diff --git a/faceai/README.md b/faceai/README.md index a805a508..ee31220c 100644 --- a/faceai/README.md +++ b/faceai/README.md @@ -186,7 +186,7 @@ Then start the processor in a second shell, either with its own local environmen ## Docker Compose Deployment For The Public Site And Matcher Runner -The checked-in `docker-compose.yml` is for local integration testing because it also includes the PHP simulator and local bind mounts. For hosted deployment, keep the same three-service application topology but remove `legacy-php` and replace the local mounts with your production matcher and PKL paths. +The checked-in `docker-compose.yml` is for local integration testing because it also includes the PHP simulator and local bind mounts. For hosted deployment, keep the same three-service application topology but remove `legacy-php` and replace the local mounts with the real production paths on the host. The public FaceAI site and the matcher runner can both use the same application image. The difference is only the process command: @@ -197,12 +197,18 @@ If that shared image also embeds or mounts the current Linux `face_matcher` buil ### Production Compose Example -Replace the registry path, secrets, and host paths with the real deployment values. +This example assumes: + +- FaceAI runtime files, logs, and matcher binaries live under `/var/docker/faceai` on the host +- the NAS export is already mounted on the host at `/mnt/nas12` via `/etc/fstab`, for example `192.168.10.247:/public /mnt/nas12 nfs rw,noatime 0 0` +- the race dataset root is available on the host at `/mnt/nas12/nas2/RUS` + +Replace the registry path and secrets with the real deployment values. ```yaml services: faceai: - image: registry.example.com/my-namespace/faceai:latest + image: forgejo.maddoscientisto.net/maddo/faceai-client:latest container_name: regalami-faceai restart: unless-stopped command: sh -c "mkdir -p /data/logs && npm run start >> /data/logs/backend.log 2>&1" @@ -222,16 +228,16 @@ services: FACEAI_PKL_ROOT: /data/pkl FACEAI_ENABLE_LOCAL_LEGACY_STATIC: 0 volumes: - - faceai-runtime:/data/runtime - - /srv/faceai/logs:/data/logs - - /srv/faceai/pkl:/data/pkl:ro + - /var/docker/faceai/runtime:/data/runtime + - /var/docker/faceai/logs:/data/logs + - /mnt/nas12/nas2/RUS:/data/pkl:ro ports: - "127.0.0.1:3001:3001" depends_on: - redis processor: - image: registry.example.com/my-namespace/faceai:latest + image: forgejo.maddoscientisto.net/maddo/faceai-client:latest container_name: regalami-faceai-processor restart: unless-stopped command: sh -c "mkdir -p /data/logs && npm run start:processor >> /data/logs/processor.log 2>&1" @@ -246,10 +252,10 @@ services: FACEAI_WORKER_CONCURRENCY: 2 FACEAI_WORKER_TIMEOUT_MS: 300000 volumes: - - faceai-runtime:/data/runtime - - /srv/faceai/logs:/data/logs - - /srv/faceai/pkl:/data/pkl:ro - - /srv/faceai/bin/Face_Recognition_Unix:/opt/face-recognition:ro + - /var/docker/faceai/runtime:/data/runtime + - /var/docker/faceai/logs:/data/logs + - /mnt/nas12/nas2/RUS:/data/pkl:ro + - /var/docker/faceai/bin/Face_Recognition_Unix:/opt/face-recognition:ro depends_on: - redis @@ -258,13 +264,12 @@ services: container_name: regalami-faceai-redis restart: unless-stopped command: redis-server --appendonly no - -volumes: - faceai-runtime: ``` This pattern assumes a reverse proxy on the host publishes `https://ai.regalamiunsorriso.it` and forwards to `127.0.0.1:3001`. The processor is internal-only and does not expose any public port. +The NAS-backed dataset bind mount stays read-only in both containers. That keeps the application aligned with the local Compose contract, where both services can inspect the same PKL tree but neither service can modify the underlying race data. + ### Required Runtime Configuration Shared application settings: