meldestelle/dc-infra.yaml

name: "${PROJECT_NAME:-meldestelle}"

services:
  # ==========================================
  # 1. INFRASTRUCTURE (Stateful & Core)
  # ==========================================

  # --- DATABASE: PostgreSQL ---
  postgres:
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/postgres:${POSTGRES_IMAGE:-postgres:16-alpine}"
    container_name: "${PROJECT_NAME:-meldestelle}-postgres"
    # OPTIMIERUNG: Automatischer Neustart bei System-Reboot
    restart: unless-stopped
    ports:
      - "${POSTGRES_PORT:-5432:5432}"
    environment:
      POSTGRES_USER: "${POSTGRES_USER:-pg-user}"
      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:-pg-password}"
      POSTGRES_DB: "${POSTGRES_DB:-pg-meldestelle-db}"
    volumes:
      - "postgres-data:/var/lib/postgresql/data"
      - "./config/docker/postgres:/docker-entrypoint-initdb.d:Z"
      - "./config/docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:Z"
    profiles: [ "infra", "all" ]
    # OPTIMIERUNG: Dynamische Speicherzuweisung via .env Overrides
    command:
      - "postgres"
      - "-c"
      - "config_file=/etc/postgresql/postgresql.conf"
      - "-c"
      - "shared_buffers=${POSTGRES_SHARED_BUFFERS:-256MB}"
      - "-c"
      - "effective_cache_size=${POSTGRES_EFFECTIVE_CACHE_SIZE:-768MB}"
    healthcheck:
      test: [ "CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}" ]
      # OPTIMIERUNG: Höheres Intervall (10s), um Zora im Normalbetrieb zu entlasten
      interval: "10s"
      timeout: "5s"
      retries: "5"
      start_period: "5s"
    networks:
      meldestelle-network:
        aliases:
          - "postgres"

  # --- CACHE: Valkey (formerly Redis) ---
  valkey:
    # Valkey 9.0 (User Request)
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/valkey:${VALKEY_IMAGE:-valkey/valkey:9-alpine}"
    container_name: "${PROJECT_NAME:-meldestelle}-valkey"
    restart: unless-stopped
    ports:
      - "${VALKEY_PORT:-6379:6379}"
    volumes:
      - "valkey-data:/data"
      # Wir nutzen weiterhin die valkey.conf, da Valkey kompatibel ist
      - "./config/docker/valkey/valkey.conf:/etc/valkey/valkey.conf:Z"
    profiles: [ "infra", "all" ]
    # Anpassung der Binaries auf valkey-server und valkey-cli
    # command: [ "sh", "-lc", "exec valkey-server /etc/valkey/valkey.conf --protected-mode no ${VALKEY_PASSWORD:+--requirepass $VALKEY_PASSWORD}" ]
    command:
      - "sh"
      - "-lc"
      - |
        exec valkey-server /etc/valkey/valkey.conf \
        --protected-mode no \
        --maxmemory ${VALKEY_MAXMEMORY:-256mb} \
        --maxmemory-policy ${VALKEY_POLICY:-allkeys-lru} \
        ${VALKEY_PASSWORD:+--requirepass $VALKEY_PASSWORD}        
    healthcheck:
      test: [ "CMD-SHELL", "[ -z \"$VALKEY_PASSWORD\" ] && valkey-cli ping | grep PONG || valkey-cli -a \"$VALKEY_PASSWORD\" ping | grep PONG" ]
      interval: "5s"
      timeout: "5s"
      retries: "3"
    networks:
      meldestelle-network:
        aliases:
          - "valkey"

  # --- IAM: Keycloak (DEBUG MODE) ---
  keycloak:
    # Wir nutzen jetzt dein optimiertes Image statt des Standard-Images
    build:
      context: .
      dockerfile: config/docker/keycloak/Dockerfile
      args:
        KEYCLOAK_IMAGE_TAG: "${KEYCLOAK_IMAGE_TAG:-26.4}"
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/keycloak:${KEYCLOAK_IMAGE_TAG:-26.4}"
    container_name: "${PROJECT_NAME:-meldestelle}-keycloak"
    restart: unless-stopped # Wichtig für Zora!
    environment:
      KC_BOOTSTRAP_ADMIN_USERNAME: "${KC_ADMIN_USERNAME:-kc-admin}"
      KC_BOOTSTRAP_ADMIN_PASSWORD: "${KC_ADMIN_PASSWORD:-kc-password}"
      KC_DB: "${KC_DB:-postgres}"
      KC_DB_SCHEMA: "${KC_DB_SCHEMA:-keycloak}"
      # SSoT: DB-URL dynamisch halten
      KC_DB_URL: "jdbc:postgresql://postgres:5432/${POSTGRES_DB:-meldestelle}"
      KC_DB_USERNAME: "${POSTGRES_USER:-meldestelle}"
      KC_DB_PASSWORD: "${POSTGRES_PASSWORD:-meldestelle}"
      KC_HOSTNAME: "${KC_HOSTNAME:-localhost}"
      KC_HTTP_ENABLED: "true"
      KC_PROXY_HEADERS: "xforwarded"
      KC_HEALTH_ENABLED: "true"
      KC_METRICS_ENABLED: "true"
      # OPTIMIERUNG: Java Heap Einstellungen
      JAVA_OPTS_APPEND: "-Xms${KC_HEAP_MIN:-512m} -Xmx${KC_HEAP_MAX:-1024m}"
    ports:
      - "${KC_PORT:-8180:8080}"
    depends_on:
      postgres:
        condition: "service_healthy"
    volumes:
      - "./config/docker/keycloak:/opt/keycloak/data/import:Z"
    # DYNAMISCH: start-dev für Dev, start für Zora
    command: "${KC_COMMAND:-start-dev --import-realm}"
    networks:
      meldestelle-network:
        aliases:
          - "keycloak"
    profiles: [ "infra", "all" ]

  # --- SERVICE DISCOVERY: Consul ---
  consul:
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/consul:${CONSUL_IMAGE:-hashicorp/consul:1.22.1}"
    container_name: "${PROJECT_NAME:-meldestelle}-consul"
    restart: unless-stopped
    ports:
      - "${CONSUL_PORT:-8500:8500}"
      - "${CONSUL_UDP_PORT:-8600:8600/udp}"
    command: "agent -server -bootstrap-expect=1 -ui -client=0.0.0.0"
    healthcheck:
      test: [ "CMD", "curl", "-f", "http://localhost:8500/v1/status/leader" ]
      interval: "30s"
    networks:
      meldestelle-network:
        aliases:
          - "consul"
    profiles: [ "infra", "all" ]

  # --- TRACING: Zipkin ---
  zipkin:
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/zipkin:${ZIPKIN_IMAGE:-openzipkin/zipkin:3}"
    container_name: "${PROJECT_NAME:-meldestelle}-zipkin"
    restart: unless-stopped # Geändert für Zora
    environment:
      # OPTIMIERUNG: Speicherbegrenzung für Zora (Zipkin ist Java)
      JAVA_OPTS: "-Xms${ZIPKIN_HEAP:-256m} -Xmx${ZIPKIN_HEAP:-512m}"
    ports:
      - "${ZIPKIN_PORT:-9411:9411}"
    profiles: [ "ops", "all" ] # Geändert auf 'ops', um es optionaler zu machen
    networks:
      meldestelle-network:

  # --- EMAIL TESTING: Mailpit ---
  mailpit:
    image: "${DOCKER_REGISTRY:-git.mo-code.at/Mocode-Software}/mailpit:${MAILPIT_IMAGE:-axllent/mailpit:v1.29}"
    container_name: "${PROJECT_NAME:-meldestelle}-mailpit"
    restart: unless-stopped # Geändert für Zora
    ports:
      - "${MAILPIT_WEB_PORT:-8025:8025}" # Web UI
      - "${MAILPIT_SMTP_PORT:-1025:1025}" # SMTP Port
    profiles: [ "dev-tools", "all" ] # Auf 'dev-tools' verschoben
    networks:
      meldestelle-network:

volumes:
  postgres-data:
  valkey-data:
  mailpit-data:

networks:
  meldestelle-network:
    driver: bridge