version: '3.8'

services:
  postgres:
    image: postgres:14-alpine
    container_name: license-db
    ports:
      - "5431:5432"
    environment:
      POSTGRES_USER: license_admin
      POSTGRES_PASSWORD: secure_license_pass_123
      POSTGRES_DB: license_verification
      POSTGRES_INIT_DB_ARGS: "--encoding=UTF8 --locale=en_US.UTF-8"
    volumes:
      - postgres_data:/var/lib/postgresql/data
      - ./db/init:/docker-entrypoint-initdb.d
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U license_admin -d license_verification"]
      interval: 5s
      timeout: 5s
      retries: 5
      start_period: 10s
    networks:
      - zkp-network
    deploy:
      resources:
        limits:
          memory: 1G

  zkp-engine:
    build:
      context: ./zkp-service
      dockerfile: Dockerfile
      args:
        NODE_ENV: development
    container_name: zkp-engine
    ports:
      - "8080:8080" 
      - "8081:8081" 
    environment:
      DATABASE_URL: postgresql://license_admin:secure_license_pass_123@postgres:5432/license_verification
      CIRCUIT_PATH: /app/circuits/build
      PROVING_KEYS_PATH: /app/keys
      NODE_ENV: development
      LOG_LEVEL: info
      NODE_OPTIONS: "--max-old-space-size=4096"  
    volumes:
      - ./zkp-service:/app
      - /app/node_modules
      - proving_keys:/app/keys
      - circuit_artifacts:/app/circuits/build
      - ptau_files:/app/ptau
    depends_on:
      postgres:
        condition: service_healthy
    networks:
      - zkp-network
    deploy:
      resources:
        limits:
          memory: 4G 
        reservations:
          memory: 2G

  # Merkle Tree Manager with Poseidon Hashing
  merkle-service:
    build:
      context: ./merkle-service
      dockerfile: Dockerfile
    container_name: merkle-manager
    ports:
      - "8082:8082"
    environment:
      DATABASE_URL: postgresql://license_admin:secure_license_pass_123@postgres:5432/license_verification
      TREE_DEPTH: 17  # ~1M licenses
      UPDATE_INTERVAL: 3600
      NODE_ENV: development
      CACHE_ENABLED: true
      NODE_OPTIONS: "--max-old-space-size=2048"
    volumes:
      - ./merkle-service:/app
      - /app/node_modules
      - merkle_cache:/app/cache
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_healthy
    networks:
      - zkp-network
    deploy:
      resources:
        limits:
          memory: 2G

  # Test Frontend with Real ZKP Support
  test-frontend:
    build:
      context: ./test-frontend
      dockerfile: Dockerfile
    container_name: test-ui
    ports:
      - "3000:3000"
    environment:
      REACT_APP_ZKP_ENDPOINT: http://localhost:8080
      REACT_APP_MERKLE_ENDPOINT: http://localhost:8082
      REACT_APP_ENABLE_BENCHMARKS: true
      NODE_ENV: development
      CIRCUIT_PATH: /app/circuits/build
      PROVING_KEYS_PATH: /app/keys
    volumes:
      - ./test-frontend:/app
      - /app/node_modules
      - ./zkp-service/circuits:/app/circuits/source:ro 
      - circuit_artifacts:/app/circuits/build:ro  # Read-only 
      - proving_keys:/app/keys:ro                  # Read-only
    depends_on:
      - zkp-engine
      - merkle-service
    networks:
      - zkp-network

  # Redis for caching Merkle proofs
  redis:
    image: redis:7-alpine
    container_name: license-cache
    ports:
      - "6379:6379"
    volumes:
      - redis_data:/data
    command: >
      redis-server 
      --appendonly yes 
      --maxmemory 512mb 
      --maxmemory-policy allkeys-lru
      --save 60 1
      --save 300 10
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 5s
      timeout: 3s
      retries: 5
    networks:
      - zkp-network
    deploy:
      resources:
        limits:
          memory: 512M

  # Circom compiler service (optional, for development)
  circom-builder:
    build:
      context: ./circom-builder
      dockerfile: Dockerfile
    container_name: circom-builder
    volumes:
      - ./zkp-service/circuits:/circuits
      - circuit_artifacts:/circuits/build
      - ptau_files:/ptau
    networks:
      - zkp-network
    profiles:
      - development
    command: tail -f /dev/null  # Keep container running

  # Performance Monitor
  prometheus:
    image: prom/prometheus:latest
    container_name: zkp-metrics
    ports:
      - "9090:9090"
    volumes:
      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus_data:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
      - '--web.console.templates=/usr/share/prometheus/consoles'
    networks:
      - zkp-network
    profiles:
      - monitoring

  # Grafana Dashboard (optional)
  grafana:
    image: grafana/grafana:latest
    container_name: zkp-dashboard
    ports:
      - "3001:3000"
    environment:
      GF_SECURITY_ADMIN_PASSWORD: admin
      GF_INSTALL_PLUGINS: redis-datasource
    volumes:
      - grafana_data:/var/lib/grafana
      - ./monitoring/grafana:/etc/grafana/provisioning
    depends_on:
      - prometheus
    networks:
      - zkp-network
    profiles:
      - monitoring

volumes:
  postgres_data:
    driver: local
  redis_data:
    driver: local
  proving_keys:
    driver: local
  circuit_artifacts:
    driver: local
  ptau_files:
    driver: local
  merkle_cache:
    driver: local
  prometheus_data:
    driver: local
  grafana_data:
    driver: local

networks:
  zkp-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.25.0.0/16
          gateway: 172.25.0.1