harkon/ai-tax-agent
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

clean up base infra
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
Details
CI/CD Pipeline / Policy Validation (push) Has been cancelled
Details
CI/CD Pipeline / Test Suite (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
CI/CD Pipeline / Notifications (push) Has been cancelled
Details

Browse Source
This commit is contained in:
harkon
2025-10-11 11:42:43 +01:00
parent b324ff09ef
commit f0f7674b8d
52 changed files with 663 additions and 5224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
infra/base/services.yaml
View File

@@ -6,31 +6,31 @@
networks:
frontend:
external: true
name: frontend
name: apa-frontend
backend:
external: true
name: backend
name: apa-backend
services:
# Document Ingestion Service
svc-ingestion:
apa-svc-ingestion:
image: gitea.harkon.co.uk/harkon/svc-ingestion:latest
container_name: svc-ingestion
container_name: apa-svc-ingestion
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- MINIO_ENDPOINT=minio:9092
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- REDIS_URL=redis://apa-redis:6379
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -45,24 +45,24 @@ services:
- "traefik.http.services.svc-ingestion.loadbalancer.server.port=8000"
# Data Extraction Service
svc-extract:
apa-svc-extract:
image: gitea.harkon.co.uk/harkon/svc-extract:latest
container_name: svc-extract
container_name: apa-svc-extract
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- MINIO_ENDPOINT=minio:9092
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- REDIS_URL=redis://apa-redis:6379
- RAG_EMBEDDING_MODEL=${RAG_EMBEDDING_MODEL}
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
@@ -78,17 +78,17 @@ services:
- "traefik.http.services.svc-extract.loadbalancer.server.port=8000"
# Knowledge Graph Service
svc-kg:
apa-svc-kg:
image: gitea.harkon.co.uk/harkon/svc-kg:latest
container_name: svc-kg
container_name: apa-svc-kg
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- NEO4J_URI=bolt://neo4j:7687
- NEO4J_URI=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
@@ -105,18 +105,18 @@ services:
- "traefik.http.services.svc-kg.loadbalancer.server.port=8000"
# RAG Retrieval Service
svc-rag-retriever:
apa-svc-rag-retriever:
image: gitea.harkon.co.uk/harkon/svc-rag-retriever:latest
container_name: svc-rag-retriever
container_name: apa-svc-rag-retriever
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- QDRANT_URL=http://qdrant:6333
- NEO4J_URI=bolt://neo4j:7687
- QDRANT_URL=http://apa-qdrant:6333
- NEO4J_URI=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- RAG_EMBEDDING_MODEL=${RAG_EMBEDDING_MODEL}
@@ -135,25 +135,25 @@ services:
- "traefik.http.services.svc-rag-retriever.loadbalancer.server.port=8000"
# Forms Service
svc-forms:
apa-svc-forms:
image: gitea.harkon.co.uk/harkon/svc-forms:latest
container_name: svc-forms
container_name: apa-svc-forms
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -168,25 +168,25 @@ services:
- "traefik.http.services.svc-forms.loadbalancer.server.port=8000"
# HMRC Integration Service
svc-hmrc:
apa-svc-hmrc:
image: gitea.harkon.co.uk/harkon/svc-hmrc:latest
container_name: svc-hmrc
container_name: apa-svc-hmrc
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- HMRC_MTD_ITSA_MODE=${HMRC_MTD_ITSA_MODE}
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
@@ -202,25 +202,25 @@ services:
- "traefik.http.services.svc-hmrc.loadbalancer.server.port=8000"
# OCR Service
svc-ocr:
apa-svc-ocr:
image: gitea.harkon.co.uk/harkon/svc-ocr:latest
container_name: svc-ocr
container_name: apa-svc-ocr
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -235,25 +235,25 @@ services:
- "traefik.http.services.svc-ocr.loadbalancer.server.port=8000"
# RAG Indexer Service
svc-rag-indexer:
apa-svc-rag-indexer:
image: gitea.harkon.co.uk/harkon/svc-rag-indexer:latest
container_name: svc-rag-indexer
container_name: apa-svc-rag-indexer
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -268,25 +268,25 @@ services:
- "traefik.http.services.svc-rag-indexer.loadbalancer.server.port=8000"
# Reasoning Service
svc-reason:
apa-svc-reason:
image: gitea.harkon.co.uk/harkon/svc-reason:latest
container_name: svc-reason
container_name: apa-svc-reason
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -301,25 +301,25 @@ services:
- "traefik.http.services.svc-reason.loadbalancer.server.port=8000"
# RPA Service
svc-rpa:
apa-svc-rpa:
image: gitea.harkon.co.uk/harkon/svc-rpa:latest
container_name: svc-rpa
container_name: apa-svc-rpa
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -334,25 +334,25 @@ services:
- "traefik.http.services.svc-rpa.loadbalancer.server.port=8000"
# Normalize & Map Service
svc-normalize-map:
apa-svc-normalize-map:
image: gitea.harkon.co.uk/harkon/svc-normalize-map:latest
container_name: svc-normalize-map
container_name: apa-svc-normalize-map
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -367,25 +367,25 @@ services:
- "traefik.http.services.svc-normalize-map.loadbalancer.server.port=8000"
# Coverage Service
svc-coverage:
apa-svc-coverage:
image: gitea.harkon.co.uk/harkon/svc-coverage:latest
container_name: svc-coverage
container_name: apa-svc-coverage
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -400,25 +400,25 @@ services:
- "traefik.http.services.svc-coverage.loadbalancer.server.port=8000"
# Firm Connectors Service
svc-firm-connectors:
apa-svc-firm-connectors:
image: gitea.harkon.co.uk/harkon/svc-firm-connectors:latest
container_name: svc-firm-connectors
container_name: apa-svc-firm-connectors
restart: unless-stopped
networks:
- backend
- frontend
environment:
- VAULT_ADDR=http://vault:8200
- VAULT_ADDR=http://apa-vault:8200
- VAULT_TOKEN=${VAULT_DEV_ROOT_TOKEN_ID}
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/tax_system
- NEO4J_URL=bolt://neo4j:7687
- POSTGRES_URL=postgresql://postgres:${POSTGRES_PASSWORD}@apa-postgres:5432/tax_system
- NEO4J_URL=bolt://apa-neo4j:7687
- NEO4J_USER=neo4j
- NEO4J_PASSWORD=${NEO4J_PASSWORD}
- REDIS_URL=redis://redis:6379
- MINIO_ENDPOINT=minio:9092
- REDIS_URL=redis://apa-redis:6379
- MINIO_ENDPOINT=apa-minio:9092
- MINIO_ACCESS_KEY=${MINIO_ROOT_USER}
- MINIO_SECRET_KEY=${MINIO_ROOT_PASSWORD}
- QDRANT_URL=http://qdrant:6333
- QDRANT_URL=http://apa-qdrant:6333
- EVENT_BUS_TYPE=${EVENT_BUS_TYPE}
- NATS_SERVERS=${NATS_SERVERS}
- NATS_STREAM_NAME=${NATS_STREAM_NAME}
@@ -433,9 +433,9 @@ services:
- "traefik.http.services.svc-firm-connectors.loadbalancer.server.port=8000"
# Review UI
ui-review:
apa-ui-review:
image: gitea.harkon.co.uk/harkon/ui-review:latest
container_name: ui-review
container_name: apa-ui-review
restart: unless-stopped
networks:
- frontend