services:
  postgres:
    image: postgres:16-alpine
    container_name: shinkan-db-prod
    environment:
      POSTGRES_DB: "${DB_NAME:-shinkan}"
      POSTGRES_USER: "${DB_USER:-shinkan_user}"
      POSTGRES_PASSWORD: ${DB_PASSWORD}
    volumes:
      - shinkan-db-data:/var/lib/postgresql/data
    # Nur localhost: DB nicht im LAN exponieren (Beta/Prod). Entferne 127.0.0.1: nur wenn du bewusst remote willst.
    ports:
      - "127.0.0.1:5434:5432"
    restart: unless-stopped
    networks:
      - shinkan-network

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile
    container_name: shinkan-api
    environment:
      DB_HOST: postgres
      DB_PORT: 5432
      DB_NAME: shinkan
      DB_USER: shinkan_user
      DB_PASSWORD: ${DB_PASSWORD}
      OPENROUTER_API_KEY: ${OPENROUTER_API_KEY}
      OPENROUTER_MODEL: ${OPENROUTER_MODEL}
      SMTP_HOST: ${SMTP_HOST}
      SMTP_PORT: ${SMTP_PORT}
      SMTP_USER: ${SMTP_USER}
      SMTP_PASS: ${SMTP_PASS}
      SMTP_FROM: ${SMTP_FROM}
      # SMTP_STARTTLS=false | SMTP_SSL=true nach Anbieter (z. B. Port 465)
      SMTP_SSL: ${SMTP_SSL:-}
      SMTP_STARTTLS: ${SMTP_STARTTLS:-}
      # Erste Self-Registration → Admin; oder ADMIN_BOOTSTRAP_EMAILS=mail@…,weitere@…
      AUTO_ADMIN_FIRST_USER: "${AUTO_ADMIN_FIRST_USER:-true}"
      ADMIN_BOOTSTRAP_EMAILS: "${ADMIN_BOOTSTRAP_EMAILS:-}"
      # Werte wie in .env (APP_URL, ALLOWED_ORIGINS, ENVIRONMENT) — keine zweite „Wahrheit“ in YAML
      APP_URL: "${APP_URL:-https://shinkan.jinkendo.de}"
      ALLOWED_ORIGINS: "${ALLOWED_ORIGINS:-https://shinkan.jinkendo.de}"
      ENVIRONMENT: "${ENVIRONMENT:-production}"
      # MediaWiki/SMW Import — in dev-env.yml bereits gesetzt; Prod brauchte diese Zeilen ebenfalls,
      # sonst: leere MEDIAWIKI_API_URL im Container → Import bricht ab (auf Test/Dev war es immer gesetzt).
      MEDIAWIKI_API_URL: "${MEDIAWIKI_API_URL:-https://karatetrainer.net/api.php}"
      MEDIAWIKI_USER: "${MEDIAWIKI_USER:-}"
      MEDIAWIKI_PASSWORD: "${MEDIAWIKI_PASSWORD:-}"
      MEDIAWIKI_CATEGORY_EXERCISES: "${MEDIAWIKI_CATEGORY_EXERCISES:-Übungen}"
      MEDIAWIKI_CATEGORY_SKILLS: "${MEDIAWIKI_CATEGORY_SKILLS:-Fähigkeitsbeschreibung}"
      MEDIAWIKI_CATEGORY_METHODS: "${MEDIAWIKI_CATEGORY_METHODS:-Methodenbeschreibung}"
      # Medien: Container-Pfad MEDIA_ROOT; Host-Pfad SHINKAN_MEDIA_HOST (in .env überschreiben; Default /shinkan-media).
      MEDIA_ROOT: "${MEDIA_ROOT:-/app/media}"
    volumes:
      - ${SHINKAN_MEDIA_HOST:-/shinkan-media}:${MEDIA_ROOT:-/app/media}
    ports:
      - "8003:8000"
    depends_on:
      - postgres
    restart: unless-stopped
    networks:
      - shinkan-network

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
      args:
        VITE_API_URL: ""
    container_name: shinkan-ui
    ports:
      - "3003:80"
    depends_on:
      - backend
    restart: unless-stopped
    networks:
      - shinkan-network

volumes:
  shinkan-db-data:

networks:
  shinkan-network:
    driver: bridge