services:
  ops:
    build:
      context: .
      dockerfile: Dockerfile
    image: ai-app-ops-tools:latest
    container_name: ai-app-ops-tools
    restart: unless-stopped
    ports:
      - "${OPS_PORT:-8000}:8000"
    env_file:
      - .env
    environment:
      # 容器内固定监听 0.0.0.0；对外端口通过上面的 ports 映射
      OPS_HOST: "0.0.0.0"
      OPS_PORT: "8000"
      # SQLite 数据库路径与卷挂载点一致
      OPS_DB_URL: "sqlite+aiosqlite:////app/data/ops.db"
    volumes:
      # 配置、模板、台账、剧本都用 bind mount，方便不重启即可编辑
      - ./config:/app/config
      - ./templates:/app/templates
      - ./apps:/app/apps
      - ./playbooks:/app/playbooks
      # 审计日志 + SQLite 持久化
      - ./data:/app/data
      # SSH 密钥（按需启用；Windows 上路径需自行调整）
      # - ${HOME}/.ssh:/root/.ssh:ro
    healthcheck:
      test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://127.0.0.1:8000/health', timeout=3)\""]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 10s

# 未来如需切换到 PostgreSQL，可解开下面的注释并修改 OPS_DB_URL
#  db:
#    image: postgres:16-alpine
#    container_name: ai-app-ops-tools-db
#    restart: unless-stopped
#    environment:
#      POSTGRES_USER: ops
#      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-changeme}
#      POSTGRES_DB: ops
#    volumes:
#      - pgdata:/var/lib/postgresql/data
#
# volumes:
#   pgdata: