From bdeec5e3837c06c2a375d14052a7190af4c29836 Mon Sep 17 00:00:00 2001 From: Ted Kim Date: Fri, 3 Jul 2026 12:28:28 -0400 Subject: [PATCH] fix(localmode): regenerate embedded compose (duration env + strip server-owned secrets) --- .../assets/docker-compose.template.yml | 91 +++++++++++-------- 1 file changed, 54 insertions(+), 37 deletions(-) diff --git a/internal/localmode/assets/docker-compose.template.yml b/internal/localmode/assets/docker-compose.template.yml index d7f7a11..ed13058 100644 --- a/internal/localmode/assets/docker-compose.template.yml +++ b/internal/localmode/assets/docker-compose.template.yml @@ -5,6 +5,7 @@ services: postgres: image: ${VOLCANO_POSTGRES_IMAGE:-mirror.gcr.io/library/postgres:16-alpine} container_name: volcano-postgres + command: ["postgres", "-c", "shared_preload_libraries=pg_stat_statements"] environment: POSTGRES_DB: volcano POSTGRES_USER: volcano @@ -82,9 +83,9 @@ services: AWS_REGION: us-east-1 AWS_ACCESS_KEY_ID: local AWS_SECRET_ACCESS_KEY: local - REDIS_TIMEOUT: "60" - USAGE_SYNC_INTERVAL: "30" - USAGE_SYNC_LOCK_TTL: "30" + REDIS_TIMEOUT: "60s" + USAGE_SYNC_INTERVAL: "30s" + USAGE_SYNC_LOCK_TTL: "30s" SOURCE_ARCHIVE_SIZE_LIMIT_MB: "256" LAMBDA_TARGET_CONTAINER_SIZE_LIMIT_MB: "4096" PORT: "8000" @@ -104,48 +105,64 @@ services: FREE_FUNCTION_TIMEOUT: "30" FREE_FUNCTION_MEMORY: "128" FREE_FUNCTION_DISK: "512" - PRO_FUNCTION_TIMEOUT: "300" - PRO_FUNCTION_MEMORY: "1024" - PRO_FUNCTION_DISK: "2048" + FREE_FUNCTION_RATELIMIT: "10" + FREE_FUNCTION_ALL_RATELIMIT: "60" + FREE_FUNC_INVOCATIONS_PER_MONTH: "100000" + FREE_BUILD_TIMEOUT_MINUTES: "30" + # Monthly build-minutes cap (0 = unlimited). Local-mode keeps builds + # unconstrained so dev iteration is never blocked. + FREE_BUILD_MAX_MINUTES: "0" + PRO_BUILD_MAX_MINUTES: "0" + # Runtime log retention (TTL) and max search lookback in days. + FREE_LOG_RETENTION_DAYS: "1" + PRO_LOG_RETENTION_DAYS: "30" + PRO_FUNCTION_TIMEOUT: "180" + PRO_FUNCTION_MEMORY: "256" + PRO_FUNCTION_DISK: "1024" + PRO_FUNCTION_RATELIMIT: "0" + PRO_FUNCTION_ALL_RATELIMIT: "0" + PRO_FUNC_INVOCATIONS_PER_MONTH: "0" + PRO_BUILD_TIMEOUT_MINUTES: "60" + FREE_IMAGE_OPTIMIZER_TIMEOUT: "90" + PRO_IMAGE_OPTIMIZER_TIMEOUT: "90" + FREE_IMAGE_OPTIMIZER_MEMORY: "1024" + PRO_IMAGE_OPTIMIZER_MEMORY: "1024" + FREE_IMAGE_OPTIMIZER_DISK: "1024" + PRO_IMAGE_OPTIMIZER_DISK: "1024" # Custom-domain plan limits (cloud separates FREE/PRO; meaningless locally) FREE_FRONTEND_CUSTOM_DOMAINS: "10" PRO_FRONTEND_CUSTOM_DOMAINS: "10" - # Function scheduler limits (cloud: FREE=0, PRO=5; local-mode keeps both - # permissive so signup users on the default FREE plan can still test) - FREE_SCHEDULER_COUNT: "10" - PRO_SCHEDULER_COUNT: "10" + # Function scheduler limits. Sentinel convention: -1 = disabled, 0 = + # unlimited, N = cap. Cloud sets FREE=-1 (disabled), PRO=5; local-mode + # keeps cloud parity for plan-limit testing. + FREE_SCHEDULER_COUNT: "-1" + PRO_SCHEDULER_COUNT: "5" + # Database count caps. Sentinel convention: 0 = unlimited, N = cap. Cloud + # sets FREE=1, PRO=0 (unlimited); local-mode keeps both unlimited so signup + # users on the default FREE plan can create as many databases as they need. + FREE_DATABASE_CAP: "0" + PRO_DATABASE_CAP: "0" + # Database storage caps in MB. 0 = unlimited. Cloud sets FREE=1024 (1 GB), + # PRO=0; local-mode keeps both unlimited so dev databases can grow freely. + FREE_DATABASE_STORAGE_LIMIT_MB: "0" + PRO_DATABASE_STORAGE_LIMIT_MB: "0" + FREE_STORAGE_BUCKETS_PER_PROJECT: "20" + PRO_STORAGE_BUCKETS_PER_PROJECT: "0" # Deployable regions used by project region resolution (`all_regions=true` # projects default to this list). Cloud passes the real multi-region set; # locally we surface a representative subset so feature pickers and # scheduler validation have something to work with. AWS_REGIONS: "us-east-1,eu-west-1,ap-southeast-1" - # Stripe Billing (optional) - STRIPE_SECRET_KEY: ${STRIPE_SECRET_KEY:-} - STRIPE_WEBHOOK_SECRET: ${STRIPE_WEBHOOK_SECRET:-} - STRIPE_PRICE_ID_PRO_MONTHLY: ${STRIPE_PRICE_ID_PRO_MONTHLY:-} - STRIPE_PRICE_ID_PRO_YEARLY: ${STRIPE_PRICE_ID_PRO_YEARLY:-} - STRIPE_PRICE_ID_ADDON_BUILDER_CREDITS_MONTHLY: ${STRIPE_PRICE_ID_ADDON_BUILDER_CREDITS_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_BUILDER_CREDITS_YEARLY: ${STRIPE_PRICE_ID_ADDON_BUILDER_CREDITS_YEARLY:-} - STRIPE_PRICE_ID_ADDON_FUNC_INVOCATIONS_MONTHLY: ${STRIPE_PRICE_ID_ADDON_FUNC_INVOCATIONS_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_FUNC_INVOCATIONS_YEARLY: ${STRIPE_PRICE_ID_ADDON_FUNC_INVOCATIONS_YEARLY:-} - STRIPE_PRICE_ID_ADDON_STORAGE_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_ADDON_STORAGE_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_STORAGE_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_ADDON_STORAGE_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_ADDON_AUTH_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_ADDON_AUTH_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_AUTH_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_ADDON_AUTH_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_ADDON_DATABASE_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_ADDON_DATABASE_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_DATABASE_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_ADDON_DATABASE_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_ADDON_REALTIME_MESSAGES_MONTHLY: ${STRIPE_PRICE_ID_ADDON_REALTIME_MESSAGES_MONTHLY:-} - STRIPE_PRICE_ID_ADDON_REALTIME_MESSAGES_YEARLY: ${STRIPE_PRICE_ID_ADDON_REALTIME_MESSAGES_YEARLY:-} - STRIPE_PRICE_ID_OVERAGE_FUNC_INVOCATIONS_MONTHLY: ${STRIPE_PRICE_ID_OVERAGE_FUNC_INVOCATIONS_MONTHLY:-} - STRIPE_PRICE_ID_OVERAGE_FUNC_INVOCATIONS_YEARLY: ${STRIPE_PRICE_ID_OVERAGE_FUNC_INVOCATIONS_YEARLY:-} - STRIPE_PRICE_ID_OVERAGE_STORAGE_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_OVERAGE_STORAGE_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_OVERAGE_STORAGE_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_OVERAGE_STORAGE_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_OVERAGE_AUTH_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_OVERAGE_AUTH_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_OVERAGE_AUTH_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_OVERAGE_AUTH_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_OVERAGE_DATABASE_REQUESTS_MONTHLY: ${STRIPE_PRICE_ID_OVERAGE_DATABASE_REQUESTS_MONTHLY:-} - STRIPE_PRICE_ID_OVERAGE_DATABASE_REQUESTS_YEARLY: ${STRIPE_PRICE_ID_OVERAGE_DATABASE_REQUESTS_YEARLY:-} - STRIPE_PRICE_ID_OVERAGE_REALTIME_MESSAGES_MONTHLY: ${STRIPE_PRICE_ID_OVERAGE_REALTIME_MESSAGES_MONTHLY:-} - STRIPE_PRICE_ID_OVERAGE_REALTIME_MESSAGES_YEARLY: ${STRIPE_PRICE_ID_OVERAGE_REALTIME_MESSAGES_YEARLY:-} + # First-party bootstrap (optional). ANON_KEY_SECRET is sourced from + # .env.local and must match the secret VOLCANO_FIRST_PARTY_ANON_KEY was + # signed with, since the server validates that key during bootstrap. + VOLCANO_FIRST_PARTY_USER_ID: ${VOLCANO_FIRST_PARTY_USER_ID:-} + VOLCANO_FIRST_PARTY_USER_DISPLAY_NAME: ${VOLCANO_FIRST_PARTY_USER_DISPLAY_NAME:-} + VOLCANO_FIRST_PARTY_USER_TOKEN: ${VOLCANO_FIRST_PARTY_USER_TOKEN:-} + VOLCANO_FIRST_PARTY_PROJECT_ID: ${VOLCANO_FIRST_PARTY_PROJECT_ID:-} + VOLCANO_FIRST_PARTY_PROJECT_NAME: ${VOLCANO_FIRST_PARTY_PROJECT_NAME:-} + VOLCANO_FIRST_PARTY_ANON_KEY: ${VOLCANO_FIRST_PARTY_ANON_KEY:-} + VOLCANO_FIRST_PARTY_DEVICE_CLIENT_ID: ${VOLCANO_FIRST_PARTY_DEVICE_CLIENT_ID:-} volumes: - volcano-storage:/app/local-storage ports: