refactor: migrate to native Docker Compose profiles

Simplified Docker Compose configuration by using native profiles
instead of override files, following best practices.

Changes:
- Consolidated docker-compose.yml with --profile dev/prod support
- Removed docker-compose.dev.yml and docker-compose.prod.yml
- Updated all documentation for new usage pattern
- Created comprehensive README.md and DEPLOYMENT.md
- Simplified commands: 'docker compose --profile dev up'

Environment-specific configurations:
- Development: relaxed security, hot reload, exposed ports
- Production: strict security, optimized builds, restricted access

This approach is cleaner, more maintainable, and follows Docker
Compose best practices.

docker-compose.yml

@@ -1,17 +1,51 @@
+# Docker Compose for spotlight.cam
+# Usage:
+#   Development: docker compose --profile dev up
+#   Production:  docker compose --profile prod up
+#   Both:        docker compose --profile dev --profile prod up
+
 services:
+  # ============================================
+  # Nginx - Reverse Proxy & Static File Server
+  # ============================================
   nginx:
     image: nginx:alpine
     container_name: spotlightcam-nginx
-    ports:
-      - "8080:80"
-    volumes:
-      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-      - ./nginx/conf.d:/etc/nginx/conf.d:ro
     depends_on:
       - frontend
       - backend
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./nginx/conf.d:/etc/nginx/conf.d:ro
     restart: unless-stopped
+    profiles: ["dev"]
+    ports:
+      - "8080:80"
 
+  nginx-prod:
+    image: nginx:alpine
+    container_name: spotlightcam-nginx-prod
+    depends_on:
+      - frontend-prod
+      - backend-prod
+    volumes:
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./nginx/conf.d:/etc/nginx/conf.d:ro
+      - ./ssl:/etc/nginx/ssl:ro
+    ports:
+      - "80:80"
+      - "443:443"
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+    profiles: ["prod"]
+
+  # ============================================
+  # Frontend - React/Vite Application
+  # ============================================
   frontend:
     build:
       context: ./frontend
@@ -28,7 +62,32 @@ services:
     stdin_open: true
     tty: true
     command: npm run dev
+    restart: unless-stopped
+    profiles: ["dev"]
 
+  frontend-prod:
+    build:
+      context: ./frontend
+      dockerfile: Dockerfile.prod
+      args:
+        - NODE_ENV=production
+    container_name: spotlightcam-frontend-prod
+    expose:
+      - "5173"
+    environment:
+      - NODE_ENV=production
+    command: ["nginx", "-g", "daemon off;"]
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+    profiles: ["prod"]
+
+  # ============================================
+  # Backend - Node.js/Express API
+  # ============================================
   backend:
     build:
       context: ./backend
@@ -42,12 +101,60 @@ services:
     environment:
       - NODE_ENV=development
       - PORT=3000
-      - CORS_ORIGIN=http://localhost:8080
-      - DATABASE_URL=postgresql://spotlightcam:spotlightcam123@db:5432/spotlightcam
+      # Security: Relaxed for development
+      - RATE_LIMIT_ENABLED=false
+      - RATE_LIMIT_AUTH_MAX=100
+      - RATE_LIMIT_EMAIL_MAX=20
+      - ENABLE_CSRF=false
+      - BODY_SIZE_LIMIT=50mb
+      - LOG_LEVEL=debug
     depends_on:
       - db
+    command: npm run dev
     restart: unless-stopped
+    profiles: ["dev"]
 
+  backend-prod:
+    build:
+      context: ./backend
+      dockerfile: Dockerfile.prod
+      args:
+        - NODE_ENV=production
+    container_name: spotlightcam-backend-prod
+    expose:
+      - "3000"
+    environment:
+      - NODE_ENV=production
+      - PORT=3000
+      # Security: Strict for production (override with .env file)
+      - RATE_LIMIT_ENABLED=true
+      - RATE_LIMIT_AUTH_MAX=5
+      - RATE_LIMIT_EMAIL_MAX=3
+      - ENABLE_CSRF=true
+      - BODY_SIZE_LIMIT=10kb
+      - LOG_LEVEL=warn
+    depends_on:
+      - db-prod
+    command: ["node", "src/server.js"]
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+    deploy:
+      resources:
+        limits:
+          cpus: '1'
+          memory: 512M
+        reservations:
+          cpus: '0.5'
+          memory: 256M
+    profiles: ["prod"]
+
+  # ============================================
+  # Database - PostgreSQL
+  # ============================================
   db:
     image: postgres:15-alpine
     container_name: spotlightcam-db
@@ -58,8 +165,39 @@ services:
     volumes:
       - postgres_data:/var/lib/postgresql/data
     ports:
-      - "5432:5432"
+      - "5432:5432"  # Exposed for dev tools
     restart: unless-stopped
+    profiles: ["dev"]
+
+  db-prod:
+    image: postgres:15-alpine
+    container_name: spotlightcam-db-prod
+    environment:
+      - POSTGRES_USER=${POSTGRES_USER:-spotlightcam}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-spotlightcam123}
+      - POSTGRES_DB=${POSTGRES_DB:-spotlightcam}
+    volumes:
+      - postgres_data_prod:/var/lib/postgresql/data
+      - ./backups:/backups
+    # No exposed ports in production (internal only)
+    restart: always
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 2G
+        reservations:
+          cpus: '1'
+          memory: 1G
+    profiles: ["prod"]
 
 volumes:
   postgres_data:
+    driver: local
+  postgres_data_prod:
+    driver: local