INSIGHT-MVP/docker-compose.crm.yml

# ============================================================
# INSIGHT CRM-Service - Docker Compose Override
# ============================================================
# Start: docker compose -f docker-compose.yml -f docker-compose.crm.yml up -d
# Nur CRM: docker compose -f docker-compose.yml -f docker-compose.crm.yml up -d crm

services:
  crm:
    build:
      context: ./packages/crm-service
      dockerfile: Dockerfile
      target: development
    container_name: insight-crm
    restart: unless-stopped
    environment:
      - NODE_ENV=${NODE_ENV:-development}
      - APP_PORT=3100
      # PgBouncer (transaction mode) strips search_path, so CRM uses direct postgres for queries
      - DATABASE_URL=postgresql://${DB_USER:-insight}:${DB_PASSWORD}@postgres:5432/${DB_NAME:-platform_core}?schema=app_crm
      - DATABASE_URL_DIRECT=postgresql://${DB_USER:-insight}:${DB_PASSWORD}@postgres:5432/${DB_NAME:-platform_core}?schema=app_crm
      - REDIS_HOST=redis
      - REDIS_PORT=6379
      - REDIS_PASSWORD=${REDIS_PASSWORD:-}
      - JWT_PUBLIC_KEY_PATH=/app/keys/jwt-public.pem
      - JWT_ISSUER=${JWT_ISSUER:-insight-platform}
      - CORS_ORIGINS=${CORS_ORIGINS:-http://172.20.10.59}
      # Core-Service URL fuer interne Kommunikation (M365 Token)
      - CORE_SERVICE_URL=http://core:3000
      # Lexware Office Integration (optional)
      - LEXWARE_API_KEY=${LEXWARE_API_KEY:-}
      - LEXWARE_API_URL=${LEXWARE_API_URL:-https://api.lexware.io}
    volumes:
      - ./packages/crm-service:/app
      - /app/node_modules
      - ./.keys/jwt-public.pem:/app/keys/jwt-public.pem:ro
      - ./uploads:/app/uploads
    networks:
      - insight-web
      - insight-db
      - insight-cache
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.crm.rule=Host(`172.20.10.59`) && PathPrefix(`/api/v1/crm`)"
      - "traefik.http.routers.crm.priority=100"
      - "traefik.http.routers.crm.entrypoints=web"
      - "traefik.http.services.crm.loadbalancer.server.port=3100"
      - "traefik.http.routers.crm.middlewares=cors-api@file,security-headers@file"
      # HTTPS Router
      - "traefik.http.routers.crm-secure.rule=Host(`172.20.10.59`) && PathPrefix(`/api/v1/crm`)"
      - "traefik.http.routers.crm-secure.priority=100"
      - "traefik.http.routers.crm-secure.entrypoints=websecure"
      - "traefik.http.routers.crm-secure.tls=true"
      - "traefik.http.routers.crm-secure.service=crm"
      - "traefik.http.routers.crm-secure.middlewares=cors-api@file,security-headers@file"
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3100/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 15s
    depends_on:
      pgbouncer:
        condition: service_healthy
      redis:
        condition: service_healthy

networks:
  insight-web:
    external: true
  insight-db:
    external: true
  insight-cache:
    external: true