From 8d6f4a4c525af67e5e1b6a611ee75705194daf9b Mon Sep 17 00:00:00 2001
From: Egor Pozharov <pozharov@joom-contractors.com>
Date: Tue, 14 Apr 2026 18:25:47 +0600
Subject: [PATCH] update docker deploy config

---
 .env.production.example | 12 ++++++++
 docker-compose.prod.yml | 61 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+)
 create mode 100644 .env.production.example
 create mode 100644 docker-compose.prod.yml

diff --git a/.env.production.example b/.env.production.example
new file mode 100644
index 0000000..686f178
--- /dev/null
+++ b/.env.production.example
@@ -0,0 +1,12 @@
+# Database
+POSTGRES_USER=delivery_user
+POSTGRES_PASSWORD=your_secure_password_here
+POSTGRES_DB=delivery_tracker
+
+# JWT
+JWT_SECRET=your_random_jwt_secret_min_32_chars
+
+# Gitea Registry credentials for Watchtower
+GITEA_REGISTRY=gitea.your-domain.com/yourusername
+GITEA_USER=your_gitea_username
+GITEA_TOKEN=your_gitea_token_or_password
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
new file mode 100644
index 0000000..25d139d
--- /dev/null
+++ b/docker-compose.prod.yml
@@ -0,0 +1,61 @@
+services:
+  postgres:
+    image: postgres:16-alpine
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+      POSTGRES_DB: ${POSTGRES_DB}
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+    networks:
+      - delivery-network
+
+  backend:
+    image: ${GITEA_REGISTRY}/delivery-tracker/backend:latest
+    environment:
+      DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?sslmode=disable
+      JWT_SECRET: ${JWT_SECRET}
+    # Нет expose - backend доступен только внутри сети delivery-network
+    depends_on:
+      postgres:
+        condition: service_healthy
+    restart: unless-stopped
+    networks:
+      - delivery-network
+
+  frontend:
+    image: ${GITEA_REGISTRY}/delivery-tracker/frontend:latest
+    expose:
+      - "80"
+    depends_on:
+      - backend
+    restart: unless-stopped
+    networks:
+      - delivery-network
+
+  watchtower:
+    image: containrrr/watchtower
+    environment:
+      - WATCHTOWER_CLEANUP=true
+      - WATCHTOWER_POLL_INTERVAL=60
+      - WATCHTOWER_INCLUDE_STOPPED=true
+      - WATCHTOWER_REVIVE_STOPPED=false
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /root/.docker/config.json:/config.json
+    command: backend frontend --interval 60
+    networks:
+      - delivery-network
+
+volumes:
+  postgres_data:
+
+networks:
+  delivery-network:
+    driver: bridge