geht mal lokal auf esprimo

docker-compose.yml

@@ -1,88 +1,105 @@
 services:
-  # MySQL Database
-  mysql:
-    image: mysql:8.0
-    container_name: rezepte_mysql
-    restart: always
-    environment:
-      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-change_this_root_password}
-      MYSQL_DATABASE: ${MYSQL_DATABASE:-rezepte}
-      MYSQL_USER: ${MYSQL_USER:-rezepte_user}
-      MYSQL_PASSWORD: ${MYSQL_PASSWORD:-change_this_password}
-    ports:
-      - "${MYSQL_PORT:-3307}:3306"
-    volumes:
-      - mysql_data:/var/lib/mysql
-      - ./sql-init:/docker-entrypoint-initdb.d
-    networks:
-      - rezepte_network
-
-
-  # phpMyAdmin
-  phpmyadmin:
-    image: phpmyadmin:latest
-    container_name: rezepte_phpmyadmin
-    restart: always
-    profiles:
-      - admin
-    ports:
-      - "${PHPMYADMIN_PORT:-8083}:80"
-    environment:
-      PMA_HOST: mysql
-      PMA_USER: ${MYSQL_USER:-rezepte_user}
-      PMA_PASSWORD: ${MYSQL_PASSWORD:-change_this_password}
-      MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-change_this_root_password}
-    depends_on:
-      - mysql
-    networks:
-      - rezepte_network
-
-  # Node.js Backend API
   backend:
-    build:
-      context: ./backend
-      dockerfile: Dockerfile
+    # Use pre-built image from registry instead of building
+    image: docker.citysensor.de/rezepte-backend:latest
     container_name: rezepte-backend
+    restart: unless-stopped
     environment:
-      NODE_ENV: ${NODE_ENV:-production}
-      PORT: ${BACKEND_PORT:-3001}
-      # Explicit DB URL (override to ensure service hostname used inside container)
-      DATABASE_URL: mysql://${MYSQL_USER:-rezepte_user}:${MYSQL_PASSWORD:-dev_password_123}@mysql:3306/${MYSQL_DATABASE:-rezepte}
-      JWT_SECRET: ${JWT_SECRET:-please_change_to_secure_32_char_min}
-      UPLOAD_PATH: ${UPLOAD_PATH:-/app/uploads}
-      MAX_FILE_SIZE: ${MAX_FILE_SIZE:-5242880}
-      CORS_ORIGIN: ${CORS_ORIGIN:-http://localhost:3000}
-    ports:
-      - "${BACKEND_PORT:-3001}:${BACKEND_PORT:-3001}"
+      - NODE_ENV=production
+      - DATABASE_URL=mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_HOST:-mysql}:${MYSQL_PORT:-3306}/rezepte
+      - CORS_ORIGIN=https://rezepte.${DOMAIN}
+      - PORT=3001
     volumes:
       - uploads_data:/app/uploads
-      - ./uploads:/app/legacy-uploads:ro
+      # Legacy uploads can be mounted if needed
+      # - ./legacy-uploads:/app/legacy-uploads:ro
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:3001/api/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+    labels:
+      - "traefik.enable=true"
+      # API Routes
+      - "traefik.http.routers.backend.rule=Host(`rezepte.${DOMAIN}`) && PathPrefix(`/api`)"
+      - "traefik.http.routers.backend.entrypoints=websecure"
+      - "traefik.http.routers.backend.tls.certresolver=letsencrypt"
+      - "traefik.http.services.backend.loadbalancer.server.port=3001"
+      # Upload Routes
+      - "traefik.http.routers.backend-uploads.rule=Host(`rezepte.${DOMAIN}`) && PathPrefix(`/uploads`)"
+      - "traefik.http.routers.backend-uploads.entrypoints=websecure"
+      - "traefik.http.routers.backend-uploads.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.backend-uploads.service=backend"
     networks:
-      - rezepte_network
-    depends_on:
-      - mysql
-    restart: unless-stopped
+      - traefik
+      # Connect to external MySQL network
+      - gitea_default
 
-  # Frontend (React + Vite build served by nginx)
   frontend:
-    build:
-      context: ./frontend
-      dockerfile: Dockerfile
-      args:
-        VITE_API_URL: http://localhost:3001/api
+    # Use pre-built image from registry instead of building
+    image: docker.citysensor.de/rezepte-frontend:latest
     container_name: rezepte-frontend
-    ports:
-      - "${FRONTEND_PORT:-3000}:80"
-    networks:
-      - rezepte_network
+    restart: unless-stopped
     depends_on:
       - backend
-    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost/"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+    labels:
+      - "traefik.enable=true"
+      # Frontend Routes (catch-all)
+      - "traefik.http.routers.frontend.rule=Host(`rezepte.${DOMAIN}`)"
+      - "traefik.http.routers.frontend.entrypoints=websecure"
+      - "traefik.http.routers.frontend.tls.certresolver=letsencrypt"
+      - "traefik.http.services.frontend.loadbalancer.server.port=80"
+      # Lower priority than backend routes
+      - "traefik.http.routers.frontend.priority=1"
+      - "traefik.http.routers.backend.priority=10"
+      - "traefik.http.routers.backend-uploads.priority=10"
+    networks:
+      - traefik
 
-volumes:
-  mysql_data:
-  uploads_data:
+  phpmyadmin:
+    image: phpmyadmin/phpmyadmin:latest
+    container_name: rezepte-phpmyadmin
+    restart: unless-stopped
+    environment:
+      - PMA_HOST=${MYSQL_HOST:-mysql}
+      - PMA_PORT=${MYSQL_PORT:-3306}
+      - PMA_USER=${MYSQL_ROOT_USER:-root}
+      - PMA_PASSWORD=${MYSQL_ROOT_PASSWORD}
+      - UPLOAD_LIMIT=2G
+      - MEMORY_LIMIT=2G
+      - MAX_EXECUTION_TIME=0
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost/"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.phpmyadmin.rule=Host(`phpmyadmin.${DOMAIN}`)"
+      - "traefik.http.routers.phpmyadmin.entrypoints=websecure"
+      - "traefik.http.routers.phpmyadmin.tls.certresolver=letsencrypt"
+      - "traefik.http.services.phpmyadmin.loadbalancer.server.port=80"
+      # Optional: Add basic auth for extra security
+      # - "traefik.http.routers.phpmyadmin.middlewares=auth"
+    networks:
+      - traefik
+      # Connect to external MySQL network
+      - gitea_default
 
 networks:
-  rezepte_network:
-    driver: bridge
+  traefik:
+    external: true
+  # Reference to external network (will be created by Gitea)
+  # This network should already exist from your Gitea installation
+  gitea_default:
+    external: true
+
+volumes:
+  uploads_data:
+    driver: local