# 🏭 MYP - Manage your Printer (Produktionsumgebung)
# Hauptkonfiguration für Container-Orchestrierung

version: '3.8'

services:
  # === BACKEND SERVICE ===
  backend:
    build: 
      context: ./backend
      dockerfile: Dockerfile
      args:
        - BUILDKIT_INLINE_CACHE=1
    image: myp/backend:latest
    container_name: myp-backend
    restart: unless-stopped
    
    environment:
      # Flask-Konfiguration
      - FLASK_APP=app.py
      - FLASK_ENV=${FLASK_ENV:-production}
      - PYTHONUNBUFFERED=1
      
      # Datenbank
      - DATABASE_PATH=${DATABASE_PATH:-instance/myp.db}
      
      # Sicherheit
      - SECRET_KEY=${SECRET_KEY:-7445630171969DFAC92C53CEC92E67A9CB2E00B3CB2F}
      - JWT_SECRET=${JWT_SECRET:-secure-jwt-secret}
      
      # Drucker-Konfiguration
      - "PRINTERS=${PRINTERS:-{\"Drucker 1\": {\"ip\": \"192.168.0.100\"}, \"Drucker 2\": {\"ip\": \"192.168.0.101\"}, \"Drucker 3\": {\"ip\": \"192.168.0.102\"}, \"Drucker 4\": {\"ip\": \"192.168.0.103\"}, \"Drucker 5\": {\"ip\": \"192.168.0.104\"}, \"Drucker 6\": {\"ip\": \"192.168.0.106\"}}}"
      
      # TAPO Smart Plug
      - TAPO_USERNAME=${TAPO_USERNAME:-till.tomczak@mercedes-benz.com}
      - TAPO_PASSWORD=${TAPO_PASSWORD:-744563017196A}
      
      # Netzwerk
      - HOST=0.0.0.0
      - PORT=5000
      
      # Logging
      - LOG_LEVEL=${LOG_LEVEL:-INFO}
    
    volumes:
      - backend_instance:/app/instance
      - backend_logs:/app/logs
      - backend_migrations:/app/migrations
    
    networks:
      myp-network:
        ipv4_address: 192.168.0.5
    
    expose:
      - "5000"
    
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:5000/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
      
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.backend.rule=PathPrefix(`/api`)"
      - "traefik.http.services.backend.loadbalancer.server.port=5000"

  # === FRONTEND SERVICE ===
  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      args:
        - BUILDKIT_INLINE_CACHE=1
        - NODE_ENV=${NODE_ENV:-production}
    image: myp/frontend:latest
    container_name: myp-frontend
    restart: unless-stopped
    
    environment:
      - NODE_ENV=${NODE_ENV:-production}
      - NEXT_TELEMETRY_DISABLED=1
      - NEXT_PUBLIC_API_URL=${API_BASE_URL:-/api}
      - PORT=3000
    
    volumes:
      - frontend_data:/app/.next
      - frontend_db:/app/db
    
    networks:
      - myp-network
    
    expose:
      - "3000"
    
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
    
    depends_on:
      backend:
        condition: service_healthy
        
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.frontend.rule=PathPrefix(`/`)"
      - "traefik.http.services.frontend.loadbalancer.server.port=3000"

  # === REVERSE PROXY SERVICE ===
  caddy:
    image: caddy:2.7-alpine
    container_name: myp-caddy
    restart: unless-stopped
    
    ports:
      - "80:80"
      - "443:443"
      - "2019:2019"  # Admin API
    
    volumes:
      - ./proxy/Caddyfile:/etc/caddy/Caddyfile:ro
      - caddy_data:/data
      - caddy_config:/config
      - caddy_logs:/var/log/caddy
    
    networks:
      - myp-network
    
    extra_hosts:
      - "host.docker.internal:host-gateway"
    
    environment:
      - CADDY_HOST=${CADDY_HOST:-53.37.211.254}
      - CADDY_DOMAIN=${CADDY_DOMAIN:-m040tbaraspi001.de040.corpintra.net}
    
    cap_add:
      - NET_ADMIN
    
    depends_on:
      - frontend
      - backend
    
    healthcheck:
      test: ["CMD", "caddy", "validate", "--config", "/etc/caddy/Caddyfile"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s
      
    labels:
      - "traefik.enable=false"

# === PERSISTENTE VOLUMES ===
volumes:
  # Backend-Volumes
  backend_instance:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./backend/instance
  
  backend_logs:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./logs
  
  backend_migrations:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./backend/migrations
  
  # Frontend-Volumes
  frontend_data:
    driver: local
  
  frontend_db:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: ./frontend/db
  
  # Proxy-Volumes
  caddy_data:
    driver: local
  
  caddy_config:
    driver: local
  
  caddy_logs:
    driver: local

# === NETZWERK-KONFIGURATION ===
networks:
  myp-network:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 192.168.0.0/24
          gateway: 192.168.0.1
    driver_opts:
      com.docker.network.enable_ipv6: "false"
      com.docker.network.bridge.enable_ip_masquerade: "true"
      com.docker.network.bridge.enable_icc: "true"
      com.docker.network.bridge.host_binding_ipv4: "0.0.0.0"
    labels:
      - "description=MYP Anwendungs-Netzwerk"
      - "project=myp"
      - "environment=${NODE_ENV:-production}"

# === KONFIGURATIONSEXTENSIONEN ===
x-logging: &default-logging
  driver: "json-file"
  options:
    max-size: "10m"
    max-file: "3"
    labels: "service,environment"

x-restart-policy: &default-restart-policy
  unless-stopped

x-healthcheck-defaults: &default-healthcheck
  interval: 30s
  timeout: 10s
  retries: 3
  start_period: 40s