# Production compose stack for hamprint.
#
# What changed from the previous bind-mount / pip-at-runtime version:
#   - `web` is now BUILT from the Containerfile in this repo. Everything
#     (Python deps, the Tailwind CLI binary, the built CSS, collectstatic
#     output) bakes into the image; nothing is installed at container start.
#   - No host source bind-mount: the container ships its own /app. Code
#     changes require a `podman-compose up -d --build web`.
#   - `DJANGO_SETTINGS_MODULE=hamprint.settings.prod` (DEBUG off, secure
#     cookies, HSTS). DEBUG=True traffic should run from the host venv,
#     not from this stack.
#   - Uploaded STLs persist in a named `media` volume so they survive
#     `podman-compose down` / image rebuilds. Drop with `down -v`.
#
# Bring it up:        podman-compose up -d --build
# Rebuild only web:   podman-compose up -d --build web
# Logs:               podman-compose logs -f web
# Tear down:          podman-compose down       # keeps pgdata + media
#                     podman-compose down -v    # nukes both volumes too
#
# `.env` keys you'll want set (see `.env.example` for the full list):
#   SECRET_KEY            - long random string
#   ALLOWED_HOSTS         - e.g. "print.hamlab.lt,localhost"
#   SITE_URL              - e.g. "https://print.hamlab.lt"   (for emails)
#   POSTGRES_DB / _USER / _PASSWORD
#   MAILTRAP_API_TOKEN          (+ MAILTRAP_TEST_INBOX_ID for sandbox)
#   GOOGLE_CLIENT_ID / _SECRET (optional; only if Google sign-in is wanted)
#
# TLS termination is the upstream proxy's job -- the `web` container speaks
# plain HTTP on its mapped host port (default 8000).

services:
  db:
    image: docker.io/library/postgres:16
    restart: unless-stopped
    env_file: .env
    environment:
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - pgdata:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 5s
      timeout: 3s
      retries: 10

  web:
    build:
      context: .
      dockerfile: Containerfile
    restart: unless-stopped
    env_file: .env
    environment:
      DJANGO_SETTINGS_MODULE: hamprint.settings.prod
      DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB}
    ports:
      - "8000:8000"
    volumes:
      - media:/app/media
    depends_on:
      db:
        condition: service_healthy

volumes:
  pgdata:
  media: