services:
  postgres:
    image: postgres:16-alpine
    container_name: ecosplay-auth-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: keycloak
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - keycloak-net
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U keycloak"]
      interval: 10s
      timeout: 5s
      retries: 5

  keycloak:
    image: quay.io/keycloak/keycloak:26.0
    container_name: ecosplay-auth-keycloak
    restart: unless-stopped
    command: ["start", "--import-realm"]
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: keycloak
      KC_HOSTNAME: https://auth.e-cosplay.fr
      KC_HTTP_ENABLED: "true"
      KC_PROXY_HEADERS: xforwarded
      KC_HEALTH_ENABLED: "true"
      KC_METRICS_ENABLED: "true"
      KC_BOOTSTRAP_ADMIN_USERNAME: admin
      KC_BOOTSTRAP_ADMIN_PASSWORD: admin
    ports:
      - "127.0.0.1:9450:8080"
    volumes:
      - ./themes/ecosplay:/opt/keycloak/themes/ecosplay:ro
      - ./realms:/opt/keycloak/data/import:ro
    healthcheck:
      test: ["CMD-SHELL", "exec 3<>/dev/tcp/localhost/9000 && printf 'GET /health/ready HTTP/1.0\\r\\nHost: localhost\\r\\n\\r\\n' >&3 && grep -q UP <&3"]
      interval: 10s
      timeout: 5s
      retries: 30
      start_period: 120s
    depends_on:
      postgres:
        condition: service_healthy
    networks:
      - keycloak-net

  keycloak-init:
    image: quay.io/keycloak/keycloak:26.0
    container_name: ecosplay-auth-init
    depends_on:
      keycloak:
        condition: service_healthy
    environment:
      KC_SERVER: http://keycloak:8080
      KC_ADMIN: admin
      KC_ADMIN_PASSWORD: admin
      SMTP_HOST: email-smtp.eu-west-3.amazonaws.com
      SMTP_PORT: "587"
      SMTP_FROM: auth@e-cosplay.fr
      SMTP_FROM_DISPLAY_NAME: E-Cosplay
      SMTP_USER: AKIAWTT2T22CWBRBBDYN
      SMTP_PASSWORD: BBdgb6KxRQ8mNcpWFJsZCJxbSGNdgLhKFiITMErfBlQP
      LOGIN_THEME: ecosplay
      ECOSPLAY_GROUPS: "gp_asso gp_contest gp_mail gp_mailling gp_member gp_ndd gp_sign gp_ticket super_admin_asso superadmin"
      ADMIN_USER_USERNAME: jovann@siteconseil.fr
      ADMIN_USER_PASSWORD: Shoko1997@
      ADMIN_USER_FIRSTNAME: jovann
      ADMIN_USER_LASTNAME: Serreau
    volumes:
      - ./init/sync.sh:/opt/init/sync.sh:ro
    entrypoint: ["/bin/bash", "/opt/init/sync.sh"]
    networks:
      - keycloak-net
    restart: "no"

volumes:
  postgres_data:

networks:
  keycloak-net:
    driver: bridge