# Produkční stack pro single-server deploy. # Na serveru: kopíruje se do /opt/ems-deploy/docker-compose.yml (viz deploy/deploy.sh). # Cesty ./app/* jsou relativní k adresáři, kde leží tento soubor po zkopírování (/opt/ems-deploy). # # Jen přes WireGuard: v .env nastav EMS_FRONTEND_BIND + EMS_PUBLIC_BASE; pro psql/DBeaver z druhého stroje # také EMS_DB_BIND (stejná wg0 IP jako u frontendu), jinak je Postgres jen na 127.0.0.1. services: db: image: timescale/timescaledb:2.26.1-pg18 restart: unless-stopped environment: POSTGRES_DB: ems POSTGRES_USER: ${DB_USER} POSTGRES_PASSWORD: ${DB_PASSWORD} volumes: - db_data:/var/lib/postgresql/data ports: - "${EMS_DB_BIND:-127.0.0.1}:5432:5432" healthcheck: test: ["CMD-SHELL", "pg_isready -U ${DB_USER} -d ems"] interval: 10s timeout: 5s retries: 5 flyway: image: flyway/flyway:12 depends_on: db: condition: service_healthy environment: FLYWAY_URL: jdbc:postgresql://db:5432/ems FLYWAY_USER: ${DB_USER} FLYWAY_PASSWORD: ${DB_PASSWORD} FLYWAY_SCHEMAS: ems FLYWAY_LOCATIONS: filesystem:/flyway/sql/migration,filesystem:/flyway/sql/routines,filesystem:/flyway/sql/views FLYWAY_BASELINE_ON_MIGRATE: "false" command: migrate volumes: - ./app/db/migration:/flyway/sql/migration - ./app/db/routines:/flyway/sql/routines - ./app/db/views:/flyway/sql/views postgrest: image: postgrest/postgrest:v12.2.3 restart: unless-stopped depends_on: db: condition: service_healthy flyway: condition: service_completed_successfully environment: PGRST_DB_URI: postgres://${DB_USER}:${DB_PASSWORD}@db:5432/ems PGRST_DB_SCHEMA: ems PGRST_DB_EXTRA_SEARCH_PATH: ems PGRST_DB_ANON_ROLE: ${POSTGREST_ANON_ROLE:-ems_anon} PGRST_JWT_SECRET: ${POSTGREST_JWT_SECRET} PGRST_SERVER_PORT: 3000 # Musí odpovídat URL, ze které klient volá /rest/ (typicky EMS_PUBLIC_BASE + /rest). PGRST_OPENAPI_SERVER_PROXY_URI: ${EMS_PUBLIC_BASE:-http://127.0.0.1:8080}/rest # Bez ports: PostgREST jen uvnitř sítě (frontend nginx → postgrest:3000). Host :3000 často koliduje. # Přímý přístup z hostu: odkomentuj např. "127.0.0.1:3001:3000" backend: build: context: ./app/backend restart: unless-stopped depends_on: db: condition: service_healthy flyway: condition: service_completed_successfully env_file: - .env command: ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"] environment: TZ: Europe/Prague DB_HOST: db DB_PORT: "5432" POSTGRES_HOST: db POSTGRES_PORT: "5432" DB_NAME: ems DB_USER: ${DB_USER} DB_PASSWORD: ${DB_PASSWORD} OTE_API_URL: ${OTE_API_URL:-https://www.ote-cr.cz/cs/kratkodobe-trhy/elektrina/denni-trh/@@chart-data} EUR_CZK_RATE: ${EUR_CZK_RATE:-25.0} OPEN_METEO_API_URL: ${OPEN_METEO_API_URL:-https://api.open-meteo.com/v1/forecast} TELEMETRY_POLL_INTERVAL_SEC: ${TELEMETRY_POLL_INTERVAL_SEC:-60} PLANNING_HORIZON_HOURS: ${PLANNING_HORIZON_HOURS:-36} PLANNING_HP_MAX_COST_CZK_KWH: ${PLANNING_HP_MAX_COST_CZK_KWH:-3.0} LOXONE_USER: ${LOXONE_USER:-} LOXONE_PASSWORD: ${LOXONE_PASSWORD:-} POSTGREST_JWT_SECRET: ${POSTGREST_JWT_SECRET} POSTGREST_ANON_ROLE: ${POSTGREST_ANON_ROLE:-ems_anon} ports: - "127.0.0.1:8000:8000" frontend: build: context: ./app/frontend restart: unless-stopped ports: - "${EMS_FRONTEND_BIND:-127.0.0.1}:8080:80" depends_on: - backend - postgrest volumes: db_data: driver: local networks: default: name: ems_net driver: bridge ipam: config: - subnet: 172.28.240.0/24 gateway: 172.28.240.1