name: baron-sso-staging

services:
  backend:
      image: ${BACKEND_IMAGE_NAME}:${IMAGE_TAG}
      container_name: baron_backend
      restart: unless-stopped
      env_file:
        - .env
      environment:
        - DB_HOST=baron_postgres
        - IDP_PROVIDER=ory
        - OATHKEEPER_API_URL=http://oathkeeper:4456 
        - PROFILE_CACHE_TTL="${PROFILE_CACHE_TTL:-30m}"
        - ORGFRONT_ORGCHART_CACHE_TTL_SECONDS=${ORGFRONT_ORGCHART_CACHE_TTL_SECONDS:-3600}
        - SEED_TENANT_CSV_PATH=/app/seed-tenant.csv
      ports:
        - "${BACKEND_PORT:-3000}:3000"
      volumes:
        - ./adminfront/seed-tenant.csv:/app/seed-tenant.csv:ro
      depends_on:
        oathkeeper:
          condition: service_healthy
        infra_check:
          condition: service_started
      networks:
        - baron_net
        - ory-net
      healthcheck:
        test: ["CMD", "wget", "-qO-", "http://127.0.0.1:3000/health"]
        interval: 10s
        timeout: 5s
        retries: 10
        start_period: 60s

  adminfront:
    image: ${ADMINFRONT_IMAGE_NAME}:${IMAGE_TAG}
    container_name: baron_adminfront
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - APP_ENV=stage
      - API_PROXY_TARGET=http://baron_backend:3000
    ports:
      - "${ADMINFRONT_PORT:-5173}:5173"
    networks:
      - baron_net

  devfront:
    image: ${DEVFRONT_IMAGE_NAME}:${IMAGE_TAG}
    container_name: baron_devfront
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - APP_ENV=stage
      - API_PROXY_TARGET=http://baron_backend:3000
    ports:
      - "${DEVFRONT_PORT:-5174}:5173"
    networks:
      - baron_net

  orgfront:
    image: ${ORGFRONT_IMAGE_NAME}:${IMAGE_TAG}
    container_name: baron_orgfront
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - APP_ENV=stage
      - API_PROXY_TARGET=http://baron_backend:3000
    ports:
      - "${ORGFRONT_PORT:-5175}:5175"
    networks:
      - baron_net

  userfront:
    image: ${USERFRONT_IMAGE_NAME}:${IMAGE_TAG}
    container_name: baron_userfront
    restart: unless-stopped
    env_file:
      - .env
    environment:
      - BACKEND_URL=${BACKEND_URL:-}
      - USERFRONT_URL=${USERFRONT_URL}
      - APP_ENV=stage
    networks:
      - baron_net
      - ory-net
    depends_on:
      backend:
        condition: service_healthy
    command: >
      /bin/sh -c "echo \"[userfront-runtime] BACKEND_URL configured: $${BACKEND_URL:+yes}\" &&
                  echo \"[userfront-runtime] USERFRONT_URL configured: $${USERFRONT_URL:+yes}\" &&
                  echo \"[userfront-runtime] APP_ENV=$${APP_ENV:-stage}\" &&
                  nginx -g 'daemon off;'"
    healthcheck:
      test: ["CMD", "wget", "-qO-", "http://127.0.0.1:5000/"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

  infra_check:
    image: alpine
    command: ["echo", "Infrastructure assumed running"]
    networks:
      - baron_net

  promtail:
    image: grafana/promtail:2.9.0
    container_name: baron_promtail
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /var/lib/docker/containers:/var/lib/docker/containers:ro
      - ./docker/promtail-config.template.yaml:/etc/promtail/promtail-config.yaml:ro
    command: -config.file=/etc/promtail/promtail-config.yaml -config.expand-env=true
    environment:
      - LOKI_URL=${LOKI_URL:-http://loki:3100/loki/api/v1/push}
    networks:
      - baron_net

  blackbox-exporter:
    image: prom/blackbox-exporter:v0.25.0
    container_name: baron_blackbox_exporter
    restart: unless-stopped
    ports:
      - "9115:9115"
    volumes:
      - ./docker/monitor/blackbox.yml:/etc/blackbox_exporter/config.yml:ro
    networks:
      - baron_net
      - ory-net

networks:
  baron_net:
    external: true
    name: baron_net
  ory-net:
    external: true
    name: ory-net
  public_net:
    external: true
    name: public_net