services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
    image: linumiq-invoice:latest
    container_name: linumiq-invoice
    restart: unless-stopped
    env_file:
      - .env.production
    environment:
      # SQLite file lives on a named volume so it survives image rebuilds.
      DATABASE_URL: "file:/data/prod.sqlite"
      NODE_ENV: production
      PORT: "3000"
    volumes:
      - invoice-data:/data
    # Bind to loopback only — Caddy on the host terminates TLS and reverse-proxies.
    ports:
      - "127.0.0.1:3000:3000"
    healthcheck:
      test: ["CMD", "wget", "-qO-", "http://127.0.0.1:3000/healthz", "||", "exit", "0"]
      interval: 30s
      timeout: 5s
      retries: 3

volumes:
  invoice-data: