Docker Compose Deployment Strategy
How to package and deploy Nexus 3.0 to new servers.
Docker vs Docker Compose
| Aspect | Docker (Image) | Docker Compose |
|---|---|---|
| What it is | Single container snapshot | Multi-container orchestrator |
| Use case | One application | Multiple services working together |
| Configuration | Dockerfile | docker-compose.yml |
| Deployment | docker run | docker-compose up |
Nexus uses Docker Compose because it has 20+ environments, each with vault and operational containers.
Image Sharing
Docker is smart about layers: - FalkorDB image: ~500MB - 40 containers (20 envs x 2) share the SAME base image - Total storage: ~2GB for infrastructure + data - Data grows independently per environment
Compose File Structure
version: '3.8'
networks:
nexus-storage-network:
driver: bridge
services:
# SECURE ENVIRONMENTS (vault only)
user-vault:
image: falkordb/falkordb:latest
container_name: nexus3-user-vault
restart: unless-stopped
networks:
- nexus-storage-network
ports:
- "6610:6379"
volumes:
- /data/nexus3/user/vault:/var/lib/falkordb/data
command: redis-server --loadmodule /var/lib/falkordb/bin/falkordb.so
locker-vault:
image: falkordb/falkordb:latest
container_name: nexus3-locker-vault
restart: unless-stopped
networks:
- nexus-storage-network
ports:
- "6720:6379"
volumes:
- /data/nexus3/locker/vault:/var/lib/falkordb/data
command: redis-server --loadmodule /var/lib/falkordb/bin/falkordb.so
# STANDARD ENVIRONMENTS (vault + operational)
track-vault:
image: falkordb/falkordb:latest
container_name: nexus3-track-vault
restart: unless-stopped
networks:
- nexus-storage-network
ports:
- "6640:6379"
volumes:
- /data/nexus3/track/vault:/var/lib/falkordb/data
command: redis-server --loadmodule /var/lib/falkordb/bin/falkordb.so
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 5s
timeout: 3s
retries: 3
track-operational:
image: falkordb/falkordb:latest
container_name: nexus3-track-operational
restart: unless-stopped
networks:
- nexus-storage-network
ports:
- "6641:6379"
volumes:
- /data/nexus3/track/operational:/var/lib/falkordb/data
depends_on:
track-vault:
condition: service_healthy
command: redis-server --loadmodule /var/lib/falkordb/bin/falkordb.so
# Repeat pattern for each environment...
Replication Init Service
Add a one-shot service to configure replication after containers start:
replication-init:
image: redis:alpine
container_name: nexus3-replication-init
networks:
- nexus-storage-network
depends_on:
- track-vault
- track-operational
- context-vault
- context-operational
# ... all standard environments
entrypoint: /bin/sh
command: |
-c '
sleep 5
# Track replication
redis-cli -h nexus3-track-vault CONFIG SET requirepass $TRACK_VAULT_PASS
redis-cli -h nexus3-track-operational CONFIG SET masterauth $TRACK_VAULT_PASS
redis-cli -h nexus3-track-operational REPLICAOF nexus3-track-vault 6379
# Context replication
redis-cli -h nexus3-context-vault CONFIG SET requirepass $CONTEXT_VAULT_PASS
redis-cli -h nexus3-context-operational CONFIG SET masterauth $CONTEXT_VAULT_PASS
redis-cli -h nexus3-context-operational REPLICAOF nexus3-context-vault 6379
# Repeat for each standard environment...
echo "Replication configured"
'
environment:
- TRACK_VAULT_PASS=${TRACK_VAULT_PASS}
- CONTEXT_VAULT_PASS=${CONTEXT_VAULT_PASS}
restart: "no"
Environment Variables (.env file)
# Vault passwords - generated on first deploy
TRACK_VAULT_PASS=yeaeoW
CONTEXT_VAULT_PASS=abc123
SESSION_VAULT_PASS=def456
# ... etc
Deployment Workflow
New Server Setup
- Install Docker & Docker Compose
curl -fsSL https://get.docker.com | sh
sudo apt install docker-compose-plugin
- Clone Nexus deployment repo
git clone https://github.com/corlera/nexus-deploy.git /opt/nexus
- Generate passwords
cd /opt/nexus
./scripts/generate-passwords.sh > .env
- Create data directories
./scripts/init-directories.sh
- Start all services
docker-compose up -d
- Verify replication
./scripts/verify-replication.sh
Modular Deployment
Not every customer needs all environments. Use compose profiles:
services:
track-vault:
profiles: ["core", "full"]
# ...
transcript-vault:
profiles: ["media", "full"]
# ...
kb-vault:
profiles: ["knowledge", "full"]
# ...
Deploy with specific profile:
docker-compose --profile core up -d # Just essentials
docker-compose --profile full up -d # Everything
Core vs Optional Environments
Core (Always Deployed)
- User (authentication)
- Locker (credentials)
- Session (work tracking)
- Workflow (AI protocols)
- Track (projects/tasks)
Optional Modules
- Knowledge: KB, Context
- Media: Transcript, Corpus, Voice
- CRM: Contact, Links
- Storage: Documents, CDN, Archive
- Collaboration: Assignment (multi-tenant)
Backup & Restore
Data lives in /data/nexus3/{env}/. Backup strategy:
# Backup all data
tar -czf nexus-backup-$(date +%Y%m%d).tar.gz /data/nexus3/
# Restore
tar -xzf nexus-backup-20260103.tar.gz -C /
docker-compose restart
Updating Nexus
cd /opt/nexus
git pull
docker-compose pull # Get latest FalkorDB
docker-compose up -d --force-recreate