Operations Guide
This guide covers deployment, configuration, and maintenance.
Configuration Reference (.env)
AuditorIA requires several environment variables for different components.
Docker & Database
| Variable | Description | Default |
|---|---|---|
POSTGRES_DB | Database Name | auditoria_db |
POSTGRES_USER | Database User | root |
POSTGRES_PASSWORD | Database Password | password |
TZ | Timezone | America/Argentina/Buenos_Aires |
MINIO_ROOT_USER | MinIO Admin User | minioadmin |
MINIO_ROOT_PASSWORD | MinIO Admin Password | minioadmin |
KEYCLOAK_ADMIN | Keycloak Admin User | admin |
KEYCLOAK_ADMIN_PASSWORD | Keycloak Admin Password | admin |
Backend
| Variable | Description | Default/Example |
|---|---|---|
DB_URL | Internal DB Connection String | postgresql://root:password@whisperx_postgres:5432/auditoria_db |
WHISPER_MODEL | AI Model Size | large-v3 |
DEFAULT_LANG | Default Transcription Lang | es |
HF_TOKEN | Hugging Face Token (Diarization) | hf_... |
OPENAI_API_KEY | OpenAI Key (Generative AI) | sk-... |
KEYCLOAK_SERVER_URL | Internal Keycloak URL | http://keycloak:8080 |
KEYCLOAK_REALM | Keycloak Realm | auditoria |
KEYCLOAK_CLIENT_ID | Keycloak Client Resource | Auditoria |
KEYCLOAK_CLIENT_SECRET | Client Secret | your_secret |
MINIO_URL | Internal MinIO URL | http://minio:9000 |
Frontend
| Variable | Description |
|---|---|
NEXT_PUBLIC_API_URL | Public API URL |
NEXT_PUBLIC_KEYCLOAK_URL | Public Keycloak URL |
NEXT_PUBLIC_KEYCLOAK_REALM | Public Realm Name |
NEXT_PUBLIC_KEYCLOAK_CLIENT_ID | Client ID |
NEXT_PUBLIC_POSTHOG_KEY | Analytics Key (Optional) |
GRAFANA_URL | Embed URL for Analytics |
Deployment Strategies
Docker Swarm / Kubernetes
We recommend using the provided docker-compose.yml as a base for Kubernetes manifests.
Ensure Persistence for:
/var/lib/postgresql/data(Postgres)/data(MinIO)
Reverse Proxy (Nginx)
In production, place Nginx in front of the services to handle SSL termination and path routing.
Troubleshooting
MinIO Connection Refused
- Symptom: Backend logs show
ConnectionRefusedErrorwhen uploading. - Cause: The container cannot reach
minio:9000. - Fix: Check that
auditoria_backendandminioare on the same Docker network. EnsureMINIO_URLis set tohttp://minio:9000(internal) and notlocalhost.
GPU Not Detected
- Symptom: Worker relies on CPU, transcription is slow.
- Fix: Ensure
nvidia-container-toolkitis installed on the host and theworkerservice hasdeploy: resources: reservations: devices: - driver: nvidiaconfigured.
Keycloak Loop / Duplicate Resource
- Symptom: Keycloak fails to start with "Duplicate resource" error.
- Cause: Conflict between
realm-export.jsonand Keycloak's default initialization of service accounts. - Fix:
- Stop services:
docker-compose down -v(Warning: Deletes data volume). - Set
serviceAccountsEnabled: falseinrealm-export.json. - Restart:
docker-compose up -d --build.
- Stop services:
Database Connection Failed
- Symptom: Backend loops waiting for database.
- Cause: Postgres container is unhealthy or waiting for initialization.
- Fix: Check
docker logs whisperx_postgres. Ensure thehealthcheckindocker-compose.ymlis passing.
Frontend 500 Error on Login
- Symptom: "Internal Server Error" after Keycloak redirect.
- Cause: Mismatch in
KEYCLOAK_CLIENT_SECRETbetween Frontend and Keycloak, or incorrectNEXT_PUBLIC_API_URL. - Fix: Verify secrets in
.envmatch the Keycloak Client Credentials.