# Production docker-compose with Nginx

version: '3.8'

services:

  postgres_db:
    image: postgres:17
    container_name: postgres_db
    env_file: .env
    volumes:
      - pgdata:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    networks:
      - backend
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped

  pgadmin:
    image: dpage/pgadmin4
    container_name: pgadmin
    env_file: .env
    depends_on:
      postgres_db:
        condition: service_healthy
    environment:
      PGADMIN_DEFAULT_EMAIL: ${PGADMIN_DEFAULT_EMAIL}
      PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_DEFAULT_PASSWORD}
    networks:
      - backend
    volumes:
      - pgadmin:/var/lib/pgadmin
    restart: unless-stopped

  web:
    build: .
    container_name: django_app
    env_file: .env
    restart: unless-stopped
    volumes:
      - static_volume:/app/smartsoltech/staticfiles
      - media_volume:/app/smartsoltech/media
    expose:
      - "8000"
    depends_on:
      postgres_db:
        condition: service_healthy
    networks:
      - backend
    healthcheck:
      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000').read()"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s

  bot:
    build: .
    container_name: telegram_bot
    command: sh -c "./wait-for-it.sh postgres_db:5432 -- python smartsoltech/manage.py start_telegram_bot"
    restart: unless-stopped
    env_file:
      - .env
    depends_on:
      web:
        condition: service_healthy
    networks:
      - backend

  nginx:
    image: nginx:alpine
    container_name: nginx
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
      - static_volume:/app/smartsoltech/staticfiles:ro
      - media_volume:/app/smartsoltech/media:ro
      - ./certbot/conf:/etc/letsencrypt:ro
      - ./certbot/www:/var/www/certbot:ro
    depends_on:
      web:
        condition: service_healthy
    networks:
      - backend

  certbot:
    image: certbot/certbot
    container_name: certbot
    volumes:
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

  zabbix-agent:
    image: zabbix/zabbix-agent:latest
    container_name: zabbix_agent
    env_file: .env
    environment:
      ZBX_SERVER_HOST: ${ZBX_SERVER_HOST}
    volumes:
      - /proc:/host/proc
      - /sys:/host/sys
      - /etc:/host/etc
    privileged: true
    networks:
      - backend
    restart: unless-stopped

volumes:
  pgdata:
  pgadmin:
  static_volume:
  media_volume:

networks:
  backend:
    driver: bridge