version: '3.8'

services:
  webapp:
    image: tsa-chapter-organizer:latest
    container_name: tsa-app
    ports:
      - "8080:8080"
      - "8081:8081"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - ASPNETCORE_URLS=https://+:8081;http://+:8080
      - ASPNETCORE_HTTPS_PORT=8081

      # Option 2: Environment Variables approach (uncomment to use)
      # - TSA_Authentication__Users__0__Email=admin@example.com
      # - TSA_Authentication__Users__0__PasswordHash=$2a$11$...
      # - TSA_Authentication__Users__0__Role=Administrator
      # - TSA_Authentication__Users__0__DisplayName=Administrator
      # - TSA_Authentication__Users__1__Email=advisor@example.com
      # - TSA_Authentication__Users__1__PasswordHash=$2a$11$...
      # - TSA_Authentication__Users__1__Role=Advisor
      # - TSA_Authentication__Users__1__DisplayName=Chapter Advisor

    volumes:
      # Option 1: Volume-mounted secrets file (recommended for easy editing)
      - ./auth-secrets.json:/app/secrets/auth-secrets.json:ro

      # Database persistence
      - ./data:/app/data

      # HTTPS certificate (if needed)
      # - ./certs:/https:ro

    restart: unless-stopped

    # Uncomment if using HTTPS with certificate
    # environment:
    #   - ASPNETCORE_Kestrel__Certificates__Default__Password=your-cert-password
    #   - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx