# Application Stack Diagram

This diagram shows the Docker containers running on the EC2 instance and their relationships.

```mermaid
%%{init: {'theme':'base', 'themeVariables': { 'primaryColor':'#e5e7eb','primaryTextColor':'#111827','primaryBorderColor':'#9ca3af','lineColor':'#111827','secondaryColor':'#d1d5db','tertiaryColor':'#f3f4f6','edgeLabelBackground':'#ffffff','mainBkg':'#f5f5f4','nodeBorder':'#9ca3af','background':'#f5f5f4','clusterBkg':'transparent'},'themeCSS':'.node rect, .node circle, .node ellipse, .node polygon, .node path { filter: none !important; box-shadow: none !important; } .cluster rect { filter: none !important; box-shadow: none !important; } svg { background-color: #f5f5f4 !important; } .cluster-label { background-color: #ffffff !important; padding: 6px 12px !important; border-radius: 4px !important; font-size: 16px !important; font-weight: 700 !important; box-shadow: 0 1px 3px rgba(0,0,0,0.12) !important; border: 1px solid #d1d5db !important; } .edgePath, .edgePath path, .flowchart-link { z-index: 1 !important; }'}}%%

graph TB
    User([User])
    LetsEncrypt[Let's Encrypt<br/>SSL Certs]
    
    subgraph EC2["EC2 Instance"]
        subgraph Docker["Docker Compose"]
            Nginx[Nginx<br/>Port 80, 443]
            Gitea[Gitea<br/>Port 3000]
            Postgres[(PostgreSQL<br/>Port 5432)]
            Watchtower[Watchtower<br/>Auto-updater]
            
            Nginx -->|Reverse Proxy| Gitea
            Gitea -->|Database Connection| Postgres
            Watchtower -.->|Monitors & Updates| Nginx
            Watchtower -.->|Monitors & Updates| Gitea
        end
    end
    
    User -->|HTTPS| Nginx
    LetsEncrypt -.->|Certbot Renewal| Nginx
    
    style EC2 fill:#e5e7eb,stroke:#4b5563,stroke-width:2px,stroke-dasharray: 5 5
    style Docker fill:#d1d5db,stroke:#4b5563,stroke-width:2px,stroke-dasharray: 5 5
    
    style Nginx fill:#10B981,stroke:#333,stroke-width:1px,color:#fff
    style Gitea fill:#3B82F6,stroke:#333,stroke-width:1px,color:#fff
    style Postgres fill:#8B5CF6,stroke:#333,stroke-width:1px,color:#fff
    style Watchtower fill:#F59E0B,stroke:#333,stroke-width:1px,color:#fff
```

## Components

- **Nginx**: Reverse proxy handling SSL termination and routing to Gitea
- **Gitea**: Git server application (main service)
- **PostgreSQL**: Database storing repositories metadata, users, issues
- **Watchtower**: Monitors Docker Hub for image updates, automatically pulls and restarts containers

## Container Communication

- All containers in the same Docker network
- Nginx proxies HTTPS requests to Gitea's internal port 3000
- Gitea connects to PostgreSQL via container name
- Watchtower runs on schedule, checking for updates
- Let's Encrypt certbot renews certificates automatically (via nginx container or separate container)

## Data Persistence

Docker volumes ensure data survives container restarts:
- `gitea_data`: Git repositories and uploads
- `postgres_data`: Database files