version: '3.8'

services:
  # ═══════════════════════════════════════════════════════════
  # Backend API Server
  # ═══════════════════════════════════════════════════════════
  server:
    build:
      context: ./apps/server
      dockerfile: Dockerfile
    ports:
      - "4000:4000"
    environment:
      - NODE_ENV=production
      - PORT=4000
      - CLIENT_URL=http://localhost:3000
      - DATABASE_URL=postgresql://codesync:codesync@postgres:5432/codesync
      - UPSTASH_REDIS_URL=${UPSTASH_REDIS_URL}
      - UPSTASH_REDIS_TOKEN=${UPSTASH_REDIS_TOKEN}
      - JWT_ACCESS_SECRET=${JWT_ACCESS_SECRET}
      - JWT_REFRESH_SECRET=${JWT_REFRESH_SECRET}
      - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}
      - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}
      - OPENROUTER_API_KEY=${OPENROUTER_API_KEY}
      - DOCKER_SOCKET=/var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      postgres:
        condition: service_healthy
    restart: unless-stopped
    networks:
      - codesync-net

  # ═══════════════════════════════════════════════════════════
  # Frontend (Next.js)
  # ═══════════════════════════════════════════════════════════
  web:
    build:
      context: ./apps/web
      dockerfile: Dockerfile
    ports:
      - "3000:3000"
    environment:
      - NEXT_PUBLIC_API_URL=http://localhost:4000
    depends_on:
      - server
    restart: unless-stopped
    networks:
      - codesync-net

  # ═══════════════════════════════════════════════════════════
  # PostgreSQL Database
  # ═══════════════════════════════════════════════════════════
  postgres:
    image: postgres:16-alpine
    environment:
      POSTGRES_DB: codesync
      POSTGRES_USER: codesync
      POSTGRES_PASSWORD: codesync
    ports:
      - "5432:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U codesync"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped
    networks:
      - codesync-net

  # ═══════════════════════════════════════════════════════════
  # Redis (local development — use Upstash in production)
  # ═══════════════════════════════════════════════════════════
  redis:
    image: redis:7-alpine
    ports:
      - "6379:6379"
    command: redis-server --appendonly yes --maxmemory 128mb --maxmemory-policy allkeys-lru
    volumes:
      - redis_data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 5s
      timeout: 3s
      retries: 5
    restart: unless-stopped
    networks:
      - codesync-net

volumes:
  postgres_data:
  redis_data:

networks:
  codesync-net:
    driver: bridge
    # Isolated network for sandbox containers
  codesync-sandbox:
    driver: bridge
    internal: true  # No external access