services: sms-campaign: build: context: . dockerfile: ./docker/dockerfile container_name: sms-campaign-manager ports: - "5000:5000" # Web interface - "5037:5037" # ADB server volumes: - ./data:/app/data # SQLite database - ./uploads:/app/uploads # CSV uploads - ./logs:/app/logs # Logs - ./src:/app/src # Live source for development - ./src/static:/app/src/static # Static assets - ./src/templates:/app/src/templates # Templates # USB device access (if using USB ADB connection) # Uncomment the following lines if you need USB ADB: # devices: # - /dev/bus/usb:/dev/bus/usb # For specific device access (more secure), identify your device with 'lsusb' and use: # devices: # - /dev/bus/usb/001/002:/dev/bus/usb/001/002 environment: PHONE_IP: ${PHONE_IP:-10.0.0.193} ADB_PORT: ${ADB_PORT:-5555} TERMUX_API_PORT: ${TERMUX_API_PORT:-5001} FLASK_ENV: ${FLASK_ENV:-production} SECRET_KEY: ${SECRET_KEY} ADMIN_API_KEY: ${ADMIN_API_KEY} USER_API_KEY: ${USER_API_KEY} TERMUX_API_KEY: ${TERMUX_API_KEY} ADMIN_USERNAME: ${ADMIN_USERNAME:-admin} ADMIN_PASSWORD: ${ADMIN_PASSWORD} # Rate limiting configuration RATE_LIMIT_DEFAULT: ${RATE_LIMIT_DEFAULT:-200 per hour, 1000 per day} RATE_LIMIT_LOGIN: ${RATE_LIMIT_LOGIN:-5 per minute} RATE_LIMIT_SMS: ${RATE_LIMIT_SMS:-10 per minute, 100 per hour, 500 per day} RATE_LIMIT_UPLOAD: ${RATE_LIMIT_UPLOAD:-10 per hour, 50 per day} RATE_LIMIT_DATABASE_RESET: ${RATE_LIMIT_DATABASE_RESET:-2 per hour} # SECURITY: Removed privileged mode and host networking # - Network isolation via bridge network (default) # - ADB network connection works fine with regular networking and port mappings # - USB access can be granted via specific device mapping (see above) restart: unless-stopped stop_grace_period: 30s # Give container 30 seconds to gracefully shutdown healthcheck: test: ["CMD", "curl", "-f", "http://localhost:5000/health"] interval: 30s timeout: 10s retries: 3 start_period: 40s