# OpenCCB Docker Compose - Producción con SSL
# Servidor: AWS EC2 us-east-2
# Dominios: studio.norteamericano.com y learning.norteamericano.com
# Usa nginx-proxy + acme-companion para SSL automático con Let's Encrypt

services:
  # ========================================
  # NGINX Proxy + SSL (Let's Encrypt)
  # ========================================
  nginx-proxy:
    image: nginxproxy/nginx-proxy:1.4
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - certs:/etc/nginx/certs:ro
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - ./nginx/proxy.conf:/etc/nginx/conf.d/proxy.conf:ro
      - ./nginx/studio.conf:/etc/nginx/vhost.d/${NEXT_PUBLIC_STUDIO_DOMAIN}:ro
      - ./nginx/learning.conf:/etc/nginx/vhost.d/${NEXT_PUBLIC_LEARNING_DOMAIN}:ro
    restart: always
    networks:
      - openccb-network

  acme-companion:
    image: nginxproxy/acme-companion:2.2
    container_name: acme-companion
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - certs:/etc/nginx/certs:rw
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - ./nginx/certs-data:/etc/acme.sh:rw
    environment:
      - DEFAULT_EMAIL=${ACME_EMAIL:?ACME_EMAIL env var must be set}
      - NGINX_PROXY_CONTAINER=nginx-proxy
      - LETSENCRYPT_STAGING=${LETSENCRYPT_STAGING:-true}
    depends_on:
      - nginx-proxy
    restart: always
    networks:
      - openccb-network

  # ========================================
  # Base de Datos
  # ========================================
  db:
    image: pgvector/pgvector:pg16
    container_name: openccb-db
    environment:
      POSTGRES_USER: user
      POSTGRES_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD env var must be set}
      POSTGRES_DB: openccb
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - openccb-network
    restart: always
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U user"]
      interval: 10s
      timeout: 5s
      retries: 5

  # ========================================
  # SMTP Relay Interno (Mailpit)
  # ========================================
  mailpit:
    image: axllent/mailpit:latest
    container_name: openccb-mailpit
    # SMTP para servicios internos y UI solo accesible por SSH túnel/localhost
    ports:
      - "127.0.0.1:8025:8025"
    environment:
      - MP_SMTP_BIND_ADDR=0.0.0.0:1025
      - MP_UI_BIND_ADDR=0.0.0.0:8025
    networks:
      - openccb-network
    restart: always

  # ========================================
  # Studio + CMS (HTTPS)
  # ========================================
  studio:
    build:
      context: .
      dockerfile: web/studio/Dockerfile
      args:
        NEXT_PUBLIC_CMS_API_URL: ${NEXT_PUBLIC_CMS_API_URL}
        NEXT_PUBLIC_LMS_API_URL: ${NEXT_PUBLIC_LMS_API_URL}
        NEXT_PUBLIC_STUDIO_DOMAIN: ${NEXT_PUBLIC_STUDIO_DOMAIN}
        NEXT_PUBLIC_LEARNING_DOMAIN: ${NEXT_PUBLIC_LEARNING_DOMAIN}
    container_name: openccb-studio
    environment:
      - VIRTUAL_HOST=${NEXT_PUBLIC_STUDIO_DOMAIN}
      - VIRTUAL_PORT=3000
      - LETSENCRYPT_HOST=${NEXT_PUBLIC_STUDIO_DOMAIN}
      - HTTPS_METHOD=noredirect
      - HSTS=off
      - HOSTNAME=0.0.0.0
      - DATABASE_URL=${CMS_DATABASE_URL}
      - MYSQL_DATABASE_URL=${MYSQL_DATABASE_URL}
      - SAM_DIAGNOSTICO_DATABASE_URL=${SAM_DIAGNOSTICO_DATABASE_URL}
      - WHISPER_URL=${PROD_WHISPER_URL:-https://whisper.t-800.norteamericano.cl}
      - LMS_INTERNAL_URL=http://experience:3002
      - NEXT_PUBLIC_LMS_API_URL=${NEXT_PUBLIC_LMS_API_URL}
    volumes:
      - uploads_data:/app/uploads
    env_file: .env
    extra_hosts:
      - "host.docker.internal:host-gateway"
      - "t-800:192.168.0.5"
    depends_on:
      db:
        condition: service_healthy
    networks:
      - openccb-network
    restart: always

  # ========================================
  # Experience + LMS
  # ========================================
  experience:
    build:
      context: .
      dockerfile: web/experience/Dockerfile
      args:
        NEXT_PUBLIC_LMS_API_URL: ${NEXT_PUBLIC_LMS_API_URL}
        NEXT_PUBLIC_CMS_API_URL: ${NEXT_PUBLIC_CMS_API_URL}
        NEXT_PUBLIC_STUDIO_DOMAIN: ${NEXT_PUBLIC_STUDIO_DOMAIN}
        NEXT_PUBLIC_LEARNING_DOMAIN: ${NEXT_PUBLIC_LEARNING_DOMAIN}
    container_name: openccb-experience
    environment:
      - VIRTUAL_HOST=${NEXT_PUBLIC_LEARNING_DOMAIN}
      - VIRTUAL_PORT=3003
      - LETSENCRYPT_HOST=${NEXT_PUBLIC_LEARNING_DOMAIN}
      - HTTPS_METHOD=noredirect
      - HSTS=off
      - HOSTNAME=0.0.0.0
      - DATABASE_URL=${LMS_DATABASE_URL}
      - NEXT_PUBLIC_CMS_API_URL=${NEXT_PUBLIC_CMS_API_URL}
      - SMTP_ENABLED=${SMTP_ENABLED:-false}
      - SMTP_HOST=${SMTP_HOST:-mailpit}
      - SMTP_PORT=${SMTP_PORT:-1025}
      - SMTP_FROM=${SMTP_FROM:-OpenCCB <no-reply@norteamericano.com>}
      - SMTP_USERNAME=${SMTP_USERNAME:-}
      - SMTP_PASSWORD=${SMTP_PASSWORD:-}
    env_file: .env
    extra_hosts:
      - "host.docker.internal:host-gateway"
      - "t-800:192.168.0.5"
    depends_on:
      db:
        condition: service_healthy
    networks:
      - openccb-network
    restart: always

# ========================================
# Volúmenes y Redes
# ========================================
volumes:
  postgres_data:
  uploads_data:
  certs:
  vhost:
  html:

networks:
  openccb-network:
    driver: bridge