Aegis/docker-compose.prod.yml

# =============================================================================
# Aegis - Production Docker Compose
# =============================================================================
#
# Usage:
#   docker-compose -f docker-compose.prod.yml up -d --build
#
# Note: Set environment variables in .env file or via environment
# =============================================================================

services:
  # ── PostgreSQL Database ────────────────────────────────────────────────────
  postgres:
    image: postgres:15-alpine
    container_name: aegis-postgres
    environment:
      POSTGRES_USER: ${DB_USER:-postgres}
      POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres}
      POSTGRES_DB: ${DB_NAME:-attackdb}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-postgres} -d ${DB_NAME:-attackdb}"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: always
    networks:
      - aegis-network

  # ── MinIO Object Storage ───────────────────────────────────────────────────
  minio:
    image: minio/minio:latest
    container_name: aegis-minio
    command: server /data --console-address ":9001"
    environment:
      MINIO_ROOT_USER: ${MINIO_ACCESS_KEY:-minioadmin}
      MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY:-minioadmin}
    volumes:
      - minio_data:/data
    healthcheck:
      test: ["CMD", "mc", "ready", "local"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: always
    networks:
      - aegis-network

  # ── FastAPI Backend ────────────────────────────────────────────────────────
  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    container_name: aegis-backend
    environment:
      DATABASE_URL: postgresql://${DB_USER:-postgres}:${DB_PASSWORD:-postgres}@postgres:5432/${DB_NAME:-attackdb}
      SECRET_KEY: ${SECRET_KEY:?Set SECRET_KEY in environment}
      ALGORITHM: HS256
      ACCESS_TOKEN_EXPIRE_MINUTES: ${TOKEN_EXPIRE_MINUTES:-60}
      MINIO_ENDPOINT: minio:9000
      MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY:-minioadmin}
      MINIO_SECRET_KEY: ${MINIO_SECRET_KEY:-minioadmin}
      MINIO_BUCKET: ${MINIO_BUCKET:-evidence}
      MINIO_SECURE: ${MINIO_SECURE:-false}
      CORS_ORIGINS: ${CORS_ORIGINS:-}
      AEGIS_ENV: ${AEGIS_ENV:-production}
      ADMIN_USERNAME: ${ADMIN_USERNAME:-admin}
      ADMIN_PASSWORD: ${ADMIN_PASSWORD:-}
    depends_on:
      postgres:
        condition: service_healthy
      minio:
        condition: service_started
    command: sh /app/entrypoint.prod.sh
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: always
    networks:
      - aegis-network

  # ── React Frontend (Production with Nginx) ─────────────────────────────────
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      target: production
    container_name: aegis-frontend
    ports:
      - "${FRONTEND_PORT:-80}:80"
    depends_on:
      - backend
    restart: always
    networks:
      - aegis-network

# ── Networks ─────────────────────────────────────────────────────────────────
networks:
  aegis-network:
    driver: bridge

# ── Volumes ──────────────────────────────────────────────────────────────────
volumes:
  postgres_data:
    name: aegis_postgres_data_prod
  minio_data:
    name: aegis_minio_data_prod