dragonsstash/docker-compose.yml

services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
    pull_policy: never
    ports:
      - "${APP_PORT:-3000}:${APP_PORT:-3000}"
    environment:
      - DATABASE_URL=postgresql://${POSTGRES_USER:-dragons}:${POSTGRES_PASSWORD:-stash}@db:5432/${POSTGRES_DB:-dragonsstash}
      - AUTH_SECRET=${AUTH_SECRET:?Set AUTH_SECRET in .env}
      - AUTH_TRUST_HOST=true
      - AUTH_GITHUB_ID=${AUTH_GITHUB_ID:-}
      - AUTH_GITHUB_SECRET=${AUTH_GITHUB_SECRET:-}
      - NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
      - TELEGRAM_API_KEY=${TELEGRAM_API_KEY:-}
      - BOT_TOKEN=${BOT_TOKEN:-}
      - BOT_USERNAME=${BOT_USERNAME:-}
      - LOG_LEVEL=${LOG_LEVEL:-info}
      - WORKER_INTERVAL_MINUTES=${WORKER_INTERVAL_MINUTES:-60}
      - PORT=${APP_PORT:-3000}
    depends_on:
      db:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "wget -q --spider http://localhost:$$PORT/api/health || exit 1"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 60s
    volumes:
      - manual_uploads:/data/uploads
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 512M
    networks:
      - frontend

  worker:
    build:
      context: .
      dockerfile: worker/Dockerfile
    pull_policy: never
    environment:
      - DATABASE_URL=postgresql://${POSTGRES_USER:-dragons}:${POSTGRES_PASSWORD:-stash}@db:5432/${POSTGRES_DB:-dragonsstash}
      - TELEGRAM_API_ID=${TELEGRAM_API_ID:-}
      - TELEGRAM_API_HASH=${TELEGRAM_API_HASH:-}
      - WORKER_INTERVAL_MINUTES=${WORKER_INTERVAL_MINUTES:-60}
      - WORKER_TEMP_DIR=/tmp/zips
      - TDLIB_STATE_DIR=/data/tdlib
      - WORKER_MAX_ZIP_SIZE_MB=${WORKER_MAX_ZIP_SIZE_MB:-4096}
      - MULTIPART_TIMEOUT_HOURS=${MULTIPART_TIMEOUT_HOURS:-0}
      - LOG_LEVEL=${LOG_LEVEL:-info}
    volumes:
      - tdlib_state:/data/tdlib
      - tmp_zips:/tmp/zips
      - manual_uploads:/data/uploads
    depends_on:
      db:
        condition: service_healthy
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 1G
        reservations:
          memory: 256M
    networks:
      - backend

  bot:
    profiles: ["bot", "full"]
    build:
      context: .
      dockerfile: bot/Dockerfile
    pull_policy: never
    environment:
      - DATABASE_URL=postgresql://${POSTGRES_USER:-dragons}:${POSTGRES_PASSWORD:-stash}@db:5432/${POSTGRES_DB:-dragonsstash}
      - BOT_TOKEN=${BOT_TOKEN:-}
      - TELEGRAM_API_ID=${TELEGRAM_API_ID:-}
      - TELEGRAM_API_HASH=${TELEGRAM_API_HASH:-}
      - LOG_LEVEL=${LOG_LEVEL:-info}
    volumes:
      - tdlib_bot_state:/data/tdlib
    depends_on:
      db:
        condition: service_healthy
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 128M
    networks:
      - backend

  db:
    image: postgres:16-alpine
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-dragons}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-stash}
      POSTGRES_DB: ${POSTGRES_DB:-dragonsstash}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-dragons} -d ${POSTGRES_DB:-dragonsstash}"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 1G
    networks:
      - frontend
      - backend

volumes:
  postgres_data:
  tdlib_state:
  tdlib_bot_state:
  tmp_zips:
  manual_uploads:

networks:
  frontend:
  backend: