# Production stack for hamkadr.ir — used by the Gitea deploy job (docker compose -f docker-compose.prod.yml).
# nginx (on the host) terminates TLS for hamkadr.ir and reverse-proxies to 127.0.0.1:${APP_PORT}.
name: hamkadr   # pinned so redeploys reuse the same named volume (never creates orphaned data)

services:
  db:
    image: mirror.soroushasadi.com/postgres:16-alpine
    container_name: hamkadr-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - hamkadr_db_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 5s
      timeout: 5s
      retries: 20
    # NOTE: no `ports:` — Postgres is reachable only by the app on the internal network.

  app:
    build:
      context: .
      dockerfile: Dockerfile
    image: hamkadr-app:latest
    container_name: hamkadr-app
    restart: unless-stopped
    env_file: .env
    depends_on:
      db:
        condition: service_healthy
    ports:
      - "127.0.0.1:${APP_PORT}:8080"   # localhost-only; nginx proxies hamkadr.ir → here

volumes:
  hamkadr_db_data:
    name: hamkadr_db_data