services:
  app:
    build: .
    container_name: timetracker-app-local-test
    environment:
      - TZ=${TZ:-Europe/Brussels}
      - CURRENCY=${CURRENCY:-EUR}
      - ROUNDING_MINUTES=${ROUNDING_MINUTES:-1}
      - SINGLE_ACTIVE_TIMER=${SINGLE_ACTIVE_TIMER:-true}
      - ALLOW_SELF_REGISTER=${ALLOW_SELF_REGISTER:-true}
      - IDLE_TIMEOUT_MINUTES=${IDLE_TIMEOUT_MINUTES:-30}
      - ADMIN_USERNAMES=${ADMIN_USERNAMES:-admin}
      # TROUBLESHOOTING: If forms fail with "CSRF token missing or invalid":
      # 1. For local testing, you can disable CSRF: WTF_CSRF_ENABLED=false
      # 2. Or ensure SECRET_KEY doesn't change: set a fixed value in .env
      # 3. Enable CSRF for production-like testing: WTF_CSRF_ENABLED=true
      # For details: docs/CSRF_CONFIGURATION.md
      - SECRET_KEY=${SECRET_KEY:-local-test-secret-key}
      # Use SQLite database for local testing
      - DATABASE_URL=sqlite:////data/timetracker.db
      - LOG_FILE=/app/logs/timetracker.log
      # CSRF Protection (can be disabled for local testing)
      - WTF_CSRF_ENABLED=${WTF_CSRF_ENABLED:-false}
      - WTF_CSRF_TIME_LIMIT=${WTF_CSRF_TIME_LIMIT:-3600}
      # Disable secure cookies for local testing
      - SESSION_COOKIE_SECURE=false
      - REMEMBER_COOKIE_SECURE=false
      # Set Flask environment for development
      - FLASK_ENV=development
      - FLASK_DEBUG=true
    ports:
      - "8080:8080"
    volumes:
      # Mount data directory for SQLite database and uploads
      - app_data_local_test:/data
      # Mount logs directory for easier debugging
      - ./logs:/app/logs
    restart: unless-stopped
    # Run as root initially to set up permissions, then switch to timetracker user
    user: "0:0"
    # Use custom entrypoint for local testing
    entrypoint: ["/app/docker/entrypoint-local-test.sh"]
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8080/_health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 20s

volumes:
  app_data_local_test:
    driver: local