services: mysql: image: mysql:8.0 container_name: membership_mysql restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: ${DATABASE_PASSWORD:-rootpassword} MYSQL_DATABASE: ${DATABASE_NAME:-membership_db} MYSQL_USER: ${DATABASE_USER:-membership_user} MYSQL_PASSWORD: ${DATABASE_PASSWORD:-change_this_password} # No external port exposure - database only accessible on private network expose: - "3306" volumes: - mysql_data:/var/lib/mysql - ./database/init.sql:/docker-entrypoint-initdb.d/init.sql:ro networks: - membership_private healthcheck: test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] start_period: 10s interval: 5s timeout: 5s retries: 10 backend: build: context: ./backend dockerfile: Dockerfile container_name: membership_backend restart: unless-stopped env_file: - .env ports: - "6000:8000" # Only expose backend API to host volumes: - ./backend/app:/app/app - uploads_data:/app/uploads depends_on: mysql: condition: service_healthy networks: - membership_private # Access to database on private network frontend: build: context: ./frontend dockerfile: Dockerfile target: development container_name: membership_frontend restart: unless-stopped environment: - VITE_HOST_CHECK=false - VITE_ALLOWED_HOSTS=${VITE_ALLOWED_HOSTS} ports: - "8050:3000" # Expose frontend to host volumes: - ./frontend/src:/app/src - ./frontend/public:/app/public - ./frontend/vite.config.ts:/app/vite.config.ts depends_on: - backend networks: - membership_private #frontend-prod: # build: # context: ./frontend # dockerfile: Dockerfile # target: production # container_name: membership_frontend_prod # restart: unless-stopped # ports: # - "8050:80" # Nginx default port # depends_on: # - backend # networks: # - membership_private networks: membership_private: driver: bridge internal: false # Allow outbound internet access for backend # Database is not exposed to host - only accessible within this network volumes: mysql_data: uploads_data: