services:
  # PostgreSQL Database
  postgres:
    image: postgres:15
    environment:
      POSTGRES_DB: hr_ai
      POSTGRES_USER: hr_user
      POSTGRES_PASSWORD: hr_password
    volumes:
      - postgres_data:/var/lib/postgresql/data
    ports:
      - "5432:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U hr_user -d hr_ai"]
      interval: 30s
      timeout: 10s
      retries: 5

  # Redis for Celery and caching
  redis:
    image: redis:7-alpine
    ports:
      - "6379:6379"
    volumes:
      - redis_data:/data
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 30s
      timeout: 10s
      retries: 3

  # LiveKit Server
  livekit:
    image: livekit/livekit-server:latest
    ports:
      - "7880:7880"
      - "7881:7881"
      - "7882:7882/udp"
      - "3478:3478/udp"
    volumes:
      - caddy_data:/certs
    depends_on:
      - caddy
    restart: unless-stopped
    environment:
      LIVEKIT_CONFIG: |
        keys:
          devkey: devkey_secret_32chars_minimum_length
        webhook:
          api_key: devkey
        turn:
          enabled: true
          tls_port: 5349
          domain: hr.aiquity.xyz
          cert_file: /certs/certificates/acme-v02.api.letsencrypt.org-directory/${DOMAIN:-localhost}/${DOMAIN:-localhost}.crt
          key_file: /certs/certificates/acme-v02.api.letsencrypt.org-directory/${DOMAIN:-localhost}/${DOMAIN:-localhost}.key
        port: 7880
        rtc:
          tcp_port: 7881
          port_range_start: 50000
          port_range_end: 60000
          use_external_ip: true
        redis:
          address: redis:6379
        

  # HR AI Backend
  backend:
    image: cr.yandex/crp9p5rtbnbop36duusi/hr-ai-backend:latest
    expose:
      - "8000"
    env_file:
      - .env
    environment:
      - DATABASE_URL=postgresql+asyncpg://hr_user:hr_password@postgres:5432/hr_ai
      - REDIS_CACHE_URL=redis
      - REDIS_CACHE_PORT=6379
      - REDIS_CACHE_DB=0
      - LIVEKIT_URL=ws://livekit:7880
      - LIVEKIT_API_KEY=devkey
      - LIVEKIT_API_SECRET=devkey_secret_32chars_minimum_length
      - APP_ENV=development
      - DEBUG=true
    volumes:
      - ./agent_commands:/tmp/agent_commands
      - backend_uploads:/app/uploads
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
      livekit:
        condition: service_started
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
      interval: 30s
      timeout: 10s
      retries: 3


  # Caddy reverse proxy with automatic HTTPS
  caddy:
    image: caddy:2-alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - caddy_data:/data
      - caddy_config:/config
    depends_on:
      - backend
      - livekit
    environment:
      - DOMAIN=${DOMAIN:-localhost}
    restart: unless-stopped

  frontend:
    image: cr.yandex/crp9p5rtbnbop36duusi/hr-ai-frontend:latest
    expose:
      - "3000"
    environment:
      - NODE_ENV=production
    restart: unless-stopped
    volumes:
      - ./.env.local:/app/.env.local:ro
volumes:
  postgres_data:
  redis_data:
  backend_uploads:
  caddy_data:
  caddy_config: