ai-tax-agent/infra/compose/compose.override.yaml

# FILE: infra/compose/compose.override.yaml
# Local development overrides
# Automatically loaded by docker compose when compose.yaml is present

services:
  # --- Infrastructure Overrides ---

  apa-traefik:
    volumes:
      - ./traefik/traefik.local.yml:/etc/traefik/traefik.yml:ro
      - ./traefik/traefik-dynamic.local.yml:/etc/traefik/traefik-dynamic.yml:ro
      - ./traefik/certs/:/var/traefik/certs/:ro
    ports:
      - "8080:8080" # Dashboard (admin entrypoint, insecure mode only for local)

  apa-authentik-server:
    environment:
      AUTHENTIK_ERROR_REPORTING__ENABLED: "false"
      DOMAIN: ${DOMAIN:-local.lan}
      GRAFANA_OAUTH_CLIENT_ID: ${GRAFANA_OAUTH_CLIENT_ID}
      GRAFANA_OAUTH_CLIENT_SECRET: ${GRAFANA_OAUTH_CLIENT_SECRET}
      AUTHENTIK_MINIO_CLIENT_SECRET: ${AUTHENTIK_MINIO_CLIENT_SECRET}
      AUTHENTIK_VAULT_CLIENT_SECRET: ${AUTHENTIK_VAULT_CLIENT_SECRET}
      AUTHENTIK_OUTPOST_TOKEN: ${AUTHENTIK_OUTPOST_TOKEN}
    volumes:
      - ../authentik/bootstrap.yaml:/blueprints/ai-tax-agent-bootstrap.yaml:ro

  apa-authentik-worker:
    environment:
      DOMAIN: ${DOMAIN:-local.lan}
      GRAFANA_OAUTH_CLIENT_ID: ${GRAFANA_OAUTH_CLIENT_ID}
      GRAFANA_OAUTH_CLIENT_SECRET: ${GRAFANA_OAUTH_CLIENT_SECRET}
      AUTHENTIK_MINIO_CLIENT_SECRET: ${AUTHENTIK_MINIO_CLIENT_SECRET}
      AUTHENTIK_VAULT_CLIENT_SECRET: ${AUTHENTIK_VAULT_CLIENT_SECRET}
      AUTHENTIK_OUTPOST_TOKEN: ${AUTHENTIK_OUTPOST_TOKEN}
    volumes:
      - ../authentik/bootstrap.yaml:/blueprints/ai-tax-agent-bootstrap.yaml:ro

  apa-vault:
    volumes:
      - ./traefik/certs/:/certs:ro

  # --- Service Build Overrides ---
  # Pointing to local source code for building

  apa-svc-ingestion:
    build:
      context: ../../
      dockerfile: apps/svc_ingestion/Dockerfile
    image: ai-tax-agent/svc-ingestion:local
    pull_policy: never

  apa-svc-extract:
    build:
      context: ../../
      dockerfile: apps/svc_extract/Dockerfile
    image: ai-tax-agent/svc-extract:local
    pull_policy: never

  apa-svc-kg:
    build:
      context: ../../
      dockerfile: apps/svc_kg/Dockerfile
    image: ai-tax-agent/svc-kg:local
    pull_policy: never

  apa-svc-rag-retriever:
    build:
      context: ../../
      dockerfile: apps/svc_rag_retriever/Dockerfile
    image: ai-tax-agent/svc-rag-retriever:local
    pull_policy: never

  apa-svc-forms:
    build:
      context: ../../
      dockerfile: apps/svc_forms/Dockerfile
    image: ai-tax-agent/svc-forms:local
    pull_policy: never

  apa-svc-hmrc:
    build:
      context: ../../
      dockerfile: apps/svc_hmrc/Dockerfile
    image: ai-tax-agent/svc-hmrc:local
    pull_policy: never

  apa-svc-ocr:
    build:
      context: ../../
      dockerfile: apps/svc_ocr/Dockerfile
    image: ai-tax-agent/svc-ocr:local
    pull_policy: never
    restart: on-failure

  apa-svc-rag-indexer:
    build:
      context: ../../
      dockerfile: apps/svc_rag_indexer/Dockerfile
    image: ai-tax-agent/svc-rag-indexer:local
    pull_policy: never

  apa-svc-reason:
    build:
      context: ../../
      dockerfile: apps/svc_reason/Dockerfile
    image: ai-tax-agent/svc-reason:local
    pull_policy: never

  apa-svc-rpa:
    build:
      context: ../../
      dockerfile: apps/svc_rpa/Dockerfile
    image: ai-tax-agent/svc-rpa:local
    pull_policy: never

  apa-svc-normalize-map:
    build:
      context: ../../
      dockerfile: apps/svc_normalize_map/Dockerfile
    image: ai-tax-agent/svc-normalize-map:local
    pull_policy: never

  apa-svc-coverage:
    build:
      context: ../../
      dockerfile: apps/svc_coverage/Dockerfile
    image: ai-tax-agent/svc-coverage:local
    pull_policy: never

  apa-svc-firm-connectors:
    build:
      context: ../../
      dockerfile: apps/svc_firm_connectors/Dockerfile
    image: ai-tax-agent/svc-firm-connectors:local
    pull_policy: never

  apa-ui-review:
    # UI might not have a Dockerfile in root/ui-review/Dockerfile based on previous file view
    # Assuming standard build context if it exists, otherwise comment out build
    # build:
    #   context: ../../ui-review
    #   dockerfile: Dockerfile
    image: alpine:latest
    profiles: ["disabled"]
    environment:
      - NEXTAUTH_URL=https://app.local.lan
      - API_BASE_URL=https://api.local.lan

  apa-minio:
    volumes:
      - ./traefik/certs/local.crt:/root/.minio/certs/CAs/local.crt:ro

  # --- Local Development Specific Services ---
  # Services that only exist in local dev (e.g. mailhog if used, or specific tools)
  # None identified from docker-compose.local.yml that aren't in base