# Staging MEV Bot Docker Compose Configuration
version: '3.8'

services:
  # Main MEV Bot Service for Staging
  mev-bot-staging:
    build:
      context: .
      dockerfile: Dockerfile.production
      target: staging
    container_name: mev-bot-arbitrum-staging
    restart: unless-stopped
    
    # Environment configuration for staging
    environment:
      # Arbitrum Network Configuration for Staging
      - ARBITRUM_RPC_ENDPOINT=${ARBITRUM_RPC_ENDPOINT:-wss://arbitrum-mainnet.core.chainstack.com/53c30e7a941160679fdcc396c894fc57}
      - ARBITRUM_WS_ENDPOINT=${ARBITRUM_WS_ENDPOINT:-wss://arbitrum-mainnet.core.chainstack.com/53c30e7a941160679fdcc396c894fc57}
      - ARBITRUM_FALLBACK_ENDPOINTS=${ARBITRUM_FALLBACK_ENDPOINTS:-https://arb1.arbitrum.io/rpc,https://arbitrum.llamarpc.com,https://arbitrum-one.publicnode.com}
      
      # Rate limiting for staging (more conservative than production)
      - RPC_REQUESTS_PER_SECOND=${RPC_REQUESTS_PER_SECOND:-50}
      - RPC_MAX_CONCURRENT=${RPC_MAX_CONCURRENT:-5}
      
      # Bot Configuration for Staging
      - BOT_MAX_WORKERS=${BOT_MAX_WORKERS:-3}
      - BOT_CHANNEL_BUFFER_SIZE=${BOT_CHANNEL_BUFFER_SIZE:-100}
      
      # Ethereum Account for Staging (NEVER set in compose file - use .env file)
      - ETHEREUM_PRIVATE_KEY=${ETHEREUM_PRIVATE_KEY}
      - ETHEREUM_ACCOUNT_ADDRESS=${ETHEREUM_ACCOUNT_ADDRESS}
      - ETHEREUM_GAS_PRICE_MULTIPLIER=${ETHEREUM_GAS_PRICE_MULTIPLIER:-1.2}
      
      # Smart Contract Addresses for Staging
      - CONTRACT_ARBITRAGE_EXECUTOR=${CONTRACT_ARBITRAGE_EXECUTOR}
      - CONTRACT_FLASH_SWAPPER=${CONTRACT_FLASH_SWAPPER}
      
      # Security for Staging
      - MEV_BOT_ENCRYPTION_KEY=${MEV_BOT_ENCRYPTION_KEY}
      
      # Logging and Monitoring for Staging
      - LOG_LEVEL=${LOG_LEVEL:-debug}
      - LOG_FORMAT=${LOG_FORMAT:-text}
      - METRICS_ENABLED=${METRICS_ENABLED:-true}
      - METRICS_PORT=${METRICS_PORT:-9091}
      
      # Staging Environment
      - GO_ENV=staging
      - DEBUG=true
      
      # Reduced risk settings for staging
      - MIN_PROFIT_THRESHOLD=${MIN_PROFIT_THRESHOLD:-50.0}
      - MAX_POSITION_SIZE=${MAX_POSITION_SIZE:-1000000000000000000}  # 1 ETH max position
      
    # Volume mounts for persistent data in staging
    volumes:
      - ./data/staging:/app/data:Z
      - ./logs/staging:/app/logs:Z
      - ./config:/app/config:ro
      - ./keys:/app/keys:ro,Z  # Read-only keys directory
      
    # Port exposure for staging
    ports:
      - "${METRICS_PORT:-9091}:9091"  # Metrics endpoint for staging
      - "${HEALTH_PORT:-8081}:8081"   # Health check endpoint for staging
      
    # Health check for staging
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8081/health"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 60s
      
    # Reduced resource limits for staging
    deploy:
      resources:
        limits:
          memory: 512M
          cpus: '1.0'
        reservations:
          memory: 256M
          cpus: '0.5'
          
    # Logging configuration for staging
    logging:
      driver: "json-file"
      options:
        max-size: "50m"
        max-file: "3"
        
    # Security for staging
    security_opt:
      - no-new-privileges:true
    read_only: true
    tmpfs:
      - /tmp:noexec,nosuid,size=50m
      
    # Dependencies for staging
    depends_on:
      - redis-staging
      - postgres-staging
      
    # Networks for staging
    networks:
      - mev-bot-staging-network

  # Redis for caching and rate limiting in staging
  redis-staging:
    image: redis:7-alpine
    container_name: mev-bot-redis-staging
    restart: unless-stopped
    
    # Redis configuration for staging
    command: redis-server --appendonly yes --maxmemory 128mb --maxmemory-policy allkeys-lru
    
    volumes:
      - redis_staging_data:/data:Z
      
    # Security for staging
    security_opt:
      - no-new-privileges:true
    read_only: true
    tmpfs:
      - /tmp:noexec,nosuid,size=10m
      
    # Reduced resource limits for staging
    deploy:
      resources:
        limits:
          memory: 256M
          cpus: '0.25'
        reservations:
          memory: 128M
          cpus: '0.125'
          
    # Health check for staging
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 30s
      timeout: 5s
      retries: 3
      
    networks:
      - mev-bot-staging-network

  # PostgreSQL for transaction and profit tracking in staging
  postgres-staging:
    image: postgres:15-alpine
    container_name: mev-bot-postgres-staging
    restart: unless-stopped
    
    environment:
      - POSTGRES_DB=${POSTGRES_DB:-mevbot_staging}
      - POSTGRES_USER=${POSTGRES_USER:-mevbot_staging}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - POSTGRES_INITDB_ARGS=--auth-host=scram-sha-256
      
    volumes:
      - postgres_staging_data:/var/lib/postgresql/data:Z
      - ./scripts/init-db.sql:/docker-entrypoint-initdb.d/init-db.sql:ro
      
    # Security for staging
    security_opt:
      - no-new-privileges:true
      
    # Reduced resource limits for staging
    deploy:
      resources:
        limits:
          memory: 512M
          cpus: '0.5'
        reservations:
          memory: 256M
          cpus: '0.25'
          
    # Health check for staging
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-mevbot_staging}"]
      interval: 30s
      timeout: 5s
      retries: 3
      
    networks:
      - mev-bot-staging-network

  # Prometheus for metrics collection in staging
  prometheus-staging:
    image: prom/prometheus:latest
    container_name: mev-bot-prometheus-staging
    restart: unless-stopped
    
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--storage.tsdb.retention.time=7d'  # Shorter retention for staging
      - '--web.enable-lifecycle'
      
    volumes:
      - ./monitoring/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - prometheus_staging_data:/prometheus:Z
      
    ports:
      - "${PROMETHEUS_PORT:-9092}:9090"
      
    # Security for staging
    security_opt:
      - no-new-privileges:true
      
    networks:
      - mev-bot-staging-network

  # Grafana for monitoring dashboards in staging
  grafana-staging:
    image: grafana/grafana:latest
    container_name: mev-bot-grafana-staging
    restart: unless-stopped
    
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD:-admin123}
      - GF_SECURITY_ADMIN_USER=${GRAFANA_USER:-admin}
      - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource
      
    volumes:
      - grafana_staging_data:/var/lib/grafana:Z
      - ./monitoring/grafana/dashboards:/etc/grafana/provisioning/dashboards:ro
      - ./monitoring/grafana/datasources:/etc/grafana/provisioning/datasources:ro
      
    ports:
      - "${GRAFANA_PORT:-3001}:3000"
      
    # Security for staging
    security_opt:
      - no-new-privileges:true
      
    depends_on:
      - prometheus-staging
      
    networks:
      - mev-bot-staging-network

  # Log aggregation with Fluentd for staging
  fluentd-staging:
    build:
      context: ./monitoring/fluentd
      dockerfile: Dockerfile
    container_name: mev-bot-fluentd-staging
    restart: unless-stopped
    
    volumes:
      - ./monitoring/fluentd/conf:/fluentd/etc:ro
      - ./logs/staging:/fluentd/logs:ro
      
    ports:
      - "24225:24224"
      - "24225:24224/udp"
      
    networks:
      - mev-bot-staging-network

# Named volumes for data persistence in staging
volumes:
  redis_staging_data:
    driver: local
  postgres_staging_data:
    driver: local
  prometheus_staging_data:
    driver: local
  grafana_staging_data:
    driver: local

# Network configuration for staging
networks:
  mev-bot-staging-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.21.0.0/16