# =============================================================================
# MPC Service - Docker Compose (Development/Standalone)
# =============================================================================
# For production, use the root docker-compose.yml in ../
#
# For standalone development:
#   1. First start shared infrastructure: cd .. && ./deploy.sh up postgres redis kafka
#   2. Then: docker compose up -d --build
# =============================================================================

services:
  mpc-service:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: rwa-mpc-service
    ports:
      - "3006:3006"
    environment:
      # Application
      NODE_ENV: production
      APP_PORT: 3006
      API_PREFIX: api/v1
      # Database (shared PostgreSQL)
      DATABASE_URL: postgresql://rwa_user:rwa_secure_password@rwa-postgres:5432/rwa_mpc?schema=public
      # Redis (shared)
      REDIS_HOST: rwa-redis
      REDIS_PORT: 6379
      REDIS_PASSWORD: ${REDIS_PASSWORD:-}
      REDIS_DB: 5
      # JWT
      JWT_SECRET: ${JWT_SECRET:-your-jwt-secret-change-in-production}
      JWT_ACCESS_EXPIRES_IN: 2h
      JWT_REFRESH_EXPIRES_IN: 30d
      # Kafka (shared)
      KAFKA_BROKERS: rwa-kafka:29092
      KAFKA_CLIENT_ID: mpc-service
      KAFKA_GROUP_ID: mpc-service-group
      # MPC System (Go/TSS Backend - deployed on 192.168.1.111)
      MPC_ACCOUNT_SERVICE_URL: ${MPC_ACCOUNT_SERVICE_URL:-http://192.168.1.111:4000}
      MPC_COORDINATOR_URL: ${MPC_COORDINATOR_URL:-http://192.168.1.111:8081}
      MPC_SESSION_COORDINATOR_URL: ${MPC_SESSION_COORDINATOR_URL:-http://192.168.1.111:8081}
      MPC_MESSAGE_ROUTER_WS_URL: ${MPC_MESSAGE_ROUTER_WS_URL:-ws://192.168.1.111:8082}
      MPC_SERVER_PARTY_API_URL: ${MPC_SERVER_PARTY_API_URL:-http://192.168.1.111:8083}
      MPC_API_KEY: ${MPC_API_KEY:-rwa-mpc-api-key-2024-secure-access-token}
      MPC_COORDINATOR_TIMEOUT: 30000
      # Share Encryption
      SHARE_MASTER_KEY: ${SHARE_MASTER_KEY:-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef}
      # Backup Service
      BACKUP_SERVICE_URL: ${BACKUP_SERVICE_URL:-http://rwa-backup-service:3002}
      BACKUP_SERVICE_ENABLED: ${BACKUP_SERVICE_ENABLED:-true}
      SERVICE_JWT_SECRET: ${SERVICE_JWT_SECRET:-your-service-jwt-secret-change-in-production}
      # Timeouts
      MPC_KEYGEN_TIMEOUT: 300000
      MPC_SIGNING_TIMEOUT: 180000
      MPC_REFRESH_TIMEOUT: 300000
    volumes:
      - ./logs:/app/logs
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:3006/api/v1/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 40s
    restart: unless-stopped
    networks:
      - rwa-network

networks:
  rwa-network:
    external: true