first commit

Co-authored-by: Cursor <cursoragent@cursor.com>

docker-compose.yml

@@ -1,94 +0,0 @@
-services:
-  ssl-init:
-    image: alpine:3.20
-    container_name: shop-ssl-init
-    volumes:
-      - postgres_ssl:/certs
-      - ./postgres/ssl/generate-certs.sh:/generate-certs.sh:ro
-    entrypoint: ["/bin/sh", "-c", "apk add --no-cache openssl > /dev/null && sh /generate-certs.sh /certs"]
-    restart: "no"
-
-  postgres:
-    image: postgres:17-alpine
-    container_name: shop-postgres
-    depends_on:
-      ssl-init:
-        condition: service_completed_successfully
-    environment:
-      POSTGRES_USER: ${POSTGRES_USER:-shop}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-shop_secret}
-      POSTGRES_DB: ${POSTGRES_DB:-shopdb}
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-      - postgres_ssl:/var/lib/postgresql/ssl:ro
-      - ./postgres/init:/docker-entrypoint-initdb.d:ro
-    command:
-      - postgres
-      - -c
-      - ssl=on
-      - -c
-      - ssl_cert_file=/var/lib/postgresql/ssl/server.crt
-      - -c
-      - ssl_key_file=/var/lib/postgresql/ssl/server.key
-      - -c
-      - ssl_min_protocol_version=TLSv1.2
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
-      interval: 5s
-      timeout: 5s
-      retries: 10
-      start_period: 15s
-    networks:
-      - backend
-    restart: unless-stopped
-
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    container_name: shop-app
-    depends_on:
-      postgres:
-        condition: service_healthy
-    environment:
-      APP_PORT: "8080"
-      DATABASE_URL: postgres://${POSTGRES_USER:-shop}:${POSTGRES_PASSWORD:-shop_secret}@postgres:5432/${POSTGRES_DB:-shopdb}?sslmode=require
-      COOKIE_SECURE: ${COOKIE_SECURE:-false}
-    networks:
-      - backend
-      - frontend
-    restart: unless-stopped
-
-  traefik:
-    image: traefik:v3.2
-    container_name: shop-traefik
-    depends_on:
-      - app
-    command:
-      - --log.level=INFO
-      - --accesslog=true
-      - --providers.file.directory=/etc/traefik/dynamic
-      - --providers.file.watch=true
-      - --entrypoints.web.address=:80
-      - --entrypoints.websecure.address=:443
-      - --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL:-admin@localhost}
-      - --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
-      - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
-    ports:
-      - "${HTTP_PORT:-80}:80"
-      - "${HTTPS_PORT:-443}:443"
-    volumes:
-      - ./traefik/dynamic:/etc/traefik/dynamic:ro
-      - traefik_letsencrypt:/letsencrypt
-    networks:
-      - frontend
-    restart: unless-stopped
-
-volumes:
-  postgres_data:
-  postgres_ssl:
-  traefik_letsencrypt:
-
-networks:
-  backend:
-  frontend: