version: '3.8'

services:
  # Backend API service
  backend:
    build: 
      context: ./backend
      dockerfile: Dockerfile.prod
    container_name: solarbank-backend-prod
    restart: unless-stopped
    env_file:
      - .env.prod
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
    networks:
      - solarbank-network

  # Frontend service
  frontend:
    build: 
      context: ./frontend
      dockerfile: Dockerfile.prod
    container_name: solarbank-frontend-prod
    restart: unless-stopped
    env_file:
      - .env.prod
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:80"]
      interval: 30s
      timeout: 10s
      retries: 3
    networks:
      - solarbank-network

  # Database service
  db:
    image: postgres:14-alpine
    container_name: solarbank-db-prod
    restart: unless-stopped
    volumes:
      - postgres_data:/var/lib/postgresql/data/
      - ./backups:/backups
    env_file:
      - .env.prod
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 10s
      timeout: 5s
      retries: 5
    networks:
      - solarbank-network

  # Redis for caching and job queuing
  redis:
    image: redis:alpine
    container_name: solarbank-redis-prod
    restart: unless-stopped
    volumes:
      - redis_data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 3
    networks:
      - solarbank-network

  # Nginx reverse proxy
  nginx:
    build: 
      context: ./nginx
      dockerfile: Dockerfile.prod
    container_name: solarbank-nginx-prod
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/conf:/etc/nginx/conf.d
      - ./nginx/certbot/conf:/etc/letsencrypt
      - ./nginx/certbot/www:/var/www/certbot
      - nginx_logs:/var/log/nginx
    depends_on:
      - backend
      - frontend
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:80/health"]
      interval: 30s
      timeout: 10s
      retries: 3
    networks:
      - solarbank-network

  # Certbot for SSL certificates
  certbot:
    image: certbot/certbot
    container_name: solarbank-certbot-prod
    volumes:
      - ./nginx/certbot/conf:/etc/letsencrypt
      - ./nginx/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

volumes:
  postgres_data:
  redis_data:
  nginx_logs:

networks:
  solarbank-network:
    driver: bridge