update docker configs

docker-compose.example.yml

@@ -1,4 +1,5 @@
-# docker-compose.yml
+# docker-compose.yml - Example configuration for KohakuHub
+# Copy this to docker-compose.yml and customize for your deployment
 
 services:
   hub-ui:
@@ -6,47 +7,64 @@ services:
     container_name: hub-ui
     restart: always
     ports:
-      - "28080:80" # Expose Web UI on host port 28080
+      - "28080:80" # Public web interface
     volumes:
-      - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html # Mount the built main frontend assets
-      - ./src/kohaku-hub-admin/dist:/usr/share/nginx/html-admin # Mount the built admin frontend assets
-      - ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf # Mount the Nginx configuration
+      - ./src/kohaku-hub-ui/dist:/usr/share/nginx/html
+      - ./src/kohaku-hub-admin/dist:/usr/share/nginx/html-admin
+      - ./docker/nginx/default.conf:/etc/nginx/conf.d/default.conf
     depends_on:
       - hub-api
 
   hub-api:
-    build: . # Build the image from the Dockerfile in the current directory
+    build: .
     container_name: hub-api
     restart: always
     ports:
-      - "48888:48888" # Map host port to container port
+      - "48888:48888" # Internal API port (optional, for debugging)
     depends_on:
       - postgres
       - lakefs
       - minio
     environment:
-      ## S3 Configuration (linking to the 'minio' service)
-      - KOHAKU_HUB_S3_PUBLIC_ENDPOINT=http://127.0.0.1:29001
+      ## ===== CRITICAL: Endpoint Configuration (MUST CHANGE) =====
+      ## These determine how users access your KohakuHub instance
+      - KOHAKU_HUB_BASE_URL=http://127.0.0.1:28080 # Change to your public URL (e.g., https://hub.example.com)
+      - KOHAKU_HUB_S3_PUBLIC_ENDPOINT=http://127.0.0.1:29001 # Change to your S3 public URL
+
+      ## ===== CRITICAL: Security Configuration (MUST CHANGE) =====
+      - KOHAKU_HUB_SESSION_SECRET=change-this-to-random-string-in-production
+      - KOHAKU_HUB_ADMIN_SECRET_TOKEN=change-this-to-random-admin-token-in-production
+
+      ## ===== Performance Configuration =====  
+      - KOHAKU_HUB_WORKERS=4 # Number of worker processes (1-8, recommend: CPU cores)
+
+      ## ===== Database Configuration =====
+      - KOHAKU_HUB_DB_BACKEND=postgres
+      - KOHAKU_HUB_DATABASE_URL=postgresql://hub:hubpass@postgres:5432/kohakuhub
+
+      ## ===== S3 Storage Configuration =====
       - KOHAKU_HUB_S3_ENDPOINT=http://minio:9000
       - KOHAKU_HUB_S3_ACCESS_KEY=minioadmin
       - KOHAKU_HUB_S3_SECRET_KEY=minioadmin
       - KOHAKU_HUB_S3_BUCKET=hub-storage
-      ## LakeFS Configuration (linking to the 'lakefs' service)
-      # uncomment the following lines if you want to manually configure LakeFS
-      # by default the hub-api docker container will try to setup lakefs automatically
-      # -KOHAKU_HUB_LAKEFS_ACCESS_KEY=xxx
-      # -KOHAKU_HUB_LAKEFS_SECRET_KEY=xxx
+
+      ## ===== LakeFS Configuration =====
       - KOHAKU_HUB_LAKEFS_ENDPOINT=http://lakefs:28000
       - KOHAKU_HUB_LAKEFS_REPO_NAMESPACE=hf
-      ## Application Configuration
-      - KOHAKU_HUB_BASE_URL=http://127.0.0.1:28080 # Web UI will proxy requests to hub-api, we use hub-ui url here
-      - KOHAKU_HUB_DB_BACKEND=postgres
-      - KOHAKU_HUB_DATABASE_URL=postgresql://hub:hubpass@postgres:5432/kohakuhub # Linking to the 'postgres' service
+      # LakeFS credentials auto-generated on first start
+
+      ## ===== Application Configuration =====
+      - KOHAKU_HUB_SITE_NAME=KohakuHub
       - KOHAKU_HUB_LFS_THRESHOLD_BYTES=1000000
       - KOHAKU_HUB_LFS_KEEP_VERSIONS=5
       - KOHAKU_HUB_LFS_AUTO_GC=true
-      - KOHAKU_HUB_SITE_NAME=KohakuHub
-      ## SMTP Configuration (Email Verification - Optional)
+
+      ## ===== Auth & SMTP Configuration =====
+      - KOHAKU_HUB_REQUIRE_EMAIL_VERIFICATION=false
+      - KOHAKU_HUB_SESSION_EXPIRE_HOURS=168
+      - KOHAKU_HUB_TOKEN_EXPIRE_DAYS=365
+      - KOHAKU_HUB_ADMIN_ENABLED=true
+      # SMTP (Optional - for email verification)
       - KOHAKU_HUB_SMTP_ENABLED=false
       - KOHAKU_HUB_SMTP_HOST=smtp.gmail.com
       - KOHAKU_HUB_SMTP_PORT=587
@@ -54,26 +72,12 @@ services:
       - KOHAKU_HUB_SMTP_PASSWORD=
       - KOHAKU_HUB_SMTP_FROM=noreply@kohakuhub.local
       - KOHAKU_HUB_SMTP_TLS=true
-      ## Auth Configuration
-      - KOHAKU_HUB_REQUIRE_EMAIL_VERIFICATION=false
-      - KOHAKU_HUB_SESSION_SECRET=change-this-to-random-string-in-production
-      - KOHAKU_HUB_SESSION_EXPIRE_HOURS=168
-      - KOHAKU_HUB_TOKEN_EXPIRE_DAYS=365
-      ## Admin API Configuration
-      - KOHAKU_HUB_ADMIN_ENABLED=true
-      - KOHAKU_HUB_ADMIN_SECRET_TOKEN=change-this-to-random-admin-token-in-production
-      # ## Storage Quota Configuration (NULL/unlimited = no limit)
-      # # Default quotas for new users
-      # - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=unlimited  # Unlimited private storage for users
-      # - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=unlimited   # Unlimited public storage for users
-      # # Default quotas for new organizations
-      # - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=unlimited   # Unlimited private storage for orgs
-      # - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=unlimited    # Unlimited public storage for orgs
-      # # Examples (uncomment and modify as needed):
-      - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=10_000_000     # 10MB for user private repos
-      - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=100_000_000      # 20MB for user public repos
-      - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=10_000_000      # 10MB for org private repos
-      - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=100_000_000      # 100MB for org public repos
+
+      ## ===== Storage Quota Configuration (Optional) =====
+      - KOHAKU_HUB_DEFAULT_USER_PRIVATE_QUOTA_BYTES=10_000_000
+      - KOHAKU_HUB_DEFAULT_USER_PUBLIC_QUOTA_BYTES=100_000_000
+      - KOHAKU_HUB_DEFAULT_ORG_PRIVATE_QUOTA_BYTES=10_000_000
+      - KOHAKU_HUB_DEFAULT_ORG_PUBLIC_QUOTA_BYTES=100_000_000
     volumes:
       - ./hub-meta/hub-api:/hub-api-creds
 
@@ -99,15 +103,15 @@ services:
       - LAKEFS_DATABASE_LOCAL_PATH=/var/lakefs/data/metadata.db
       - LAKEFS_BLOCKSTORE_TYPE=s3
       - LAKEFS_BLOCKSTORE_S3_ENDPOINT=http://minio:9000
-      - LAKEFS_BLOCKSTORE_S3_FORCE_PATH_STYLE=true  # Use path-style for non-AWS S3
+      - LAKEFS_BLOCKSTORE_S3_FORCE_PATH_STYLE=true
       - LAKEFS_BLOCKSTORE_S3_CREDENTIALS_ACCESS_KEY_ID=minioadmin
       - LAKEFS_BLOCKSTORE_S3_CREDENTIALS_SECRET_ACCESS_KEY=minioadmin
-      - LAKEFS_AUTH_ENCRYPT_SECRET_KEY=a_very_secret_key_change_me # IMPORTANT: Change this key
+      - LAKEFS_AUTH_ENCRYPT_SECRET_KEY=change-me-in-production
       - LAKEFS_LOGGING_FORMAT=text
       - LAKEFS_LISTEN_ADDRESS=0.0.0.0:28000
     ports:
-      - "28000:28000"   # lakeFS Web + API
-    user: "${UID}:${GID}" # May be crucial for permissions
+      - "28000:28000"   # LakeFS admin UI (optional)
+    user: "${UID}:${GID}"
     depends_on:
       - minio
     volumes:
@@ -123,10 +127,10 @@ services:
       - POSTGRES_PASSWORD=hubpass
       - POSTGRES_DB=kohakuhub
     ports:
-      - "25432:5432"
+      - "25432:5432" # Optional: for external access
     volumes:
       - ./hub-meta/postgres-data:/var/lib/postgresql/data
 
 networks:
   default:
-    name: hub-net
+    name: hub-net

docker/startup.py

@@ -105,13 +105,15 @@ def main():
             os.environ["KOHAKU_HUB_LAKEFS_ACCESS_KEY"] = access_key
             os.environ["KOHAKU_HUB_LAKEFS_SECRET_KEY"] = secret_key
 
-    print("[startup] Starting API server...")
+    # Get worker count from environment
+    workers = int(os.getenv("KOHAKU_HUB_WORKERS", "4"))
+    print(f"[startup] Starting API server with {workers} worker(s)...")
     subprocess.run(
         [
             "uvicorn",
             "kohakuhub.main:app",
             "--workers",
-            "4",
+            str(workers),
             "--host",
             "0.0.0.0",
             "--port",