services:
  haproxy:
    image: public.ecr.aws/medic/cht-haproxy:5.1.0-10357-fix-debug-logs-v2
    restart: always
    hostname: haproxy
    environment:
      - "HAPROXY_IP=${HAPROXY_IP:-haproxy}"
      - "COUCHDB_USER=${COUCHDB_USER:-admin}"
      - "COUCHDB_PASSWORD=${COUCHDB_PASSWORD}"
      - "COUCHDB_SERVERS=${COUCHDB_SERVERS:-couchdb}"
      - "HAPROXY_PORT=${HAPROXY_PORT:-5984}"
      - "HEALTHCHECK_ADDR=${HEALTHCHECK_ADDR:-healthcheck}"
      - "DOCKER_DNS_RESOLVER=true"
    logging:
      driver: "local"
      options:
        max-size: "${LOG_MAX_SIZE:-50m}"
        max-file: "${LOG_MAX_FILES:-20}"
    networks:
       - cht-net
    deploy:
      resources:
        limits:
          memory: 1G
    expose:
      - ${HAPROXY_PORT:-5984}

  api:
    image: public.ecr.aws/medic/cht-api:5.1.0-10357-fix-debug-logs-v2
    restart: always
    depends_on:
      - haproxy
    expose:
      - "${API_PORT:-5988}"
    environment:
      - COUCH_URL=http://${COUCHDB_USER:-admin}:${COUCHDB_PASSWORD:?COUCHDB_PASSWORD must be set}@haproxy:${HAPROXY_PORT:-5984}/medic
      - BUILDS_URL=${MARKET_URL_READ:-https://staging.dev.medicmobile.org}/${BUILDS_SERVER:-_couch/builds_4}
      - UPGRADE_SERVICE_URL=${UPGRADE_SERVICE_URL:-http://localhost:5100}
    logging:
      driver: "local"
      options:
        max-size: "${LOG_MAX_SIZE:-50m}"
        max-file: "${LOG_MAX_FILES:-20}"
    networks:
      - cht-net

  sentinel:
    image: public.ecr.aws/medic/cht-sentinel:5.1.0-10357-fix-debug-logs-v2
    restart: always
    depends_on:
      - haproxy
    environment:
      - COUCH_URL=http://${COUCHDB_USER:-admin}:${COUCHDB_PASSWORD}@haproxy:${HAPROXY_PORT:-5984}/medic
      - API_HOST=api
    logging:
      driver: "local"
      options:
        max-size: "${LOG_MAX_SIZE:-50m}"
        max-file: "${LOG_MAX_FILES:-20}"
    networks:
      - cht-net

  nginx:
    image: public.ecr.aws/medic/cht-nginx:5.1.0-10357-fix-debug-logs-v2
    restart: always
    depends_on:
      - api
      - haproxy
    ports:
      - "${NGINX_HTTP_PORT:-80}:80"
      - "${NGINX_HTTPS_PORT:-443}:443"
    volumes:
      - cht-ssl:${SSL_VOLUME_MOUNT_PATH:-/etc/nginx/private/}
    environment:
      - API_HOST=api
      - API_PORT=${API_PORT:-5988}
      - "CERTIFICATE_MODE=${CERTIFICATE_MODE:-SELF_SIGNED}"
      - "SSL_CERT_FILE_PATH=${SSL_CERT_FILE_PATH:-/etc/nginx/private/cert.pem}"
      - "SSL_KEY_FILE_PATH=${SSL_KEY_FILE_PATH:-/etc/nginx/private/key.pem}"
      - "COMMON_NAME=${COMMON_NAME:-test-nginx.dev.medicmobile.org}"
      - "EMAIL=${EMAIL:-domains@medic.org}"
      - "COUNTRY=${COUNTRY:-US}"
      - "STATE=${STATE:-California}"
      - "LOCALITY=${LOCALITY:-San_Francisco}"
      - "ORGANISATION=${ORGANISATION:-medic}"
      - "DEPARTMENT=${DEPARTMENT:-Information_Security}"
    logging:
      driver: "local"
      options:
        max-size: "${LOG_MAX_SIZE:-50m}"
        max-file: "${LOG_MAX_FILES:-20}"
    networks:
      - cht-net

networks:
  cht-net:
    name: ${CHT_NETWORK:-cht-net}

volumes:
  cht-ssl: