version: '3.8'

services:
  traefik:
    image: traefik:v2.5
    container_name: traefik
    command:
      - "--api.insecure=true"  # Enable Traefik dashboard (optional)
      - "--log.level=DEBUG"    # Enable DEBUG level logs
      - "--accesslog"          # Enable access logs
      - "--entrypoints.web.address=:80"  # Listen on port 80
      - "--entrypoints.websecure.address=:443"  # Listen on port 443
      - "--entrypoints.websecure.forwardedHeaders.insecure=true"  # Allow forwarded headers
    ports:
      - "80:80"   # Expose port 80
      - "443:443" # Expose port 443
      - "8080:8080"  # Traefik Dashboard (optional)
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"  # Allow Traefik to interact with Docker
    networks:
      - web
    labels:
      - "traefik.enable=true"

  nextjs-app:
  build:
    context: .  # Path to your project
    dockerfile: Dockerfile
  container_name: nextjs-app-container
  expose:
    - "3000"  # Expose port 3000 internally (not externally)
  labels:
    - "traefik.enable=true"
    - "traefik.http.routers.nextjs-app.rule=Host(`dash.embermarket.app`)"
    - "traefik.http.services.nextjs-app.loadbalancer.server.port=3000"

    # IP Whitelist middleware for the Next.js app
    - "traefik.http.routers.nextjs-app.middlewares=ip-whitelist@file"  # Use @file to reference middleware from a file provider

    # Define the IP whitelist middleware for the Next.js app
    - "traefik.http.middlewares.ip-whitelist@file.ipWhiteList.sourcerange=212.113.116.6,194.26.229.41,138.124.13.13"  # Allowed IPs

  environment:
    - NODE_ENV=production
    - NEXT_PUBLIC_API_URL=https://internal-api.inboxi.ng/api
  restart: unless-stopped
  networks:
    - web


networks:
  web:
    external: true