# Paste this service block into /home/justin/zerto-docs-rag/deploy/docker-compose.yml # on 192.168.0.2 (the MetaMCP host), alongside zerto-docs-mcp. It joins the # same `mcp` Docker network so MetaMCP can reach it by container DNS name. # # Required env vars (set in the same .env that already powers the rest of the # MetaMCP stack): # AG_BIDS_API_KEY — copy from ag-monitor's .env (BRIEF_API_KEY) # AG_BIDS_MCP_USER — username MetaMCP will send in Basic auth # AG_BIDS_MCP_PASS — password MetaMCP will send in Basic auth ag-bids-mcp: container_name: ag-bids-mcp image: git.jpaul.io/justin/ag-bids-mcp:latest pull_policy: always restart: unless-stopped environment: MCP_TRANSPORT: streamable-http MCP_HOST: 0.0.0.0 MCP_PORT: "8000" # Behind a Docker DNS name, FastMCP's localhost-only rebinding-protection # would 421 every call from MetaMCP. Disable it; the mcp network is private. MCP_DISABLE_DNS_REBINDING_PROTECTION: "1" # --- upstream ag-monitor (Cloudflare Tunnel from .0.126) --- AG_BIDS_API_URL: https://agbids.paul.farm AG_BIDS_API_KEY: ${AG_BIDS_API_KEY} AG_BIDS_API_TIMEOUT_SECS: "20" # --- HTTP Basic auth in front of this MCP --- AG_BIDS_MCP_USER: ${AG_BIDS_MCP_USER} AG_BIDS_MCP_PASS: ${AG_BIDS_MCP_PASS} # --- per-tool-call JSONL usage log --- USAGE_LOG_DIR: /app/var/logs USAGE_LOG_KEEP_DAYS: "90" volumes: # Survive container recreates (Watchtower rolls this every ~5 min). - ./ag-bids-mcp-logs:/app/var/logs networks: [mcp] labels: com.centurylinklabs.watchtower.enable: "true"