# ===================================================================
# Docker Compose - Infrastructure Services
# Generated from docker/versions.toml
# Environment: development
# Generated: 2025-10-25 23:26:24 UTC
# ===================================================================

services:
  # ===================================================================
  # Database
  # ===================================================================
  postgres:
    image: postgres:${DOCKER_POSTGRES_VERSION:-16-alpine}
    container_name: meldestelle-postgres
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-meldestelle}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-meldestelle}
      POSTGRES_DB: ${POSTGRES_DB:-meldestelle}
    ports:
      - "5432:5432"
    volumes:
      - postgres-data:/var/lib/postgresql/data
      - ./docker/services/postgres:/docker-entrypoint-initdb.d
    networks:
      - meldestelle-network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U meldestelle -d meldestelle"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    restart: unless-stopped

  # ===================================================================
  # Cache
  # ===================================================================
  redis:
    image: redis:${DOCKER_REDIS_VERSION:-7-alpine}
    container_name: meldestelle-redis
    ports:
      - "${REDIS_PORT:-6379}:6379"
    volumes:
      - redis-data:/data
    command: redis-server --appendonly yes
    networks:
      - meldestelle-network
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    restart: unless-stopped

  # ===================================================================
  # Authentication
  # ===================================================================
  keycloak:
    image: quay.io/keycloak/keycloak:${DOCKER_KEYCLOAK_VERSION:-26.4.2}
    container_name: meldestelle-keycloak
    environment:
      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB:-meldestelle}
      KC_DB_USERNAME: ${POSTGRES_USER:-meldestelle}
      KC_DB_PASSWORD: ${POSTGRES_PASSWORD:-meldestelle}
    ports:
      - "8180:8080"
    depends_on:
      postgres:
        condition: service_healthy
    volumes:
      - ./docker/services/keycloak:/opt/keycloak/data/import
    command: start-dev --import-realm
    networks:
      - meldestelle-network
    healthcheck:
      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:8080/"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    restart: unless-stopped

  # ===================================================================
  # Monitoring
  # ===================================================================
  prometheus:
    image: prom/prometheus:${DOCKER_PROMETHEUS_VERSION:-v2.54.1}
    container_name: meldestelle-prometheus
    ports:
      - "${PROMETHEUS_PORT:-9090}:9090"
    volumes:
      - prometheus-data:/prometheus
      - ./docker/monitoring/prometheus:/etc/prometheus:ro
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--storage.tsdb.retention.time=200h'
      - '--web.enable-lifecycle'
    networks:
      - meldestelle-network
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9090/-/healthy"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    restart: unless-stopped

  grafana:
    image: grafana/grafana:${DOCKER_GRAFANA_VERSION:-11.3.0}
    container_name: meldestelle-grafana
    environment:
      GF_SECURITY_ADMIN_USER: ${GF_SECURITY_ADMIN_USER:-admin}
      GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD:-admin}
      GF_USERS_ALLOW_SIGN_UP: ${GF_USERS_ALLOW_SIGN_UP:-false}
      GF_INSTALL_PLUGINS: grafana-piechart-panel
    ports:
      - "${GRAFANA_PORT:-3000}:3000"
    volumes:
      - grafana-data:/var/lib/grafana
      - ./docker/monitoring/grafana:/etc/grafana/provisioning:ro
    depends_on:
      - prometheus
    networks:
      - meldestelle-network
    healthcheck:
      test: ["CMD", "curl", "--fail", "http://localhost:3000/api/health"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 40s
    restart: unless-stopped

# ===================================================================
# Volumes
# ===================================================================
volumes:
  postgres-data:
    driver: local
  redis-data:
    driver: local
  prometheus-data:
    driver: local
  grafana-data:
    driver: local

# ===================================================================
# Networks
# ===================================================================
networks:
  meldestelle-network:
    driver: bridge