services:
  postgres:
    image: postgres:16
    container_name: toir-postgres
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-postgres}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
      POSTGRES_DB: ${POSTGRES_DB:-toir}
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "pg_isready -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-toir}",
        ]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 10s
    ports:
      - "${POSTGRES_PORT:-5432}:5432"
    volumes:
      - postgres-data:/var/lib/postgresql/data
    networks:
      - app

  server:
    build:
      context: ./server
      dockerfile: Dockerfile
    container_name: toir-server
    restart: unless-stopped
    depends_on:
      postgres:
        condition: service_healthy
    environment:
      PORT: 3000
      DATABASE_URL: postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:-postgres}@postgres:5432/${POSTGRES_DB:-toir}
      CORS_ALLOWED_ORIGINS: ${CORS_ALLOWED_ORIGINS:-https://toir.example.ru}
      KEYCLOAK_ISSUER_URL: ${KEYCLOAK_ISSUER_URL}
      KEYCLOAK_AUDIENCE: ${KEYCLOAK_AUDIENCE}
      KEYCLOAK_JWKS_URL: ${KEYCLOAK_JWKS_URL:-}
    expose:
      - "3000"
    networks:
      - app
      - proxy

  client:
    build:
      context: ./client
      dockerfile: Dockerfile
      args:
        VITE_API_URL: ${VITE_API_URL:-/api}
        VITE_KEYCLOAK_URL: ${VITE_KEYCLOAK_URL}
        VITE_KEYCLOAK_REALM: ${VITE_KEYCLOAK_REALM}
        VITE_KEYCLOAK_CLIENT_ID: ${VITE_KEYCLOAK_CLIENT_ID}
    container_name: toir-client
    restart: unless-stopped
    depends_on:
      - server
    expose:
      - "80"
    networks:
      - app
      - proxy

volumes:
  postgres-data:

networks:
  app:
    driver: bridge
  proxy:
    external: true