networks:
  web:
    external: true

volumes:
  static_volume:

services:
  web:
    image: nginx:alpine
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=web"
      # Routeur HTTP (port 80) pour la redirection vers HTTPS
      - "traefik.http.routers.web-http.rule=${TRAEFIK_HOST_RULE}"
      - "traefik.http.routers.web-http.entrypoints=web"
      - "traefik.http.routers.web-http.middlewares=redirect-to-https"

      # Middleware de redirection
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

      # Routeur HTTPS
      - "traefik.http.routers.web.rule=${TRAEFIK_HOST_RULE}"
      - "traefik.http.routers.web.entrypoints=websecure"
      - "traefik.http.routers.web.tls.certresolver=le"

      # Port du container cible (le port d'écoute de Nginx à l’intérieur du conteneur)
      - "traefik.http.services.web.loadbalancer.server.port=80"
    volumes:
      - ./nginx/default.nginx:/etc/nginx/nginx.conf:ro
      - static_volume:/static:ro
      - ./app/media:/media:ro
    depends_on:
      - app

  app:
    build:
      context: ./app
      dockerfile: "Dockerfile"
      args:
        puid: ${USER_ID}
        pgid: ${GROUP_ID}
        debug: ${DEBUG:-false}
    restart: unless-stopped
    healthcheck:
      test: [ "CMD", "curl", "-f", "http://127.0.0.1:8000/health/" ]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 10s
    env_file:
      - .env
    volumes:
      - ./media:/app/media
      - static_volume:/app/static_collected
      - /app/frontend/node_modules
    command: >
      sh -c "python manage.py migrate --noinput &&
             hypercorn app.asgi:application -c hypercorn.toml"