Update Docker Compose configuration for security and functionality

- Restrict frontend service port to localhost for enhanced security.
- Add volume mapping for secrets to the application container.
- Update healthcheck command for the database service to reflect new user and database names.

compose-plesk.yaml

@@ -8,7 +8,7 @@ services:
     container_name: portal-frontend
     network_mode: bridge
     ports:
-      - "3000:3000"
+      - "127.0.0.1:3000:3000"  # Only accessible from localhost for security
     environment:
       - NODE_ENV=production
       - PORT=3000
@@ -59,6 +59,8 @@ services:
       - EMAIL_TEMPLATE_RESET=${EMAIL_TEMPLATE_RESET}
       - EMAIL_TEMPLATE_WELCOME=${EMAIL_TEMPLATE_WELCOME}
       - NODE_OPTIONS=${NODE_OPTIONS}
+    volumes:
+      - /var/www/vhosts/asolutions.jp/httpdocs/secrets:/app/secrets:ro
     restart: unless-stopped
     depends_on:
       - database
@@ -86,7 +88,7 @@ services:
       - postgres_data:/var/lib/postgresql/data
     restart: unless-stopped
     healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U portal_user -d portal_db"]
+      test: ["CMD-SHELL", "pg_isready -U portal -d portal_prod"]
       interval: 10s
       timeout: 5s
       retries: 5