remove varnish

docker-compose.yml

@@ -1,55 +1,11 @@
 services:
-  # Varnish sits between Traefik and the application.
-  #
-  # Flow:
-  #   Client -> Traefik -> Varnish -> app
-  #
-  # Traefik keeps TLS + compression; Varnish adds HTTP caching for static assets.
-  varnish:
-    image: varnish:7
-    restart: always
-    networks:
-      - infra
-    depends_on:
-      - app
-    command: >-
-      varnishd
-      -F
-      -f /etc/varnish/default.vcl
-      -s malloc,${VARNISH_CACHE_SIZE:-256m}
-    volumes:
-      - ./varnish/default.vcl:/etc/varnish/default.vcl:ro
-    healthcheck:
-      test: ["CMD-SHELL", "wget --quiet --tries=1 --spider http://localhost:80/health || wget --quiet --tries=1 --spider http://localhost:80/ || true"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-      start_period: 10s
-    labels:
-      - "traefik.enable=true"
-      # HTTP → HTTPS redirect (Challenge-Schutz für ALLE)
-      - "traefik.http.routers.klz-cables-web.rule=(Host(`klz-cables.com`) || Host(`www.klz-cables.com`) || Host(`staging.klz-cables.com`)) && !PathPrefix(`/.well-known/acme-challenge/`)"
-      - "traefik.http.routers.klz-cables-web.entrypoints=web"
-      - "traefik.http.routers.klz-cables-web.middlewares=redirect-https"
-      # HTTPS router (für ALLE drei Domains)
-      - "traefik.http.routers.klz-cables.rule=Host(`klz-cables.com`) || Host(`www.klz-cables.com`) || Host(`staging.klz-cables.com`)"
-      - "traefik.http.routers.klz-cables.entrypoints=websecure"
-      - "traefik.http.routers.klz-cables.tls.certresolver=le"
-      - "traefik.http.routers.klz-cables.tls=true"
-      - "traefik.http.routers.klz-cables.service=klz-cables"
-      - "traefik.http.services.klz-cables.loadbalancer.server.port=80"
-      - "traefik.http.services.klz-cables.loadbalancer.server.scheme=http"
-      # Forwarded Headers (für Apps, die HTTPS erwarten)
-      - "traefik.http.middlewares.klz-forward.headers.customrequestheaders.X-Forwarded-Proto=https"
-      - "traefik.http.middlewares.klz-forward.headers.customrequestheaders.X-Forwarded-Ssl=on"
-      # Middlewares anhängen
-      - "traefik.http.routers.klz-cables.middlewares=klz-forward,compress"
-
   app:
     image: registry.infra.mintel.me/mintel/klz-cables.com:latest
     restart: always
     networks:
       - infra
+    ports:
+      - "3000:3000"
     env_file:
       - .env
     healthcheck:
@@ -58,6 +14,25 @@ services:
       timeout: 5s
       retries: 5
       start_period: 30s
+    labels:
+      - "traefik.enable=true"
+      # HTTP ⇒ HTTPS redirect
+      - "traefik.http.routers.klz-cables-web.rule=(Host(`klz-cables.com`) || Host(`www.klz-cables.com`) || Host(`staging.klz-cables.com`)) && !PathPrefix(`/.well-known/acme-challenge/`)"
+      - "traefik.http.routers.klz-cables-web.entrypoints=web"
+      - "traefik.http.routers.klz-cables-web.middlewares=redirect-https"
+      # HTTPS router
+      - "traefik.http.routers.klz-cables.rule=Host(`klz-cables.com`) || Host(`www.klz-cables.com`) || Host(`staging.klz-cables.com`)"
+      - "traefik.http.routers.klz-cables.entrypoints=websecure"
+      - "traefik.http.routers.klz-cables.tls.certresolver=le"
+      - "traefik.http.routers.klz-cables.tls=true"
+      - "traefik.http.routers.klz-cables.service=klz-cables"
+      - "traefik.http.services.klz-cables.loadbalancer.server.port=3000"
+      - "traefik.http.services.klz-cables.loadbalancer.server.scheme=http"
+      # Forwarded Headers
+      - "traefik.http.middlewares.klz-forward.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.middlewares.klz-forward.headers.customrequestheaders.X-Forwarded-Ssl=on"
+      # Middlewares
+      - "traefik.http.routers.klz-cables.middlewares=klz-forward,compress"
 
 networks:
   infra: