services:
  app:
    image: niayesh-hospital:latest
    container_name: hospital-app
    restart: unless-stopped
    expose:
      - "80"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:80"]  # Use curl (now installed) for reliable check; -f fails on non-200
      interval: 30s
      timeout: 10s
      retries: 3
    logging:
      driver: json-file
      options:
        max-size: 10m
  nginx:
    image: jonasal/nginx-certbot:latest
    container_name: hospital-nginx
    restart: unless-stopped
    ports:
      - 4200:80
      # Optional: Add for HTTPS - "4201:443" (or standard 443 if you change ports)
    environment:
      - CERTBOT_EMAIL=test@test.com
      - ENVSUBST_TEMPLATE_SUFFIX=.tmpl
      - CERTBOT_DISABLED=true  # Set to false to enable auto-SSL (requires domain pointing to port 80)
    volumes:
      - ./nginx_user_conf.d:/etc/nginx/user_conf.d:ro
      - letsencrypt:/etc/letsencrypt
      # Adjust these cert paths to your server's actual location
      - /home/devroot/HIS/certs/fullchain.pem:/etc/nginx/ssl/origin_cert.pem:ro
      - /home/devroot/HIS/certs/prvkey.pem:/etc/nginx/ssl/origin_key.key:ro
    depends_on:
      app:
        condition: service_healthy
    logging:
      driver: json-file
      options:
        max-size: 10m
networks:
  default:
    driver: bridge
volumes:
  letsencrypt: