opencand.infra/infra-docker-compose.yaml

services:
  db:
    image: postgres:14-alpine
    container_name: opencand_db
    restart: unless-stopped
    hostname: db
    environment:
      POSTGRES_USER: root
      POSTGRES_PASSWORD: root
      POSTGRES_DB: opencand
    volumes:
      - ./db-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U root -d opencand"]
      interval: 10s
      timeout: 5s
      retries: 5
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
        labels: "service=database"
    labels:
      - "promtail.enable=true"
      - "promtail.job=opencand-db"
  # ───────────────────────────────────────────────────────────────────────────
  # 5. Log Monitoring Stack
  # ───────────────────────────────────────────────────────────────────────────
    # Loki - Log aggregation system
  loki:
    image: grafana/loki:2.9.0
    container_name: opencand_loki
    restart: unless-stopped
    ports:
      - "127.0.0.1:6110:3100"
    command: -config.file=/etc/loki/local-config.yaml
    volumes:
      - ./monitoring/loki-config.yaml:/etc/loki/local-config.yaml
      - loki-data:/loki
    healthcheck:
      test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:3100/ready || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Promtail - Log collection agent
  promtail:
    image: grafana/promtail:2.9.0
    container_name: opencand_promtail
    restart: unless-stopped
    volumes:
      - ./monitoring/promtail-config.yaml:/etc/promtail/config.yml
      - /var/log:/var/log:ro
      - /var/lib/docker/containers:/var/lib/docker/containers:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    command: -config.file=/etc/promtail/config.yml
    depends_on:
      - loki

  # Prometheus - Metrics collection
  prometheus:
    image: prom/prometheus:v2.45.0
    container_name: opencand_prometheus
    restart: unless-stopped
    ports:
      - "127.0.0.1:6090:9090"
    command:
      - "--config.file=/etc/prometheus/prometheus.yml"
      - "--storage.tsdb.path=/prometheus"
      - "--web.console.libraries=/etc/prometheus/console_libraries"
      - "--web.console.templates=/etc/prometheus/consoles"
      - "--web.enable-lifecycle"
    volumes:
      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus-data:/prometheus
    depends_on:
      - node-exporter
  # Node Exporter - System metrics
  node-exporter:
    image: prom/node-exporter:v1.6.0
    container_name: opencand_node_exporter
    restart: unless-stopped
    ports:
      - "127.0.0.1:6100:9100"
    volumes:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /:/rootfs:ro
    command:
      - "--path.procfs=/host/proc"
      - "--path.rootfs=/rootfs"
      - "--path.sysfs=/host/sys"
      - "--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)"
  # Grafana - Visualization and dashboards
  grafana:
    image: grafana/grafana:10.0.0
    container_name: opencand_grafana
    restart: unless-stopped
    ports:
      - "6000:3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=admin
      - GF_USERS_ALLOW_SIGN_UP=false
    volumes:
      - grafana-data:/var/lib/grafana
      - ./monitoring/grafana/provisioning:/etc/grafana/provisioning
    depends_on:
      - loki
      - prometheus

volumes:
  loki-data:
  prometheus-data:
  grafana-data: