# TODO: use docker-compose extend: for compact purpose
version: '3.0'
networks:
    ctel-sbt:
      driver: bridge

services:
  cope2n-fi-sbt:
    shm_size: 10gb
    mem_limit: 10gb
    restart: always
    image: public.ecr.aws/v4n9y6r8/sidp/cope2n-ai-fi-sbt:{{tag}}
    networks:
      - ctel-sbt
    privileged: true
    environment:
      - LOG_ROOT=${AI_LOG_ROOT}
      - CELERY_BROKER=amqp://${RABBITMQ_DEFAULT_USER}:${RABBITMQ_DEFAULT_PASS}@rabbitmq-sbt:5672
    working_dir: /workspace/cope2n-ai-fi
    command: bash run.sh
    deploy:
      mode: replicated
      replicas: 2
  # Back-end services
  be-ctel-sbt:
    environment:
      - MEDIA_ROOT=${MEDIA_ROOT}
      - LOG_ROOT=${LOG_ROOT}
      - DB_ENGINE=${DB_ENGINE}
      - DB_SCHEMA=${DB_SCHEMA}
      - DB_USER=${DB_USER}
      - DB_PASSWORD=${DB_PASSWORD}
      - DB_HOST=${DB_HOST}
      - DB_PORT=${DB_PUBLIC_PORT}
      - DEBUG=${DEBUG}
      - CORS_ALLOWED_ORIGINS=${CORS_ALLOWED_ORIGINS}
      - BASE_PORT=${BASE_PORT}
      - CTEL_KEY=${CTEL_KEY}
      - SECRET_KEY=${SECRET_KEY}
      - DB_INTERNAL_KEY=${DB_INTERNAL_KEY}
      - ALLOWED_HOSTS=${ALLOWED_HOSTS}
      - BROKER_URL=amqp://${RABBITMQ_DEFAULT_USER}:${RABBITMQ_DEFAULT_PASS}@rabbitmq-sbt:5672
      - BASE_URL=http://be-ctel-sbt:${BASE_PORT}
      - BASE_UI_URL=http://fe:${VITE_PORT}
      - AUTH_TOKEN_LIFE_TIME=${AUTH_TOKEN_LIFE_TIME}
      - IMAGE_TOKEN_LIFE_TIME=${IMAGE_TOKEN_LIFE_TIME}
      - INTERNAL_SDS_KEY=${INTERNAL_SDS_KEY}
      - ADMIN_USER_NAME=${ADMIN_USER_NAME}
      - ADMIN_PASSWORD=${ADMIN_PASSWORD}
      - STANDARD_USER_NAME=${STANDARD_USER_NAME}
      - STANDARD_PASSWORD=${STANDARD_PASSWORD}
      - S3_ENDPOINT=${S3_ENDPOINT}
      - S3_ACCESS_KEY=${S3_ACCESS_KEY}
      - S3_SECRET_KEY=${S3_SECRET_KEY}
      - S3_BUCKET_NAME=${S3_BUCKET_NAME}
    restart: always
    healthcheck:
      test: ["CMD-SHELL", "curl --fail http://localhost:9000/api/ctel/healthcheck || exit 1"]
      interval: 10s
      timeout: 5s
      retries: 50
    privileged: true # for chmod
    mem_limit: 10gb
    image: public.ecr.aws/v4n9y6r8/sidp/cope2n-be-fi-sbt:{{tag}}
    networks:
      - ctel-sbt
    volumes:
      - BE_media:${MEDIA_ROOT}
      - BE_static:/app/static
      - /var/log:${LOG_ROOT}
    working_dir: /app
    command: sh -c "sudo chmod -R 777 /app; sleep 5; python manage.py collectstatic --no-input &&
                  python manage.py migrate &&
                  python manage.py compilemessages &&
                  gunicorn fwd.asgi:application -k uvicorn.workers.UvicornWorker --timeout 300 -b 0.0.0.0:9000" # pre-makemigrations on prod
  minio:
    image: minio/minio
    environment:
    - MINIO_ROOT_USER=${S3_ACCESS_KEY}
    - MINIO_ROOT_PASSWORD=${S3_SECRET_KEY}
    - MINIO_ACCESS_KEY=${S3_ACCESS_KEY}
    - MINIO_SECRET_KEY=${S3_SECRET_KEY}
    volumes:
    - ./data/minio_data:/data
    networks:
    - ctel-sbt
    restart: always
    command: server --address :9884 --console-address :9885 /data
    profiles: ["local"]

  createbuckets:
    image: minio/mc
    depends_on:
      - minio
    entrypoint: >
      /bin/sh -c "
      /usr/bin/mc alias set myminio http://minio:9884 ${S3_ACCESS_KEY} ${S3_SECRET_KEY};
      /usr/bin/mc mb myminio/${S3_BUCKET_NAME};
      /usr/bin/mc policy set public myminio/${S3_BUCKET_NAME};
      exit 0;
      "
    networks:
    - ctel-sbt
    profiles: ["local"]

  result-cache:
    image: redis:6.2-alpine
    restart: always
    mem_limit: 10gb
    command: redis-server --save 20 1 --loglevel warning
    networks:
      - ctel-sbt

  be-celery-sbt:
    environment:
      - MEDIA_ROOT=${MEDIA_ROOT}
      - LOG_ROOT=${LOG_ROOT}
      - PYTHONPATH=${PYTHONPATH}:/app  # For import module
      - PYTHONUNBUFFERED=1  # For show print log
      - DB_ENGINE=${DB_ENGINE}
      - DB_SCHEMA=${DB_SCHEMA}
      - DB_USER=${DB_USER}
      - DB_PASSWORD=${DB_PASSWORD}
      - DB_HOST=${DB_HOST}
      - DB_PORT=${DB_PUBLIC_PORT}
      - BROKER_URL=amqp://${RABBITMQ_DEFAULT_USER}:${RABBITMQ_DEFAULT_PASS}@rabbitmq-sbt:5672
      - BASE_UI_URL=http://fe:${VITE_PORT}
      - DEBUG=${DEBUG}
      - DB_INTERNAL_KEY=${DB_INTERNAL_KEY}
      - IMAGE_TOKEN_LIFE_TIME=${IMAGE_TOKEN_LIFE_TIME}
      - CTEL_KEY=${CTEL_KEY}
      - SECRET_KEY=${SECRET_KEY}
      - ALLOWED_HOSTS=${ALLOWED_HOSTS}
      - S3_ENDPOINT=${S3_ENDPOINT}
      - S3_ACCESS_KEY=${S3_ACCESS_KEY}
      - S3_SECRET_KEY=${S3_SECRET_KEY}
      - S3_BUCKET_NAME=${S3_BUCKET_NAME}
      - BASE_URL=http://be-ctel-sbt:${BASE_PORT}
      - REDIS_HOST=result-cache
      - REDIS_PORT=6379
    restart: always
    image: public.ecr.aws/v4n9y6r8/sidp/cope2n-be-fi-sbt:{{tag}}
    networks:
      - ctel-sbt
    depends_on:
      rabbitmq-sbt:
        condition: service_started
    volumes:
      - /var/log:${LOG_ROOT}
      - BE_media:${MEDIA_ROOT}
    working_dir: /app
    command: sh -c "celery -A fwd_api.celery_worker.worker worker -l INFO -c 5"

  # Back-end persistent
  db-sbt:
    restart: always
    mem_reservation: 500m
    image: postgres:15.4-alpine
    volumes:
      - ./data/postgres_data:/var/lib/postgresql/data
    networks:
      - ctel-sbt
    environment:
      - POSTGRES_USER=${DB_USER}
      - POSTGRES_PASSWORD=${DB_PASSWORD}
      - POSTGRES_DB=${DB_SCHEMA}
    profiles: ["local"]

  rabbitmq-sbt:
    mem_reservation: 600m
    restart: always
    image: rabbitmq:3.10-alpine
    working_dir: /workspace/cope2n-api
    networks:
      - ctel-sbt
    environment:
      - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
      - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}

  # Front-end services
  fe-sbt:
    restart: always
    mem_limit: 4gb
    shm_size: 10gb
    image: public.ecr.aws/v4n9y6r8/sidp/cope2n-fe-fi-sbt:{{tag}}
    privileged: true
    ports:
      - 80:80
    depends_on:
      be-ctel-sbt:
        condition: service_started
      be-celery-sbt:
        condition: service_started
    environment:
      - VITE_PROXY=http://be-ctel-sbt:${BASE_PORT}
      - VITE_API_BASE_URL=http://fe-sbt:80
    volumes:
      - BE_static:/backend-static
    networks:
      - ctel-sbt
  
  dashboard_refresh:
    image: public.ecr.aws/v4n9y6r8/sidp/api-caller-sbt:{{tag}}
    environment:
      - PROXY=http://be-ctel-sbt:9000
      - ADMIN_USER_NAME=${ADMIN_USER_NAME}
      - ADMIN_PASSWORD=${ADMIN_PASSWORD}
    depends_on:
      be-ctel-sbt:
        condition: service_healthy
    restart: always
    networks:
      - ctel-sbt

volumes:
  db_data:
  BE_static:
  BE_media: