# Production Docker Compose für Stargirlnails Kiel
# Mit Nginx Reverse Proxy und Let's Encrypt SSL-Zertifikaten

version: '3.8'

services:
  # Hauptanwendung
  stargirlnails:
    build: .
    container_name: stargirlnails-app
    env_file:
      - .env
    environment:
      - NODE_ENV=production
    restart: unless-stopped
    volumes:
      - ./.storage:/app/.storage
    networks:
      - stargirlnails-network
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
    depends_on:
      - nginx

  # Nginx Reverse Proxy
  nginx:
    image: nginx:alpine
    container_name: stargirlnails-nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./nginx/conf.d:/etc/nginx/conf.d:ro
      - certbot-certs:/etc/letsencrypt:ro
      - certbot-webroot:/var/www/certbot:ro
    networks:
      - stargirlnails-network
    depends_on:
      - stargirlnails
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"

  # Certbot für SSL-Zertifikate
  certbot:
    image: certbot/certbot
    container_name: stargirlnails-certbot
    restart: "no"
    volumes:
      - certbot-certs:/etc/letsencrypt
      - certbot-webroot:/var/www/certbot
    networks:
      - stargirlnails-network
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

# Volumes für persistente Daten
volumes:
  certbot-certs:
    driver: local
  certbot-webroot:
    driver: local

# Netzwerk für interne Kommunikation
networks:
  stargirlnails-network:
    driver: bridge