From ad2752b7b033dd7c4cc839520b85f9704def7620 Mon Sep 17 00:00:00 2001
From: Felipe Coutinho <felipi@live.com>
Date: Sun, 12 Apr 2026 18:45:12 +0000
Subject: [PATCH] chore(docker): simplificar compose e entrypoint
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- compose: removidos profiles, build e dependência de arquivo externo;
  agora standalone com curl + docker compose up -d
- compose: variáveis opcionais movidas para .env via env_file
- entrypoint: extensão pgcrypto criada via Node.js antes das migrations
- entrypoint: loop de retry reescrito; removido hack @localhost→@db

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
---
 docker-compose.yml   | 108 +++----------------------------------------
 docker-entrypoint.sh |  31 +++++++------
 2 files changed, 23 insertions(+), 116 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 5943296..2f43d18 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,147 +1,51 @@
-# Docker Compose para Next.js + PostgreSQL
 name: openmonetis
 
-# MODOS DE USO:
-# 1. Banco LOCAL (PostgreSQL em container):
-#    - Configure DATABASE_URL com host "db" no .env
-#    - Execute: docker compose --profile local up
-#
-# 2. Banco REMOTO (ex: Supabase, Neon, etc):
-#    - Configure DATABASE_URL com a URL do banco remoto no .env
-#    - Execute: docker compose up
-#
-# 3. Build local (desenvolvimento):
-#    - Execute: docker compose --profile local up --build
-#
-# 4. Para parar todos os serviços:
-#    - Execute: docker compose down
-#
-# 5. Para remover volumes (CUIDADO: apaga dados do banco local):
-#    - Execute: docker compose down -v
-
 services:
-  # ============================================
-  # Serviço: PostgreSQL (Banco de dados local)
-  # Ativado apenas com: --profile local
-  # ============================================
   db:
-    profiles: ["local"]
     image: postgres:18-alpine
     container_name: openmonetis_postgres
     restart: unless-stopped
-
     environment:
       POSTGRES_USER: ${POSTGRES_USER:-openmonetis}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-openmonetis_dev_password}
       POSTGRES_DB: ${POSTGRES_DB:-openmonetis_db}
-      PGDATA: /var/lib/postgresql/data
       POSTGRES_INITDB_ARGS: "-E UTF8 --locale=C"
-
     ports:
       - "${DB_PORT:-5432}:5432"
-
     volumes:
       - postgres_data:/var/lib/postgresql/data
-
-    # Cria extensão pgcrypto inline (necessária para gen_random_bytes no schema)
-    entrypoint: ["/bin/sh", "-c"]
-    command:
-      - |
-        echo 'CREATE EXTENSION IF NOT EXISTS pgcrypto;' > /docker-entrypoint-initdb.d/init.sql
-        exec docker-entrypoint.sh postgres
-
     healthcheck:
-      test:
-        [
-          "CMD-SHELL",
-          "pg_isready -U ${POSTGRES_USER:-openmonetis} -d ${POSTGRES_DB:-openmonetis_db}",
-        ]
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-openmonetis} -d ${POSTGRES_DB:-openmonetis_db}"]
       interval: 10s
       timeout: 5s
       retries: 5
       start_period: 10s
 
-    # Para ativar logs de queries (debug), adicione ao command acima:
-    # exec docker-entrypoint.sh postgres -c log_statement=all
-
-  # ============================================
-  # Serviço: Aplicação Next.js
-  # ============================================
   app:
-    build: .
     image: felipegcoutinho/openmonetis:latest
-
     container_name: openmonetis_app
     restart: unless-stopped
-
     ports:
       - "${APP_PORT:-3000}:3000"
-
+    env_file:
+      - path: .env
+        required: false
     environment:
       NODE_ENV: production
-
-      # Banco local: use host "db" | Banco remoto: URL completa do provider
-      # O entrypoint converte automaticamente "localhost" → "db" se necessário
       DATABASE_URL: ${DATABASE_URL:-postgresql://openmonetis:openmonetis_dev_password@db:5432/openmonetis_db}
-
-      BETTER_AUTH_SECRET: ${BETTER_AUTH_SECRET}
+      BETTER_AUTH_SECRET: ${BETTER_AUTH_SECRET:-}
       BETTER_AUTH_URL: ${BETTER_AUTH_URL:-http://localhost:3000}
-
-      # S3 (opcional)
-      S3_ENDPOINT: ${S3_ENDPOINT:-}
-      S3_REGION: ${S3_REGION:-}
-      S3_ACCESS_KEY_ID: ${S3_ACCESS_KEY_ID:-}
-      S3_SECRET_ACCESS_KEY: ${S3_SECRET_ACCESS_KEY:-}
-      S3_BUCKET: ${S3_BUCKET:-}
-
-      # Email (opcional)
-      RESEND_API_KEY: ${RESEND_API_KEY:-}
-      RESEND_FROM_EMAIL: ${RESEND_FROM_EMAIL:-}
-
-      # OAuth (opcional)
-      GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID:-}
-      GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET:-}
-      GITHUB_CLIENT_ID: ${GITHUB_CLIENT_ID:-}
-      GITHUB_CLIENT_SECRET: ${GITHUB_CLIENT_SECRET:-}
-
-      # AI providers (opcional)
-      ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-}
-      OPENAI_API_KEY: ${OPENAI_API_KEY:-}
-      GOOGLE_GENERATIVE_AI_API_KEY: ${GOOGLE_GENERATIVE_AI_API_KEY:-}
-      OPENROUTER_API_KEY: ${OPENROUTER_API_KEY:-}
-
-      # Multi-domínio (opcional)
-      PUBLIC_DOMAIN: ${PUBLIC_DOMAIN:-}
-
-      # Analytics (opcional)
-      UMAMI_URL: ${UMAMI_URL:-}
-      UMAMI_WEBSITE_ID: ${UMAMI_WEBSITE_ID:-}
-      UMAMI_DOMAINS: ${UMAMI_DOMAINS:-}
-
-    # required: false permite subir sem banco local (banco remoto via DATABASE_URL)
     depends_on:
       db:
         condition: service_healthy
         required: false
-
     healthcheck:
-      test:
-        [
-          "CMD",
-          "wget",
-          "--quiet",
-          "--tries=1",
-          "--spider",
-          "http://localhost:3000/api/health",
-        ]
+      test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/api/health"]
       interval: 30s
       timeout: 10s
       retries: 3
       start_period: 40s
 
-# ============================================
-# Volumes
-# ============================================
 volumes:
   postgres_data:
     driver: local
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 8a46c5c..a5a7072 100644
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -1,23 +1,26 @@
 #!/bin/sh
 
-# Dentro do container Docker, "localhost" não alcança o serviço de banco.
-# Substitui automaticamente para o nome do serviço "db" da rede Docker.
-# Não afeta URLs de bancos remotos (não contêm "@localhost:").
-if [ -n "$DATABASE_URL" ]; then
-  DATABASE_URL=$(echo "$DATABASE_URL" | sed 's|@localhost:|@db:|g')
-  export DATABASE_URL
-fi
+echo "Habilitando extensão pgcrypto..."
+node -e "
+const { Client } = require('/app/migrate/node_modules/pg');
+const c = new Client({ connectionString: process.env.DATABASE_URL });
+c.connect()
+  .then(() => c.query('CREATE EXTENSION IF NOT EXISTS pgcrypto'))
+  .then(() => c.end())
+  .catch((e) => { console.error('Aviso pgcrypto:', e.message); process.exit(0); });
+"
 
 echo "Rodando migrations..."
-RETRIES=5
-until NODE_PATH=/app/migrate/node_modules /app/migrate/node_modules/.bin/drizzle-kit push || [ "$RETRIES" -eq 0 ]; do
-  RETRIES=$((RETRIES - 1))
-  echo "Migration falhou, aguardando banco... ($RETRIES tentativas restantes)"
+MIGRATED=0
+for i in 1 2 3 4 5; do
+  if NODE_PATH=/app/migrate/node_modules /app/migrate/node_modules/.bin/drizzle-kit push; then
+    MIGRATED=1
+    break
+  fi
+  echo "Tentativa $i/5 falhou. Aguardando 5s..."
   sleep 5
 done
 
-if [ "$RETRIES" -eq 0 ]; then
-  echo "Aviso: migrations nao foram aplicadas"
-fi
+[ "$MIGRATED" -eq 0 ] && echo "Aviso: migrations não foram aplicadas."
 
 exec "$@"