services:
  flights-backend:
    container_name: flights-backend
    build:
      context: .
      dockerfile: Dockerfile
    image: flights-backend:latest
    restart: unless-stopped
    ports:
      # NginxProxyManager forwards flights.treytartt.com → host:8090.
      # The container listens on 8090 inside.
      - "8090:8090"
    environment:
      - SHARED_SECRET=${SHARED_SECRET}
      - TOKEN_TTL_SECONDS=1500
    # Chromium needs /dev/shm for its renderer process. Without this
    # shm_size bump it crashes on the first navigation in a container.
    shm_size: "2gb"
    cap_add:
      # nodriver's profile setup occasionally pokes at SYS_ADMIN-only
      # paths inside the sandbox; without --no-sandbox + this cap we
      # see "Chrome failed to start" intermittently.
      - SYS_ADMIN
    healthcheck:
      test: ["CMD", "python3", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8090/health').read()"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 90s