# =============================================================================
# PatchMon Docker Compose - Production
# =============================================================================
# Before starting, copy env.example to .env and fill in your values:
#
#   cp env.example .env
#
# Then start PatchMon:
#
#   docker compose up -d
#
# See the PatchMon documentation for full configuration details.
# =============================================================================

name: patchmon

services:
  database:
    image: postgres:17-alpine
    restart: unless-stopped
    environment:
      POSTGRES_DB: patchmon_db
      POSTGRES_USER: patchmon_user
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - patchmon-internal
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U patchmon_user -d patchmon_db"]
      interval: 3s
      timeout: 5s
      retries: 7
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  redis:
    image: redis:7-alpine
    restart: unless-stopped
    # Simple Redis configuration - no memory limits to prevent OOM errors
    # If you need memory limits, set maxmemory-policy to 'allkeys-lru' instead of 'noeviction'
    # to allow eviction rather than rejecting commands
    # Debug logging: Use --loglevel debug for maximum verbosity, or --loglevel verbose for less output
    command: redis-server --requirepass ${REDIS_PASSWORD} --loglevel debug
    volumes:
      - redis_data:/data
    networks:
      - patchmon-internal
    healthcheck:
      test: ["CMD", "redis-cli", "--no-auth-warning", "-a", "${REDIS_PASSWORD}", "ping"]
      interval: 3s
      timeout: 5s
      retries: 7
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  backend:
    image: ghcr.io/patchmon/patchmon-backend:latest
    restart: unless-stopped
    env_file: .env
    environment:
      # Internal Docker wiring - do not change
      DATABASE_URL: postgresql://patchmon_user:${POSTGRES_PASSWORD}@database:5432/patchmon_db
      REDIS_HOST: redis
      REDIS_PORT: 6379
      REDIS_PASSWORD: ${REDIS_PASSWORD}
      REDIS_DB: 0
      ASSETS_DIR: /app/assets
    volumes:
      - agent_files:/app/agents
      - branding_assets:/app/assets
    networks:
      - patchmon-internal
    depends_on:
      database:
        condition: service_healthy
      redis:
        condition: service_healthy
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  frontend:
    image: ghcr.io/patchmon/patchmon-frontend:latest
    restart: unless-stopped
    ports:
      - "3000:3000"
    volumes:
      - branding_assets:/usr/share/nginx/html/assets
    networks:
      - patchmon-internal
    depends_on:
      backend:
        condition: service_healthy
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

volumes:
  postgres_data:
  redis_data:
  agent_files:
  branding_assets:

networks:
  patchmon-internal:
    driver: bridge