3130533888
Mounts ./secrets to /secrets:ro so LINGMA_SESSION_BUNDLE_FILE can point at a host-managed file without the bundle ever being baked into the image or committed to git. secrets/ is git-ignored except for .gitkeep so the directory exists on fresh clones. Made-with: Cursor
20 lines
557 B
YAML
20 lines
557 B
YAML
|
|
services:
|
|
lingma-openai-gateway:
|
|
build:
|
|
context: .
|
|
# Use Tencent PyPI mirror during build to avoid timeout.
|
|
args:
|
|
PIP_INDEX_URL: https://mirrors.cloud.tencent.com/pypi/simple
|
|
PIP_TRUSTED_HOST: mirrors.cloud.tencent.com
|
|
container_name: lingma-openai-gateway
|
|
env_file:
|
|
- .env
|
|
ports:
|
|
- "${PORT:-8317}:${PORT:-8317}"
|
|
volumes:
|
|
- ./data:/app/data
|
|
# Read-only secrets (session bundles, etc). Created outside git; see README.
|
|
- ./secrets:/secrets:ro
|
|
restart: unless-stopped
|