services:
  #mysql:
  #  image: mysql:8.0
  #  container_name: membership_mysql
  #  restart: unless-stopped
  #  environment:
  #    MYSQL_ROOT_PASSWORD: ${DATABASE_PASSWORD:-secure_root_password_change_this}
  #    MYSQL_DATABASE: ${DATABASE_NAME:-membership_db}
  #    MYSQL_USER: ${DATABASE_USER:-membership_user}
  #    MYSQL_PASSWORD: ${DATABASE_PASSWORD:-secure_password_change_this}
  #  # No external port exposure - database only accessible on private network
  #  expose:
  #    - "3306"
  #  volumes:
  #    - mysql_data:/var/lib/mysql
  #  healthcheck:
  #    test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
  #    start_period: 10s
  #    interval: 5s
  #    timeout: 5s
  #    retries: 10

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    restart: unless-stopped
    env_file:
      - .env
    environment:
      # Database configuration
      - DATABASE_HOST=${DATABASE_HOST}
      - DATABASE_PORT=${DATABASE_PORT}
      - DATABASE_USER=${DATABASE_USER}
      - DATABASE_PASSWORD=${DATABASE_PASSWORD}
      - DATABASE_NAME=${DATABASE_NAME}
      # Application configuration
      - SECRET_KEY=${SECRET_KEY}
      - ALGORITHM=${ALGORITHM}
      - ACCESS_TOKEN_EXPIRE_MINUTES=${ACCESS_TOKEN_EXPIRE_MINUTES}
    extra_hosts:
      - "host.docker.internal:host-gateway"
    expose:
      - "8000"
    volumes:
      - ./backend/app:/app/app
      - ./backend/alembic:/app/alembic
      - ./backend/alembic.ini:/app/alembic.ini
      - uploads_data:/app/uploads
    command: >
      sh -c "alembic upgrade head && uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload"
    # depends_on:
    #   mysql:
    #     condition: service_healthy

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      target: development
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - VITE_ALLOWED_HOSTS=${VITE_ALLOWED_HOSTS}
    expose:
      - "3000"
    volumes:
      - ./frontend/src:/app/src
      - ./frontend/public:/app/public
      - ./frontend/vite.config.ts:/app/vite.config.ts
      - ./frontend/index.html:/app/index.html
    depends_on:
      - backend

  gateway:
    build:
      context: ./docker/gateway
      dockerfile: Dockerfile
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - DEV_CERT_CN=${DEV_CERT_CN:-localhost}
      - DEV_CERT_SANS=${DEV_CERT_SANS:-DNS:localhost,IP:127.0.0.1,IP:::1}
    ports:
      - "${APP_PORT:-8050}:80"
      - "${APP_TLS_PORT:-8443}:443"
    volumes:
      - ./docker/gateway/nginx.dev.conf:/etc/nginx/conf.d/default.conf:ro
      - gateway_certs:/etc/nginx/certs
    depends_on:
      - backend
      - frontend

  frontend-prod:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      target: production
    restart: unless-stopped
    ports:
      - "${APP_PORT:-8050}:80"  # Nginx default port
    depends_on:
      - backend
    profiles:
      - prod

volumes:
  # mysql_data:
  uploads_data:
  gateway_certs: