Compose Configuration
AuroraSOC provides a full stack compose file for integrated runtime and a lightweight dev compose file for local service dependencies. The project works with both Docker and Podman container runtimes.
The default Compose stack follows the Python API and event-processing path. The rust-core service is an opt-in profile that you enable only when you want the Rust normalization and attestation fast path.
For the operator-facing startup walkthrough, use AI Agent Fleet Deployment. For runtime caveats and host-run versus containerized guidance, use Agent Fleet Runbook.
Production Stack (docker-compose.yml)
Network Isolation
The production stack uses four Docker networks:
| Network | Services | Purpose |
|---|---|---|
frontend | dashboard, api | Public-facing |
agent-mesh | api, agents, MCP servers | Internal AI/agent traffic |
data-plane | postgres (+ pgvector), redis, nats, rust-core when enabled | Data and event backbone |
iot-plane | mosquitto, rust-core when enabled, cps services | CPS/IoT telemetry and control |
Key Services
services:
api:
build:
context: .
dockerfile: infrastructure/docker/api.Dockerfile
ports:
- "8000:8000"
environment:
- PG_HOST=postgres
- REDIS_URL=redis://:${REDIS_PASSWORD}@redis:6379
- NATS_URL=nats://nats:4222
- MQTT_HOST=mosquitto
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_healthy
networks:
- frontend
- agent-mesh
- data-plane
Health Checks
Every service defines health checks:
postgres:
healthcheck:
test: ["CMD-SHELL", "pg_isready -U aurorasoc"]
interval: 10s
timeout: 5s
retries: 5
redis:
healthcheck:
test: ["CMD-SHELL", "redis-cli -a ${REDIS_PASSWORD} ping | grep -q PONG"]
interval: 10s
timeout: 5s
retries: 5
Services wait for their dependencies to be healthy before starting, preventing connection errors during startup.
Docker Compose Profiles
Agent services and the optional Rust fast path are grouped into Compose profiles, so you can enable only the containers your deployment needs.
Profile Tiers
| Profile | Components | Use Case |
|---|---|---|
agents-core | Baseline orchestrator and triage agents | Minimal triage and response fleet |
agents-extended | Additional domain specialists | Broader domain coverage |
agents-specialized | Advanced investigation/reporting specialists | Deeper investigation workflows |
agents | Full orchestrator + 13-specialist fleet | Convenience alias for the full agent deployment |
rust-core | Rust ingest, normalization, and attestation service | Optional fast path for high-throughput ingest |
The API and core infrastructure services start without agent profiles. Agent profiles add the orchestrator and the specialist containers defined in docker-compose.yml. The rust-core profile is independent and can be combined with any agent profile.
Usage Examples
# Start the default stack (no agents, no rust-core)
podman compose up -d
# Start full agent fleet
podman compose --profile agents up -d
# Minimal triage-only deployment
podman compose --profile agents-core up -d
# Full agent fleet plus the Rust fast path
podman compose --profile agents --profile rust-core up -d
# Enable the Rust fast path without the agent fleet
podman compose --profile rust-core up -d
Note: To fine-tune which agents within a profile are instantiated, set
ENABLED_AGENTSin your.envfile. The profile controls which containers are started;ENABLED_AGENTScontrols which Python agent objects the factory builds inside those containers.
Development Stack (docker-compose.dev.yml)
The dev stack is lightweight — only external services:
services:
postgres:
image: pgvector/pgvector:pg16
ports:
- "5432:5432"
redis:
image: redis:7-alpine
ports:
- "6379:6379"
nats:
image: nats:latest
ports:
- "4222:4222"
mosquitto:
image: eclipse-mosquitto:2
ports:
- "8883:8883"
Run AuroraSOC locally against these services:
# Start infrastructure
podman compose -f docker-compose.dev.yml up -d
# Run API locally
python -m aurorasoc.api.main
This local development flow continues to use the Python API/event path unless you explicitly enable the rust-core profile from docker-compose.yml.
Dockerfiles
Python API + Agent Images
Primary Python runtime Dockerfiles:
infrastructure/docker/api.Dockerfile(API service)infrastructure/docker/agent.Dockerfile(agents, worker, MCP servers)
Rust Core Engine (rust_core/Dockerfile)
Multi-stage Rust build with a hardened runtime image and HTTP healthcheck:
FROM rust:1.83-slim-bookworm AS builder
WORKDIR /build
COPY Cargo.toml Cargo.lock* ./
COPY src/ src/
RUN cargo build --release
FROM debian:bookworm-slim
RUN apt-get update && apt-get install -y ca-certificates curl && rm -rf /var/lib/apt/lists/*
COPY /build/target/release/aurora-core /usr/local/bin/aurora-core
EXPOSE 8080
HEALTHCHECK CMD curl -fsS http://localhost:8080/health || exit 1
ENTRYPOINT ["aurora-core"]
Dashboard (dashboard/Dockerfile)
FROM node:20-alpine as builder
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci
COPY . .
RUN npm run build
FROM node:20-alpine
COPY /app/.next/standalone ./
COPY /app/.next/static ./.next/static
CMD ["node", "server.js"]
Makefile Targets
The Makefile provides convenience wrappers:
make docker-up # Start default compose stack
make docker-down # Stop compose stack
make docker-logs # Tail compose logs
make vllm-up # Start only vLLM service
make vllm-status # Check vLLM health
make train-specialist # Fine-tune specialist model
make train-orchestrator # Fine-tune orchestrator model
make train-all # Train both specialist + orchestrator
make serve-vllm # Serve trained model with vLLM
make serve-ollama # Serve trained model with Ollama
make docker-build # Build all Docker images
make migrate # Run Alembic migrations
make clean # Remove local build/test artifacts and caches
The recommended development workflow:
make docker-up— Start the default compose stack- Develop in your IDE with hot-reload
make test— Run testsmake lint— Check code qualitymake docker-build— Build Docker images for staging