services: backend: build: context: . dockerfile: backend/Dockerfile networks: - inventory_net ports: - ${BACKEND_PORT:-8000}:8000 env_file: - ./config/network_config.env volumes: - ./data:/app/data - ./logs:/app/logs - ./scripts:/app/scripts:ro environment: - DATA_DIR=/app/data - LOGS_DIR=/app/logs - ALLOWED_ORIGINS=http://localhost:${FRONTEND_PORT:-3001},https://localhost:${FRONTEND_SSL_PORT:-3003},http://${SERVER_IP:-localhost}:${FRONTEND_PORT:-3001},https://${SERVER_IP:-localhost}:${FRONTEND_SSL_PORT:-3003},https://localhost:${BACKEND_SSL_PORT:-3002},https://${SERVER_IP:-localhost}:${BACKEND_SSL_PORT:-3002} # [C-01] JWT secret key — GENERATE A SECURE VALUE FOR PRODUCTION! - JWT_SECRET_KEY=${JWT_SECRET_KEY:-change_me_in_production} restart: unless-stopped frontend: build: context: ./frontend networks: - inventory_net ports: - ${FRONTEND_PORT:-3000}:3000 env_file: - ./config/network_config.env volumes: - ./logs:/app/logs # Write Next.js logs to both stdout (docker logs) and file (mapped volume) command: sh -c "mkdir -p /app/logs && node server.js 2>&1 | tee -a /app/logs/frontend.log" restart: unless-stopped proxy: image: caddy:alpine networks: - inventory_net ports: - ${BACKEND_SSL_PORT:-3002}:${BACKEND_SSL_PORT:-3002} - ${FRONTEND_SSL_PORT:-3003}:${FRONTEND_SSL_PORT:-3003} env_file: - ./config/network_config.env volumes: - ./config/Caddyfile:/etc/caddy/Caddyfile # Persist the internal Caddy certificates so users don't get new certificate warnings constantly - ./data/caddy_data:/data - ./data/caddy_config:/config depends_on: - frontend - backend restart: unless-stopped networks: inventory_net: driver: bridge