services:
  claude-tracker:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: claude-tracker-api
    restart: unless-stopped
    environment:
      - DATABASE_URL=sqlite+aiosqlite:////app/data/tracker.db
      - DEBUG=true
      - PYTHONPATH=/app
    volumes:
      - ./data:/app/data
      - ./app/dashboard/static:/app/app/dashboard/static:ro
    networks:
      - caddy
    labels:
      # Caddy reverse proxy configuration
      caddy: ${DOMAIN:-claude.l.supported.systems}
      caddy.reverse_proxy: "{{upstreams 8000}}"
      
      # Security and CORS headers for API
#      caddy.header./api/*: |
#        X-Content-Type-Options nosniff
#        X-Frame-Options DENY
#        X-XSS-Protection "1; mode=block"
#        Referrer-Policy strict-origin-when-cross-origin
#        Access-Control-Allow-Origin *
#        Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
#        Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With"
      
    ports:
      - "8000:8000"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 30s
    deploy:
      resources:
        limits:
          cpus: '1.0'
          memory: 512M
        reservations:
          cpus: '0.25'
          memory: 128M


networks:
  caddy:
    external: true
    name: caddy