version: '3.8'

services:
  mikrotik-bot:
    image: 10.10.30.121:5000/mikrotik-bot:latest
    container_name: mikrotik-bot-production
    restart: unless-stopped
    environment:
      # Vault AppRole credentials (безопасно)
      - VAULT_ADDR=http://10.10.30.121:8200
      - VAULT_ROLE_ID=ba8d3d21-263e-4d92-8ffe-ef803017cef5
      - VAULT_SECRET_ID=6b3ecc3c-9436-7f04-022f-8b1ce0ac09ee
      - VAULT_SECRET_PATH=secret/data/mikrotik-bot
      - DATABASE_PATH=/app/data/bot.db
    volumes:
      - mikrotik_bot_data:/app/data
    ports:
      - "8000:8000"  # Health check endpoint
    networks:
      - bot-network
    depends_on:
      - watchtower
    labels:
      - "com.centurylinklabs.watchtower.enable=true"
      
  # Автоматические обновления
  watchtower:
    image: containrrr/watchtower
    container_name: watchtower-mikrotik
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - WATCHTOWER_POLL_INTERVAL=60  # Проверять каждые 60 секунд
      - WATCHTOWER_LABEL_ENABLE=true
      - WATCHTOWER_CLEANUP=true
    command: --interval 60 --label-enable --cleanup
    networks:
      - bot-network
      
networks:
  bot-network:
    driver: bridge
    
volumes:
  mikrotik_bot_data: