snipe/compose.cloud.yml

# Snipe — cloud managed instance
# Project: snipe-cloud  (docker compose -f compose.cloud.yml -p snipe-cloud ...)
# Web:     http://127.0.0.1:8514 → menagerie.circuitforge.tech/snipe (via Caddy basicauth)
# API:     internal only on snipe-cloud-net (no host port — only reachable via nginx)
#
# Usage: ./manage.sh cloud-start | cloud-stop | cloud-restart | cloud-status | cloud-logs | cloud-build

services:
  api:
    build:
      context: ..
      dockerfile: snipe/Dockerfile
    restart: unless-stopped
    env_file: .env
    # No network_mode: host — isolated on snipe-cloud-net; nginx reaches it via 'api:8510'
    volumes:
      - /devl/snipe-cloud-data:/app/snipe/data
    networks:
      - snipe-cloud-net

  web:
    build:
      context: .
      dockerfile: docker/web/Dockerfile
      args:
        # Vite bakes these at image build time — changing them requires cloud-build.
        # VITE_BASE_URL: app served under /snipe → asset URLs become /snipe/assets/...
        # VITE_API_BASE: prepended to all /api/* fetch calls → /snipe/api/search
        VITE_BASE_URL: /snipe
        VITE_API_BASE: /snipe
    restart: unless-stopped
    ports:
      - "8514:80"  # Caddy (caddy-proxy container) reaches via host.docker.internal:8514
    volumes:
      - ./docker/web/nginx.cloud.conf:/etc/nginx/conf.d/default.conf:ro
    networks:
      - snipe-cloud-net
    depends_on:
      - api

networks:
  snipe-cloud-net:
    driver: bridge