services:
  # Shared PostgreSQL database for controller and scoreboard
  postgres:
    image: postgres:16
    container_name: adctrl-postgres
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-adctrl}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-adctrl_secure_password}
      POSTGRES_DB: ${POSTGRES_DB:-adctrl}
    volumes:
      - postgres-data:/var/lib/postgresql/data
      - ./init-db.sql:/docker-entrypoint-initdb.d/init-db.sql
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-adctrl}"]
      interval: 5s
      timeout: 5s
      retries: 5
    restart: unless-stopped
    networks:
      - adctrl-network

  # API Controller - manages docker services
  controller:
    build: ./controler
    container_name: adctrl-controller
    environment:
      DATABASE_URL: postgresql://${POSTGRES_USER:-adctrl}:${POSTGRES_PASSWORD:-adctrl_secure_password}@postgres:5432/${POSTGRES_DB:-adctrl}
      SECRET_TOKEN: ${SECRET_TOKEN}
      SERVICES_DIR: /services
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ${SERVICES_DIR:-./services}:/services
    depends_on:
      postgres:
        condition: service_healthy
    ports:
      - "8001:8001"
    restart: unless-stopped
    networks:
      - adctrl-network

  # Scoreboard Injector - monitors attacks via Socket.IO
  scoreboard-injector:
    build: ./scoreboard_injector
    container_name: adctrl-scoreboard
    environment:
      DATABASE_URL: postgresql://${POSTGRES_USER:-adctrl}:${POSTGRES_PASSWORD:-adctrl_secure_password}@postgres:5432/${POSTGRES_DB:-adctrl}
      SECRET_TOKEN: ${SECRET_TOKEN}
      SCOREBOARD_URL: ${SCOREBOARD_URL:-http://10.60.0.1:8080}
      OUR_TEAM_ID: ${OUR_TEAM_ID:-1}
      ALERT_THRESHOLD_POINTS: ${ALERT_THRESHOLD_POINTS:-5}
      ALERT_THRESHOLD_TIME: ${ALERT_THRESHOLD_TIME:-300}
      TELEGRAM_API_URL: http://tg-bot:8003/send
    depends_on:
      postgres:
        condition: service_healthy
      tg-bot:
        condition: service_started
    ports:
      - "8002:8002"
    restart: unless-stopped
    networks:
      - adctrl-network

  # Telegram Bot - sends notifications
  tg-bot:
    build: ./tg-bot
    container_name: adctrl-telegram
    environment:
      DATABASE_URL: postgresql://${POSTGRES_USER:-adctrl}:${POSTGRES_PASSWORD:-adctrl_secure_password}@postgres:5432/${POSTGRES_DB:-adctrl}
      SECRET_TOKEN: ${SECRET_TOKEN}
      TELEGRAM_BOT_TOKEN: ${TELEGRAM_BOT_TOKEN}
      TELEGRAM_CHAT_ID: ${TELEGRAM_CHAT_ID}
      CONTROLLER_API: http://controller:8001
    depends_on:
      postgres:
        condition: service_healthy
    ports:
      - "8003:8003"
    restart: unless-stopped
    networks:
      - adctrl-network

  # Web Dashboard
  web:
    build: ./web
    container_name: adctrl-web
    environment:
      DATABASE_URL: postgresql://${POSTGRES_USER:-adctrl}:${POSTGRES_PASSWORD:-adctrl_secure_password}@postgres:5432/${POSTGRES_DB:-adctrl}
      SECRET_TOKEN: ${SECRET_TOKEN}
      WEB_PASSWORD: ${WEB_PASSWORD:-admin123}
      FLASK_SECRET_KEY: ${FLASK_SECRET_KEY:-change-me-flask-secret}
      CONTROLLER_API: http://controller:8001
      SCOREBOARD_API: http://scoreboard-injector:8002
      TELEGRAM_API: http://tg-bot:8003
    depends_on:
      - controller
      - scoreboard-injector
      - tg-bot
    ports:
      - "8000:8000"
    restart: unless-stopped
    networks:
      - adctrl-network

volumes:
  postgres-data:

networks:
  adctrl-network:
    driver: bridge