services:
  # --- Vectorstore DB (pgvector) ---
  supabase-db:
    image: pgvector/pgvector:pg15
    container_name: supabase-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: ${SB_DB_NAME}
      POSTGRES_USER: ${SB_DB_USER}
      POSTGRES_PASSWORD: ${SB_DB_PASS}
    volumes:
      - ./volumes/supabase-db:/var/lib/postgresql/data
      - ./init:/docker-entrypoint-initdb.d:ro
    ports:
      - "5432:5432"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${SB_DB_USER} -d ${SB_DB_NAME}"]
      interval: 10s
      timeout: 5s
      retries: 15

  # Optional: REST API auf die Vector-DB (wenn du es brauchst)
  # Wenn du "von außen keinen DB-Zugriff" willst: später im Reverse Proxy sperren oder Port entfernen.
  postgrest:
    image: postgrest/postgrest:v12.2.8
    container_name: postgrest
    restart: unless-stopped
    depends_on:
      supabase-db:
        condition: service_healthy
    environment:
      PGRST_DB_URI: postgres://${SB_DB_USER}:${SB_DB_PASS}@supabase-db:5432/${SB_DB_NAME}
      PGRST_DB_SCHEMA: public
      PGRST_DB_ANON_ROLE: anon
      PGRST_SERVER_PORT: 3000
    ports:
      - "3000:3000"

  # --- n8n DB (separat, sauber getrennt) ---
  n8n-db:
    image: postgres:15-alpine
    container_name: n8n-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: ${N8N_DB_NAME}
      POSTGRES_USER: ${N8N_DB_USER}
      POSTGRES_PASSWORD: ${N8N_DB_PASS}
    volumes:
      - ./volumes/n8n-db:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${N8N_DB_USER} -d ${N8N_DB_NAME}"]
      interval: 10s
      timeout: 5s
      retries: 15

  # --- n8n ---
  n8n:
    image: docker.n8n.io/n8nio/n8n:latest
    container_name: n8n
    restart: unless-stopped
    depends_on:
      n8n-db:
        condition: service_healthy
    ports:
      - "5678:5678"
    environment:
      DB_TYPE: postgresdb
      DB_POSTGRESDB_HOST: n8n-db
      DB_POSTGRESDB_PORT: 5432
      DB_POSTGRESDB_DATABASE: ${N8N_DB_NAME}
      DB_POSTGRESDB_USER: ${N8N_DB_USER}
      DB_POSTGRESDB_PASSWORD: ${N8N_DB_PASS}

      GENERIC_TIMEZONE: Europe/Berlin
      NODE_ENV: production

      N8N_HOST: ${N8N_HOST}
      N8N_PORT: 5678
      WEBHOOK_URL: ${N8N_WEBHOOK_URL}

      N8N_BASIC_AUTH_ACTIVE: "true"
      N8N_BASIC_AUTH_USER: ${N8N_BASIC_AUTH_USER}
      N8N_BASIC_AUTH_PASSWORD: ${N8N_BASIC_AUTH_PASS}

      N8N_ENCRYPTION_KEY: ${N8N_ENCRYPTION_KEY}

      # Solange du KEIN HTTPS hast, sonst bekommst du genau die "secure cookie"-Meldung:
      N8N_SECURE_COOKIE: "false"

      # Optional: wenn du später Community Nodes brauchst
      N8N_COMMUNITY_PACKAGES_ENABLED: "true"

    volumes:
      - ./volumes/n8n-data:/home/node/.n8n