Initial commit: AASRT v1.0.0 - AI Agent Security Reconnaissance Tool

docker-compose.yml

@@ -0,0 +1,110 @@
+# =============================================================================
+# AASRT - AI Agent Security Reconnaissance Tool
+# Docker Compose Configuration for Production Deployment
+# =============================================================================
+#
+# Usage:
+#   docker-compose up -d              # Start all services
+#   docker-compose up -d aasrt        # Start only AASRT (SQLite mode)
+#   docker-compose logs -f aasrt      # View logs
+#   docker-compose down               # Stop all services
+#
+# Environment:
+#   Copy .env.example to .env and configure your settings before starting.
+#
+# =============================================================================
+
+services:
+  # ---------------------------------------------------------------------------
+  # AASRT Web Application (Streamlit)
+  # ---------------------------------------------------------------------------
+  aasrt:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: aasrt-web
+    restart: unless-stopped
+    ports:
+      - "${STREAMLIT_SERVER_PORT:-8501}:8501"
+    environment:
+      # Shodan API (Required)
+      - SHODAN_API_KEY=${SHODAN_API_KEY}
+      # Application settings
+      - AASRT_ENVIRONMENT=${AASRT_ENVIRONMENT:-production}
+      - AASRT_LOG_LEVEL=${AASRT_LOG_LEVEL:-INFO}
+      - AASRT_DEBUG=${AASRT_DEBUG:-false}
+      # Rate limiting
+      - AASRT_MAX_SCANS_PER_HOUR=${AASRT_MAX_SCANS_PER_HOUR:-10}
+      - AASRT_SCAN_COOLDOWN=${AASRT_SCAN_COOLDOWN:-30}
+      # Database (use PostgreSQL in production)
+      - DB_TYPE=${DB_TYPE:-sqlite}
+      - DB_HOST=postgres
+      - DB_PORT=5432
+      - DB_NAME=${DB_NAME:-aasrt}
+      - DB_USER=${DB_USER:-aasrt}
+      - DB_PASSWORD=${DB_PASSWORD}
+      # ClawSec integration
+      - CLAWSEC_ENABLED=${CLAWSEC_ENABLED:-false}
+      - CLAWSEC_API_KEY=${CLAWSEC_API_KEY:-}
+    volumes:
+      # Persist data
+      - aasrt-data:/app/data
+      - aasrt-logs:/app/logs
+      - aasrt-reports:/app/reports
+    depends_on:
+      postgres:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8501/_stcore/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+    networks:
+      - aasrt-network
+
+  # ---------------------------------------------------------------------------
+  # PostgreSQL Database (Production)
+  # ---------------------------------------------------------------------------
+  postgres:
+    image: postgres:16-alpine
+    container_name: aasrt-postgres
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER=${DB_USER:-aasrt}
+      - POSTGRES_PASSWORD=${DB_PASSWORD:?Database password required}
+      - POSTGRES_DB=${DB_NAME:-aasrt}
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-aasrt} -d ${DB_NAME:-aasrt}"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 10s
+    networks:
+      - aasrt-network
+    # Security: Only accessible from internal network
+    expose:
+      - "5432"
+
+# =============================================================================
+# Networks
+# =============================================================================
+networks:
+  aasrt-network:
+    driver: bridge
+
+# =============================================================================
+# Volumes
+# =============================================================================
+volumes:
+  aasrt-data:
+    driver: local
+  aasrt-logs:
+    driver: local
+  aasrt-reports:
+    driver: local
+  postgres-data:
+    driver: local
+