version: "3.7"

services:
  app:
    build:
      context: .
      args:
        - add_proxy=1
    environment:
      - "REDIS_URL=redis://redis:6379"
      - "SESSION_SECRET=replace with random"
      - "USERINFO_HEADER=X-Userinfo-Token"
      - "AUTH_PROXY_URL=http://proxy:3000/oauth"
      - "NO_PROXY=redis:6379"
    depends_on:
      - redis
    networks:
      - backend
  redis:
    image: redis
    command: redis-server --appendonly yes
    volumes:
      - ./tmp/redis-data:/data
    networks:
      - backend
  proxy:
    image: docker-registry.biotronik.int/web/auth-proxy
    depends_on:
      - app
      - redis
    environment:
      - "PROXY_USERINFO_SECRET=3d513168-c92d-4f57-8c78-8fb2efad8a34"
      - "PROXY_TARGET_URI=http://app:3000"
      - "HOST=0.0.0.0"
      - "COOKIE_SECRET=05e8cc4b-f95f-4a70-b4a1-b22ce295348d"
      - "WELLKNOWN_CONFIG_URI=https://nodejs1-2.biotronik.int/auth/realms/CoE-BS/.well-known/openid-configuration"
      - "CLIENT_ID=demo"
      - "CLIENT_SECRET=fb49b346-c515-4680-adb1-beee0bd5b66e"
      - "CLIENT_SCOPE=openid email profile roles groups"
      - "NODE_ENV=debug"
      - "SSL_VERIFY=false"
      - "EXT_RESOURCE_URI=http://localhost"
      - "REDIS_URL=redis://redis:6379"
      - "NO_PROXY=redis:6379"
    networks:
      - backend
      - frontend
  nginx:
    image: nginx:alpine
    depends_on:
      - proxy
    volumes:
      - ./tmp/default-external.conf:/etc/nginx/conf.d/default.conf
    ports:
      - 80:80
    networks:
      - frontend

networks:
  backend:
  frontend: