services: plutia: image: ghcr.io/fuwn/plutia:0.1.0 command: ["plutia", "serve", "--config=/etc/plutia/config.yaml"] user: "${PLUTIA_USER:-1000:1000}" init: true stop_signal: SIGTERM stop_grace_period: 60s environment: # Mirror/resolver mode override. PLUTIA_MODE: ${PLUTIA_MODE:-mirror} # Verification policy override: full | lazy | state-only. PLUTIA_VERIFY: ${VERIFY_POLICY:-full} # Checkpoint cadence and ingestion batching. PLUTIA_CHECKPOINT_INTERVAL: ${CHECKPOINT_INTERVAL:-100000} PLUTIA_COMMIT_BATCH_SIZE: ${COMMIT_BATCH_SIZE:-128} PLUTIA_VERIFY_WORKERS: ${VERIFY_WORKERS:-8} # Request timeout, upstream retry/backoff, and rate-limiting controls. PLUTIA_REQUEST_TIMEOUT: ${REQUEST_TIMEOUT:-10s} PLUTIA_HTTP_RETRY_MAX_ATTEMPTS: ${HTTP_RETRY_MAX_ATTEMPTS:-8} PLUTIA_HTTP_RETRY_BASE_DELAY: ${HTTP_RETRY_BASE_DELAY:-250ms} PLUTIA_HTTP_RETRY_MAX_DELAY: ${HTTP_RETRY_MAX_DELAY:-10s} PLUTIA_RATE_LIMIT_RESOLVE_RPS: ${RATE_LIMIT_RESOLVE_RPS:-30} PLUTIA_RATE_LIMIT_RESOLVE_BURST: ${RATE_LIMIT_RESOLVE_BURST:-60} PLUTIA_RATE_LIMIT_PROOF_RPS: ${RATE_LIMIT_PROOF_RPS:-10} PLUTIA_RATE_LIMIT_PROOF_BURST: ${RATE_LIMIT_PROOF_BURST:-20} # Ensure state persists in the mounted data path and checkpoints can be signed. PLUTIA_DATA_DIR: /var/lib/plutia PLUTIA_MIRROR_PRIVATE_KEY_PATH: ${MIRROR_PRIVATE_KEY_PATH:-/var/lib/plutia/mirror.key} ports: # HTTP API + /metrics on the same listener. - "8080:8080" # Prometheus scrape example: # - job_name: "plutia" # static_configs: # - targets: ["localhost:8080"] # metrics_path: /metrics volumes: - ./config.default.yaml:/etc/plutia/config.yaml:ro - ./data:/var/lib/plutia healthcheck: test: ["CMD-SHELL", "wget -q -O- http://127.0.0.1:8080/health >/dev/null 2>&1 || curl -fsS http://127.0.0.1:8080/health >/dev/null"] interval: 30s timeout: 5s retries: 5 start_period: 20s cpus: "${PLUTIA_CPU_LIMIT:-2.0}" mem_limit: "${PLUTIA_MEM_LIMIT:-2g}" pids_limit: 512 ulimits: nofile: soft: 65536 hard: 65536 logging: driver: json-file options: max-size: "10m" max-file: "5" restart: unless-stopped