# Visigine — single-stack compose. Frontend (nginx) is the only ingress;
# the backend container is reachable only over the internal docker network.
#
# Secrets (MISTRAL_KEY, ADMIN_TOKEN) are read from ../server/.env.
# Deployment vars (NODE_ENV, ALLOWED_ORIGINS, …) are overridden here.

name: visigine

services:
  backend:
    build:
      context: ..
      dockerfile: docker/backend.Dockerfile
    # Secrets are injected from Coolify env vars (set them in the Coolify UI).
    # server/.env is git-ignored and absent in Coolify's clone — so no env_file.
    environment:
      NODE_ENV: production
      PORT: "3001"
      ALLOWED_ORIGINS: "https://visigine.de"
      ALLOW_PRIVATE_HOSTS: "0"
      DB_PATH: "/data/visigine.db"
      MISTRAL_KEY: ${MISTRAL_KEY}
      ADMIN_TOKEN: ${ADMIN_TOKEN}
      OPENAI_KEY: ${OPENAI_KEY:-}
      PERPLEXITY_KEY: ${PERPLEXITY_KEY:-}
      ANTHROPIC_KEY: ${ANTHROPIC_KEY:-}
    expose:
      - "3001"
    volumes:
      # Persist the SQLite file across container rebuilds.
      - visigine_data:/data
    restart: unless-stopped
    networks:
      - visigine

  frontend:
    build:
      context: ..
      dockerfile: docker/frontend.Dockerfile
    # No host port binding: on the Coolify server host-port 8080 is already taken
    # by the Coolify/Traefik proxy. Coolify routes the domain (visigine.de) to
    # this container's port 80 via Traefik. For local `docker compose` testing,
    # temporarily add:  ports: ["8090:80"]
    expose:
      - "80"
    depends_on:
      backend:
        condition: service_healthy
    restart: unless-stopped
    networks:
      - visigine

networks:
  visigine:
    driver: bridge

volumes:
  visigine_data: