motovaultpro/docker-compose.prod.yml

# docker-compose.prod.yml
# Production overrides for MotoVaultPro
#
# Usage:
#   docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d
#
# This file removes development-only configurations:
#   - Database port exposure (PostgreSQL, Redis)
#   - Development-specific settings

services:
  # Traefik - Production log level and dashboard auth
  mvp-traefik:
    environment:
      # Traefik log levels: TRACE | DEBUG | INFO | WARN | ERROR
      LOG_LEVEL: error
    command:
      - --configFile=/etc/traefik/traefik.yml
      # Traefik log levels: TRACE | DEBUG | INFO | WARN | ERROR
      - --log.level=ERROR
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.motovaultpro.local`)"
      - "traefik.http.routers.traefik-dashboard.tls=true"
      - "traefik.http.routers.traefik-dashboard.middlewares=dashboard-auth"
      - "traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080"
      - "traefik.http.middlewares.dashboard-auth.basicauth.users=admin:$$2y$$10$$foobar"

  # Backend - Production log level
  mvp-backend:
    environment:
      NODE_ENV: production
      CONFIG_PATH: /app/config/production.yml
      SECRETS_DIR: /run/secrets
      # Pino log levels: trace | debug | info | warn | error | fatal
      LOG_LEVEL: error
      DATABASE_HOST: mvp-postgres
      REDIS_HOST: mvp-redis
      STRIPE_PRO_MONTHLY_PRICE_ID: prod_Toj6BG9Z9JwREl
      STRIPE_PRO_YEARLY_PRICE_ID: prod_Toj8oo0RpVBQmB
      STRIPE_ENTERPRISE_MONTHLY_PRICE_ID: prod_Toj8xGEui9jl6j
      STRIPE_ENTERPRISE_YEARLY_PRICE_ID: prod_Toj9A7A773xrdn

  # OCR - Production log level + engine config
  mvp-ocr:
    environment:
      # Python log levels: DEBUG | INFO | WARNING | ERROR | CRITICAL
      LOG_LEVEL: error
      REDIS_HOST: mvp-redis
      REDIS_PORT: 6379
      REDIS_DB: 1
      # OCR engine configuration (Google Vision primary, PaddleOCR fallback)
      OCR_PRIMARY_ENGINE: google_vision
      OCR_FALLBACK_ENGINE: paddleocr
      OCR_CONFIDENCE_THRESHOLD: "0.6"
      OCR_FALLBACK_THRESHOLD: "0.6"
      GOOGLE_VISION_KEY_PATH: /run/secrets/google-wif-config.json
      VISION_MONTHLY_LIMIT: "1000"
      # Vertex AI / Gemini configuration (maintenance schedule extraction)
      VERTEX_AI_PROJECT: ${VERTEX_AI_PROJECT:-}
      VERTEX_AI_LOCATION: us-central1
      GEMINI_MODEL: gemini-2.5-flash

  # PostgreSQL - Remove dev ports, production log level
  mvp-postgres:
    ports: []
    environment:
      POSTGRES_DB: motovaultpro
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD_FILE: /run/secrets/postgres-password
      POSTGRES_INITDB_ARGS: --encoding=UTF8
      LOG_LEVEL: error
      # PostgreSQL log statements: none | ddl | mod | all
      POSTGRES_LOG_STATEMENT: none
      # Minimum query duration to log: -1 (disabled) | 0 (all) | N (ms threshold)
      POSTGRES_LOG_MIN_DURATION_STATEMENT: -1
      PGDATA: /var/lib/postgresql/data/pgdata

  # Redis - Remove dev ports, production log level
  mvp-redis:
    ports: []
    # Redis log levels: debug | verbose | notice | warning
    command: redis-server --appendonly yes --loglevel warning