version: '3.8'

# Job ID: MTAD-IMPL-2025-11-18-CL
# Deployment: nexus-vector (production)
# Spec: openspec/specs/architecture.md

services:
  postgres:
    image: postgres:15-alpine
    container_name: mtad-postgres
    restart: unless-stopped
    environment:
      POSTGRES_USER: admin
      POSTGRES_PASSWORD: ${DB_PASSWORD:-change-me-in-production}
      POSTGRES_DB: morethanadiagnosis
      POSTGRES_INITDB_ARGS: "-c shared_preload_libraries=pg_stat_statements"
    volumes:
      - postgres_data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    networks:
      - mtad-network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U admin -d morethanadiagnosis"]
      interval: 10s
      timeout: 5s
      retries: 5

  redis:
    image: redis:7-alpine
    container_name: mtad-redis
    restart: unless-stopped
    ports:
      - "6379:6379"
    volumes:
      - redis_data:/data
    networks:
      - mtad-network
    command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD:-change-me-in-production}
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5

  api:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: mtad-api
    restart: unless-stopped
    environment:
      ENV: production
      DEBUG: "false"
      DATABASE_URL: postgresql://admin:${DB_PASSWORD:-change-me-in-production}@postgres:5432/morethanadiagnosis
      REDIS_URL: redis://:${REDIS_PASSWORD:-change-me-in-production}@redis:6379/0
      SECRET_KEY: ${SECRET_KEY:-change-me-in-production}
      CORS_ORIGINS: '["https://morethanadiagnosis.com", "http://localhost:3000"]'
      LOG_LEVEL: INFO
    ports:
      - "8000:8000"
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
    networks:
      - mtad-network
    volumes:
      - ./app:/app/app:ro
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s

  frontend:
    build:
      context: ../web
      dockerfile: Dockerfile
    container_name: mtad-web
    restart: unless-stopped
    expose:
      - "3000"
    networks:
      - mtad-network
    depends_on:
      - api
    environment:
      NEXT_PUBLIC_API_BASE_URL: http://api:8000/api/v1

  nginx:
    image: nginx:alpine
    container_name: mtad-nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
      - ./certbot/conf:/etc/letsencrypt:ro
      - ../web/out:/usr/share/nginx/html:ro
    networks:
      - mtad-network
    depends_on:
      - api
    healthcheck:
      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost/health"]
      interval: 30s
      timeout: 10s
      retries: 3

networks:
  mtad-network:
    driver: bridge

volumes:
  postgres_data:
    driver: local
  redis_data:
    driver: local