# Local Development Override # Usage: docker-compose -f docker-compose.base.yml -f docker-compose.local.yml up # # This file overrides base configuration with local development settings: # - Development ports (8888:80, 443:443, 5433:5432) # - Host-mounted volumes for live code editing # - Debug flags enabled (APP_DEBUG, Xdebug) # - Redis with password (Docker Secrets) # - Docker Secrets via *_FILE pattern (consistent with staging/production) # - Development-friendly restart policies services: web: container_name: web ports: - "8888:80" - "443:443" # HTTPS auf Standard-Port 443 für direkten Zugriff via https://localhost environment: - APP_ENV=${APP_ENV:-development} volumes: - ./:/var/www/html:${VOLUME_MODE:-cached} - ./ssl:/var/www/ssl:ro restart: ${RESTART_POLICY:-unless-stopped} # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local # Environment variables are loaded by EncryptedEnvLoader in the PHP application logging: driver: "${LOG_DRIVER:-local}" options: max-size: "${LOG_MAX_SIZE:-5m}" max-file: "${LOG_MAX_FILE:-2}" healthcheck: start_period: ${HEALTHCHECK_START_PERIOD:-10s} deploy: resources: limits: memory: ${WEB_MEMORY_LIMIT:-256M} cpus: ${WEB_CPU_LIMIT:-0.5} reservations: memory: ${WEB_MEMORY_RESERVATION:-128M} cpus: ${WEB_CPU_RESERVATION:-0.25} php: container_name: php # No user directive - container runs as root, entrypoint handles user switching # PHP-FPM needs to run as root to drop privileges properly volumes: # Host-Mounts für direkten Zugriff (Development-friendly) - ./:/var/www/html:${VOLUME_MODE:-cached} - ./storage/logs:/var/www/html/storage/logs:rw - ./storage/uploads:/var/www/html/storage/uploads:rw - ./storage/analytics:/var/www/html/storage/analytics:rw # Docker Socket für Docker-Management aus dem Container heraus - /var/run/docker.sock:/var/run/docker.sock:ro environment: - PHP_IDE_CONFIG=${PHP_IDE_CONFIG:-serverName=docker} - APP_ENV=${APP_ENV:-development} - APP_DEBUG=${APP_DEBUG:-true} - XDEBUG_MODE=${XDEBUG_MODE:-debug} # Database connection to external PostgreSQL Stack - DB_HOST=postgres # External PostgreSQL Stack service name # Use Docker Secrets via *_FILE pattern (Framework supports this automatically) - DB_PASSWORD_FILE=/run/secrets/db_user_password - REDIS_PASSWORD_FILE=/run/secrets/redis_password - APP_KEY_FILE=/run/secrets/app_key secrets: - db_user_password - redis_password - app_key networks: - app-internal # Connect to external PostgreSQL Stack restart: ${RESTART_POLICY:-unless-stopped} # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local # Environment variables are loaded by EncryptedEnvLoader in the PHP application logging: driver: "${LOG_DRIVER:-local}" options: max-size: "${LOG_MAX_SIZE:-5m}" max-file: "${LOG_MAX_FILE:-2}" deploy: resources: limits: memory: ${PHP_MEMORY_LIMIT:-512M} cpus: ${PHP_CPU_LIMIT:-1.0} reservations: memory: ${PHP_MEMORY_RESERVATION:-256M} cpus: ${PHP_CPU_RESERVATION:-0.5} php-test: volumes: - ./:/var/www/html:${VOLUME_MODE:-cached} # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local # Database service removed - using external PostgreSQL Stack # Connection via app-internal network to external stack redis: container_name: redis restart: ${RESTART_POLICY:-unless-stopped} secrets: - redis_password command: > sh -c "redis-server --requirepass $$(cat /run/secrets/redis_password) --maxmemory 256mb --maxmemory-policy allkeys-lru --save 900 1 --save 300 10 --save 60 10000 --appendonly yes --appendfsync everysec" healthcheck: test: ["CMD", "sh", "-c", "redis-cli --no-auth-warning -a $$(cat /run/secrets/redis_password) ping"] interval: 30s timeout: 5s retries: 3 start_period: 10s logging: driver: "${LOG_DRIVER:-local}" options: max-size: "${LOG_MAX_SIZE:-5m}" max-file: "${LOG_MAX_FILE:-2}" deploy: resources: limits: memory: ${REDIS_MEMORY_LIMIT:-256M} cpus: ${REDIS_CPU_LIMIT:-0.5} reservations: memory: ${REDIS_MEMORY_RESERVATION:-128M} cpus: ${REDIS_CPU_RESERVATION:-0.25} queue-worker: container_name: queue-worker user: "1000:1000" # Same user ID as PHP container volumes: - ./:/var/www/html:cached - ./storage/logs:/var/www/html/storage/logs:rw environment: - APP_ENV=${APP_ENV:-development} - WORKER_DEBUG=${WORKER_DEBUG:-false} - WORKER_SLEEP_TIME=${WORKER_SLEEP_TIME:-100000} - WORKER_MAX_JOBS=${WORKER_MAX_JOBS:-1000} # Use Docker Secrets via *_FILE pattern (Framework supports this automatically) - DB_PASSWORD_FILE=/run/secrets/db_user_password - REDIS_PASSWORD_FILE=/run/secrets/redis_password secrets: - db_user_password - redis_password restart: unless-stopped # NOTE: env_file not needed - Framework automatically loads .env.base → .env.local deploy: resources: limits: memory: 1G reservations: memory: 512M minio: container_name: minio ports: - "${MINIO_API_PORT:-9000}:9000" - "${MINIO_CONSOLE_PORT:-9001}:9001" restart: ${RESTART_POLICY:-unless-stopped} logging: driver: "${LOG_DRIVER:-local}" options: max-size: "${LOG_MAX_SIZE:-5m}" max-file: "${LOG_MAX_FILE:-2}" deploy: resources: limits: memory: ${MINIO_MEMORY_LIMIT:-512M} cpus: ${MINIO_CPU_LIMIT:-0.5} reservations: memory: ${MINIO_MEMORY_RESERVATION:-256M} cpus: ${MINIO_CPU_RESERVATION:-0.25} networks: backend: internal: ${NETWORK_BACKEND_INTERNAL:-false} cache: internal: ${NETWORK_CACHE_INTERNAL:-false} app-internal: external: true # External network created by PostgreSQL Infrastructure Stack name: app-internal traefik-public: external: true # External network created by Traefik Infrastructure Stack name: traefik-public # Docker Secrets Configuration # Secrets are stored in ./secrets/ directory (relative to this file) # Note: Secrets are already defined in docker-compose.base.yml, but we activate them here # for local development. The base.yml defines the secret sources.