--- x-podman: &podman userns_mode: keep-id security_opt: - "label=disable" x-logging: &default-logging driver: json-file options: mode: non-blocking max-buffer-size: 4m max-size: "200m" max-file: "1" x-common-environment: &common-environment TZ: ${TZ:-UTC} x-audio-environment: &audio-environment <<: *common-environment PULSE_SERVER: unix:${XDG_RUNTIME_DIR}/pulse/native PULSE_COOKIE: /home/${OVOS_USER}/.config/pulse/cookie XDG_RUNTIME_DIR: ${XDG_RUNTIME_DIR} x-resource-limits: &resource-limits deploy: resources: limits: memory: 512M reservations: memory: 128M x-core-resource-limits: &core-resource-limits deploy: resources: limits: memory: 1G cpus: "1.0" reservations: memory: 256M cpus: "0.25" x-skill-resource-limits: &skill-resource-limits deploy: resources: limits: memory: 256M reservations: memory: 64M volumes: ovos_models: name: ovos_models driver: local ovos_vosk: name: ovos_vosk driver: local ovos_listener_records: name: ovos_listener_records driver: local ovos_tts_cache: name: ovos_tts_cache driver: local ovos_nltk: name: ovos_nltk driver: local ovos_local_state: name: ovos_local_state driver: local services: ovos_messagebus: <<: [*podman, *resource-limits] container_name: ovos_messagebus hostname: ovos_messagebus restart: unless-stopped image: docker.io/smartgic/ovos-messagebus:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *common-environment network_mode: host volumes: - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft:ro - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ${TMP_FOLDER}:/tmp/mycroft ovos_phal: <<: [*podman, *resource-limits] container_name: ovos_phal hostname: ovos_phal restart: unless-stopped image: docker.io/smartgic/ovos-phal:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *audio-environment network_mode: host # Use specific capabilities instead of privileged mode where possible cap_add: - SYS_ADMIN - DAC_OVERRIDE # Only use privileged if absolutely necessary for hardware access privileged: true volumes: - ~/.config/pulse/cookie:/home/${OVOS_USER}/.config/pulse/cookie:ro - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft - ${OVOS_CONFIG_PHAL_FOLDER}:/home/${OVOS_USER}/.config/OpenVoiceOS - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ${TMP_FOLDER}:/tmp/mycroft - ${XDG_RUNTIME_DIR}/pipewire-0:${XDG_RUNTIME_DIR}/pipewire-0:ro - ${XDG_RUNTIME_DIR}/pulse:${XDG_RUNTIME_DIR}/pulse:ro depends_on: ovos_messagebus: condition: service_started ovos_phal_admin: <<: [*podman, *resource-limits] container_name: ovos_phal_admin hostname: ovos_phal_admin restart: unless-stopped image: docker.io/smartgic/ovos-phal-admin:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *common-environment network_mode: host # Use specific capabilities instead of privileged mode where possible cap_add: - SYS_ADMIN - DAC_OVERRIDE # Only use privileged if absolutely necessary for hardware access privileged: true volumes: - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft - ${OVOS_CONFIG_PHAL_FOLDER}:/home/${OVOS_USER}/.config/OpenVoiceOS - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ${TMP_FOLDER}:/tmp/mycroft - /sys:/sys:ro - /dev:/dev:ro depends_on: ovos_messagebus: condition: service_started ovos_listener: <<: [*podman, *resource-limits] container_name: ovos_listener hostname: ovos_listener restart: unless-stopped image: docker.io/smartgic/ovos-listener:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *audio-environment network_mode: host devices: - /dev/snd volumes: - ~/.config/pulse/cookie:/home/${OVOS_USER}/.config/pulse/cookie:ro - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft:ro - ovos_listener_records:/home/${OVOS_USER}/.local/share/mycroft/listener - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ovos_models:/home/${OVOS_USER}/.local/share/precise-lite - ovos_vosk:/home/${OVOS_USER}/.local/share/vosk - ${TMP_FOLDER}:/tmp/mycroft - ${XDG_RUNTIME_DIR}/pipewire-0:${XDG_RUNTIME_DIR}/pipewire-0:ro - ${XDG_RUNTIME_DIR}/pulse:${XDG_RUNTIME_DIR}/pulse:ro depends_on: ovos_messagebus: condition: service_started ovos_phal: condition: service_started ovos_plugin_ggwave: <<: [*podman, *resource-limits] container_name: ovos_plugin_ggwave hostname: ovos_plugin_ggwave restart: unless-stopped image: docker.io/smartgic/ovos-plugin-ggwave:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *audio-environment network_mode: host devices: - /dev/snd volumes: - ~/.config/pulse/cookie:/home/${OVOS_USER}/.config/pulse/cookie:ro - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft:ro - ${TMP_FOLDER}:/tmp/mycroft - ${XDG_RUNTIME_DIR}/pipewire-0:${XDG_RUNTIME_DIR}/pipewire-0:ro - ${XDG_RUNTIME_DIR}/pulse:${XDG_RUNTIME_DIR}/pulse:ro depends_on: ovos_messagebus: condition: service_started ovos_phal: condition: service_started healthcheck: test: ["CMD", "pgrep", "-f", "ggwave"] interval: 30s timeout: 10s retries: 3 start_period: 15s ovos_audio: <<: [*podman, *resource-limits] container_name: ovos_audio hostname: ovos_audio restart: unless-stopped image: docker.io/smartgic/ovos-audio:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *audio-environment DBUS_SESSION_BUS_ADDRESS: unix:path=${XDG_RUNTIME_DIR}/bus network_mode: host devices: - /dev/snd volumes: - ~/.config/pulse/cookie:/home/${OVOS_USER}/.config/pulse/cookie:ro - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ovos_tts_cache:/home/${OVOS_USER}/.cache/mycroft - ${TMP_FOLDER}:/tmp/mycroft - ${XDG_RUNTIME_DIR}/bus:${XDG_RUNTIME_DIR}/bus:ro - ${XDG_RUNTIME_DIR}/pipewire-0:${XDG_RUNTIME_DIR}/pipewire-0:ro - ${XDG_RUNTIME_DIR}/pulse:${XDG_RUNTIME_DIR}/pulse:ro depends_on: ovos_messagebus: condition: service_started ovos_phal: condition: service_started ovos_core: <<: [*podman, *core-resource-limits] container_name: ovos_core hostname: ovos_core restart: unless-stopped image: docker.io/smartgic/ovos-core:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *audio-environment network_mode: host devices: - /dev/snd volumes: - ~/.config/pulse/cookie:/home/${OVOS_USER}/.config/pulse/cookie:ro - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft - ${OVOS_PERSONA_FOLDER}:/home/${OVOS_USER}/.config/ovos_persona - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ovos_nltk:/home/${OVOS_USER}/nltk_data - ${OVOS_SHARE_FOLDER}:/home/${OVOS_USER}/.local/share/mycroft - ${TMP_FOLDER}:/tmp/mycroft - ${XDG_RUNTIME_DIR}/pipewire-0:${XDG_RUNTIME_DIR}/pipewire-0:ro - ${XDG_RUNTIME_DIR}/pulse:${XDG_RUNTIME_DIR}/pulse:ro depends_on: ovos_messagebus: condition: service_started ovos_phal: condition: service_started ovos_cli: <<: [*podman, *resource-limits] container_name: ovos_cli hostname: ovos_cli restart: unless-stopped image: docker.io/smartgic/ovos-cli:${VERSION} logging: *default-logging pull_policy: ${PULL_POLICY:-always} environment: <<: *common-environment network_mode: host volumes: - ${OVOS_CONFIG_FOLDER}:/home/${OVOS_USER}/.config/mycroft - ovos_local_state:/home/${OVOS_USER}/.local/state/mycroft - ${TMP_FOLDER}:/tmp/mycroft depends_on: ovos_messagebus: condition: service_started