESTRATOR_SERVER_PORT = "9090",
        ORCHESTRATOR_STORAGE_BACKEND = "surrealdb_server",
        ORCHESTRATOR_SURREALDB_URL = "surrealdb://surrealdb-1:8000",
        ORCHESTRATOR_QUEUE_MAX_CONCURRENT_TASKS = "50",
        ORCHESTRATOR_BATCH_PARALLEL_LIMIT = "20",
        ORCHESTRATOR_LOG_LEVEL = "info",
      },
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["surrealdb-1"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:9090/health"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
        start_period = "40s",
      },
    },

    control-center = {
      image = "provisioning-control-center:latest",
      container_name = "control-center",
      ports = [
        "8080:8080",
      ],
      environment = {
        CONTROL_CENTER_MODE = "enterprise",
        CONTROL_CENTER_SERVER_HOST = "0.0.0.0",
        CONTROL_CENTER_SERVER_PORT = "8080",
        CONTROL_CENTER_DATABASE = "postgres",
        CONTROL_CENTER_DATABASE_URL = "postgresql://provisioning:provisioning_prod@postgres/provisioning",
        CONTROL_CENTER_ORCHESTRATOR_URL = "http://orchestrator-1:9090",
        CONTROL_CENTER_LOG_LEVEL = "info",
        CONTROL_CENTER_MFA_REQUIRED = "true",
      },
      networks = ["provisioning"],
      restart = "always",
      depends_on = {
        postgres = {
          condition = "service_healthy",
        },
        orchestrator-1 = {
          condition = "service_healthy",
        },
      },
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:8080/health"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
        start_period = "40s",
      },
    },

    mcp-server = {
      image = "provisioning-mcp-server:latest",
      container_name = "mcp-server",
      ports = [
        "8888:8888",
      ],
      environment = {
        MCP_SERVER_MODE = "enterprise",
        MCP_SERVER_HOST = "0.0.0.0",
        MCP_SERVER_PORT = "8888",
        MCP_SERVER_LOG_LEVEL = "info",
        MCP_SERVER_ORCHESTRATOR_URL = "http://orchestrator-1:9090",
      },
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["orchestrator-1", "control-center"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:8888/health"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
        start_period = "40s",
      },
    },

    nginx = {
      image = "nginx:alpine",
      container_name = "nginx-lb",
      ports = [
        "80:80",
        "443:443",
      ],
      volumes = [
        "./nginx.conf:/etc/nginx/nginx.conf:ro",
        "nginx_cache:/var/cache/nginx",
      ],
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["orchestrator-1", "control-center"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:80"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
      },
    },

    prometheus = {
      image = "prom/prometheus:latest",
      container_name = "prometheus",
      ports = [
        "9000:9090",
      ],
      volumes = [
        "./prometheus.yml:/etc/prometheus/prometheus.yml:ro",
        "prometheus_data:/prometheus",
      ],
      command = [
        "--config.file=/etc/prometheus/prometheus.yml",
        "--storage.tsdb.path=/prometheus",
      ],
      networks = ["provisioning"],
      restart = "always",
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:9090"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
      },
    },

    grafana = {
      image = "grafana/grafana:latest",
      container_name = "grafana",
      ports = [
        "3000:3000",
      ],
      environment = {
        GF_SECURITY_ADMIN_PASSWORD = "provisioning_admin",
        GF_INSTALL_PLUGINS = "grafana-piechart-panel",
      },
      volumes = [
        "grafana_data:/var/lib/grafana",
      ],
      networks = ["provisioning"],
      restart = "always",
      depends_on = ["prometheus"],
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:3000"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
      },
    },

    loki = {
      image = "grafana/loki:latest",
      container_name = "loki",
      ports = [
        "3100:3100",
      ],
      volumes = [
        "./loki-config.yml:/etc/loki/local-config.yaml:ro",
        "loki_data:/loki",
      ],
      command = [
        "-config.file=/etc/loki/local-config.yaml",
      ],
      networks = ["provisioning"],
      restart = "always",
      healthcheck = {
        test = ["CMD", "curl", "-f", "http://localhost:3100/ready"],
        interval = "30s",
        timeout = "10s",
        retries = 3,
      },
    },
  },

  volumes = {
    postgres_primary = null,
    surrealdb_1 = null,
    surrealdb_2 = null,
    nginx_cache = null,
    prometheus_data = null,
    grafana_data = null,
    loki_data = null,
  },

  networks = {
    provisioning = {
      driver = "bridge",
    },
  },
}