services:
  # Hive Backend API
  hive-backend:
    image: anthonyrawlins/hive-backend:latest
    build:
      context: ./backend
      dockerfile: Dockerfile
    environment:
      - DATABASE_URL=postgresql://hive:hivepass@postgres:5432/hive
      - REDIS_URL=redis://redis:6379
      - ENVIRONMENT=production
      - LOG_LEVEL=info
      - CORS_ORIGINS=https://hive.home.deepblack.cloud
    depends_on:
      - postgres
      - redis
    networks:
      - hive-network
      - tengig
    deploy:
      replicas: 2
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hive-api.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/api`)"
      - "traefik.http.routers.hive-api.entrypoints=web-secured"
      - "traefik.http.routers.hive-api.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.hive-api.loadbalancer.server.port=8000"
      - "traefik.docker.network=tengig"

  # Hive Frontend
  hive-frontend:
    image: anthonyrawlins/hive-frontend:latest
    build:
      context: ./frontend
      dockerfile: Dockerfile
    environment:
      - REACT_APP_API_URL=https://hive.home.deepblack.cloud/api
      - REACT_APP_WS_URL=wss://hive.home.deepblack.cloud/ws
    depends_on:
      - hive-backend
    networks:
      - hive-network
      - tengig
    deploy:
      replicas: 2
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
      resources:
        limits:
          memory: 256M
        reservations:
          memory: 128M
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hive.rule=Host(`hive.home.deepblack.cloud`)"
      - "traefik.http.routers.hive.entrypoints=web-secured"
      - "traefik.http.routers.hive.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.hive.loadbalancer.server.port=3000"
      - "traefik.docker.network=tengig"
      # HTTP redirect to HTTPS
      - "traefik.http.routers.hive-web.rule=Host(`hive.home.deepblack.cloud`)"
      - "traefik.http.routers.hive-web.entrypoints=web"
      - "traefik.http.routers.hive-web.middlewares=redirect-to-https@docker"

  # PostgreSQL Database
  postgres:
    image: postgres:15
    environment:
      - POSTGRES_DB=hive
      - POSTGRES_USER=hive
      - POSTGRES_PASSWORD=hivepass
      - PGDATA=/var/lib/postgresql/data/pgdata
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - hive-network
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      placement:
        constraints:
          - node.role == manager

  # Redis Cache
  redis:
    image: redis:7-alpine
    command: redis-server --appendonly yes --maxmemory 256mb --maxmemory-policy allkeys-lru
    volumes:
      - redis_data:/data
    networks:
      - hive-network
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 5s
        max_attempts: 3
      resources:
        limits:
          memory: 256M
        reservations:
          memory: 128M

  # Prometheus Metrics
  prometheus:
    image: prom/prometheus:latest
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--storage.tsdb.retention.time=30d'
      - '--web.enable-lifecycle'
    volumes:
      - prometheus_data:/prometheus
    networks:
      - hive-network
      - tengig
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      placement:
        constraints:
          - node.role == manager
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hive-prometheus.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/prometheus`)"
      - "traefik.http.routers.hive-prometheus.entrypoints=web-secured"
      - "traefik.http.routers.hive-prometheus.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.hive-prometheus.loadbalancer.server.port=9090"
      - "traefik.docker.network=tengig"

  # Grafana Dashboard
  grafana:
    image: grafana/grafana:latest
    environment:
      - GF_SECURITY_ADMIN_USER=admin
      - GF_SECURITY_ADMIN_PASSWORD=hiveadmin
      - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
      - GF_SERVER_ROOT_URL=https://hive.home.deepblack.cloud/grafana
      - GF_SERVER_SERVE_FROM_SUB_PATH=true
    volumes:
      - grafana_data:/var/lib/grafana
    depends_on:
      - prometheus
    networks:
      - hive-network
      - tengig
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
      resources:
        limits:
          memory: 512M
        reservations:
          memory: 256M
      placement:
        constraints:
          - node.role == manager
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hive-grafana.rule=Host(`hive.home.deepblack.cloud`) && PathPrefix(`/grafana`)"
      - "traefik.http.routers.hive-grafana.entrypoints=web-secured"
      - "traefik.http.routers.hive-grafana.tls.certresolver=letsencryptresolver"
      - "traefik.http.services.hive-grafana.loadbalancer.server.port=3000"
      - "traefik.docker.network=tengig"

networks:
  hive-network:
    driver: overlay
    attachable: true
  tengig:
    external: true

volumes:
  postgres_data:
  redis_data:
  prometheus_data:
  grafana_data: