version: '3.8'

services:
  scheduler:
    build:
      context: .
      dockerfile: Dockerfile
    container_name: movie_scheduler
    restart: unless-stopped

    # Environment variables - USE SECRETS IN PRODUCTION
    env_file:
      - .env.production

    # GPU access for VAAPI encoding
    devices:
      - /dev/dri:/dev/dri
    group_add:
      - video
      - render

    volumes:
      # Persistent database
      - ./scheduler.db:/app/scheduler.db

      # Video storage - mount your actual storage paths
      - /mnt/storage/raw_movies:/raw_movies:ro
      - /mnt/storage/final_movies:/final_movies

      # Whisper model (download once, reuse)
      - /opt/models:/models:ro

      # Logs (optional - use if not using external logging)
      - ./logs:/app/logs

    # Logging configuration
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "5"

    # Resource limits
    deploy:
      resources:
        limits:
          cpus: '4.0'
          memory: 4G
        reservations:
          cpus: '1.0'
          memory: 1G

    # Health check
    healthcheck:
      test: ["CMD-SHELL", "pgrep -f agent.py || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 10s

    # Network
    networks:
      - scheduler_network

    # Security
    security_opt:
      - no-new-privileges:true
    read_only: false
    tmpfs:
      - /tmp

networks:
  scheduler_network:
    driver: bridge