services:
  backend:
    image: ${BACKEND_IMAGE:-git.init.cool/cool/termi-astro-backend:latest}
    pull_policy: always
    restart: unless-stopped
    # 对 tohka 这类小内存主机，建议给服务设置明确上限，
    # 避免 AI 重建索引时把整机拖进 swap 抖动 / OOM。
    mem_limit: ${BACKEND_MEMORY_LIMIT:-768m}
    memswap_limit: ${BACKEND_MEMORY_SWAP_LIMIT:-768m}
    environment:
      PORT: 5150
      APP_BASE_URL: ${APP_BASE_URL:-http://localhost:5150}
      DATABASE_URL: ${DATABASE_URL:?DATABASE_URL is required}
      REDIS_URL: ${REDIS_URL:?REDIS_URL is required}
      JWT_SECRET: ${JWT_SECRET:?JWT_SECRET is required}
      # 当前推荐把 admin 放在受保护的后台域名下（同域转发 /api 到 backend），
      # 然后让 backend 信任 TinyAuth / Pocket ID 通过 Caddy 注入的认证头。
      # 如启用代理 SSO，建议同时配置 TERMI_ADMIN_PROXY_SHARED_SECRET，
      # 并让 Caddy 在转发 /api 到 backend 时附带 X-Termi-Proxy-Secret。
      TERMI_ADMIN_TRUST_PROXY_AUTH: ${TERMI_ADMIN_TRUST_PROXY_AUTH:-false}
      TERMI_ADMIN_LOCAL_LOGIN_ENABLED: ${TERMI_ADMIN_LOCAL_LOGIN_ENABLED:-true}
      TERMI_ADMIN_PROXY_SHARED_SECRET: ${TERMI_ADMIN_PROXY_SHARED_SECRET:-}
      TERMI_TURNSTILE_SECRET_KEY: ${TERMI_TURNSTILE_SECRET_KEY:-}
      PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY: ${PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY:-}
      TERMI_WEB_PUSH_VAPID_PRIVATE_KEY: ${TERMI_WEB_PUSH_VAPID_PRIVATE_KEY:-}
      TERMI_WEB_PUSH_VAPID_SUBJECT: ${TERMI_WEB_PUSH_VAPID_SUBJECT:-}
      RUST_LOG: ${RUST_LOG:-info}
    ports:
      # 这是“直连端口”示例；如果前面接 tohka 宿主机 Caddy，
      # 推荐叠加 compose.tohka.override.yml，把 backend 只绑定到 127.0.0.1。
      - '${BACKEND_PORT:-5150}:5150'

  backend-worker:
    image: ${BACKEND_IMAGE:-git.init.cool/cool/termi-astro-backend:latest}
    pull_policy: always
    restart: unless-stopped
    mem_limit: ${BACKEND_WORKER_MEMORY_LIMIT:-1g}
    memswap_limit: ${BACKEND_WORKER_MEMORY_SWAP_LIMIT:-1g}
    depends_on:
      backend:
        condition: service_healthy
    command: ['termi_api-cli', '-e', 'production', 'start', '--worker']
    environment:
      PORT: 5150
      APP_BASE_URL: ${APP_BASE_URL:-http://localhost:5150}
      DATABASE_URL: ${DATABASE_URL:?DATABASE_URL is required}
      REDIS_URL: ${REDIS_URL:?REDIS_URL is required}
      JWT_SECRET: ${JWT_SECRET:?JWT_SECRET is required}
      TERMI_ADMIN_TRUST_PROXY_AUTH: ${TERMI_ADMIN_TRUST_PROXY_AUTH:-false}
      TERMI_ADMIN_LOCAL_LOGIN_ENABLED: ${TERMI_ADMIN_LOCAL_LOGIN_ENABLED:-true}
      TERMI_ADMIN_PROXY_SHARED_SECRET: ${TERMI_ADMIN_PROXY_SHARED_SECRET:-}
      PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY: ${PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY:-}
      TERMI_WEB_PUSH_VAPID_PRIVATE_KEY: ${TERMI_WEB_PUSH_VAPID_PRIVATE_KEY:-}
      TERMI_WEB_PUSH_VAPID_SUBJECT: ${TERMI_WEB_PUSH_VAPID_SUBJECT:-}
      RUST_LOG: ${RUST_LOG:-info}
      TERMI_SKIP_MIGRATIONS: 'true'
    # backend 镜像默认 healthcheck 会探测 HTTP /healthz，
    # 但 worker 模式不监听 5150，所以这里改成“主进程仍然是 --worker”检查。
    healthcheck:
      test:
        ['CMD-SHELL', "test -r /proc/1/cmdline && tr '\\000' ' ' </proc/1/cmdline | grep -q -- '--worker'"]
      interval: 30s
      timeout: 3s
      start_period: 15s
      retries: 5

  frontend:
    image: ${FRONTEND_IMAGE:-git.init.cool/cool/termi-astro-frontend:latest}
    pull_policy: always
    restart: unless-stopped
    mem_limit: ${FRONTEND_MEMORY_LIMIT:-256m}
    memswap_limit: ${FRONTEND_MEMORY_SWAP_LIMIT:-256m}
    depends_on:
      backend:
        condition: service_healthy
    environment:
      # frontend 是 Astro SSR(Node)：
      # - INTERNAL_API_BASE_URL 给服务端渲染访问 backend 用
      # - PUBLIC_API_BASE_URL 给浏览器里的评论 / AI 问答等请求用
      # - PUBLIC_COMMENT_TURNSTILE_SITE_KEY 给评论 / 订阅表单的人机验证组件用
      # - PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY 给浏览器推送订阅用
      # - PUBLIC_IMAGE_ALLOWED_HOSTS 给前台图片优化端点 /_img 放行额外图片域名
      INTERNAL_API_BASE_URL: ${INTERNAL_API_BASE_URL:-http://backend:5150/api}
      PUBLIC_API_BASE_URL: ${PUBLIC_API_BASE_URL:-}
      PUBLIC_COMMENT_TURNSTILE_SITE_KEY: ${PUBLIC_COMMENT_TURNSTILE_SITE_KEY:-}
      PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY: ${PUBLIC_WEB_PUSH_VAPID_PUBLIC_KEY:-}
      PUBLIC_IMAGE_ALLOWED_HOSTS: ${PUBLIC_IMAGE_ALLOWED_HOSTS:-}
      INDEXNOW_KEY: ${INDEXNOW_KEY:-}
    # frontend 是 Astro SSR(Node) 服务，容器内部监听 4321
    # 生产建议由网关统一反代，仅对外开放 80/443
    ports:
      - '${FRONTEND_PORT:-4321}:4321'

  admin:
    image: ${ADMIN_IMAGE:-git.init.cool/cool/termi-astro-admin:latest}
    pull_policy: always
    restart: unless-stopped
    mem_limit: ${ADMIN_MEMORY_LIMIT:-128m}
    memswap_limit: ${ADMIN_MEMORY_SWAP_LIMIT:-128m}
    depends_on:
      backend:
        condition: service_healthy
    environment:
      ADMIN_API_BASE_URL: ${ADMIN_API_BASE_URL:-}
      ADMIN_FRONTEND_BASE_URL: ${ADMIN_FRONTEND_BASE_URL:-}
    # admin 是静态 SPA，由 Nginx 在容器内监听 80
    # API 与“打开前台 / AI 问答 / 文章预览”这类地址都优先读取运行时环境变量
    # ADMIN_API_BASE_URL / ADMIN_FRONTEND_BASE_URL；未设置时再回退到构建期值 / 同主机默认端口
    ports:
      # 如果 admin 域名由宿主机 Caddy 统一反代，推荐改成 127.0.0.1 绑定。
      - '${ADMIN_PORT:-4322}:80'