Sync coolify compose with main: use COMPLIANCE_DATABASE_URL, QDRANT_URL

- Switch to ${COMPLIANCE_DATABASE_URL} for admin-compliance, backend, SDK, crawler
- Add DATABASE_URL to admin-compliance environment
- Switch ai-compliance-sdk from QDRANT_HOST/PORT to QDRANT_URL + QDRANT_API_KEY
- Add MINIO_SECURE to compliance-tts-service
- Update .env.coolify.example with new variable patterns

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

.env.coolify.example

@@ -6,11 +6,7 @@
 # =========================================================
 
 # --- External PostgreSQL (Coolify-managed, same as Core) ---
-POSTGRES_HOST=<coolify-postgres-hostname>
-POSTGRES_PORT=5432
-POSTGRES_USER=breakpilot
-POSTGRES_PASSWORD=CHANGE_ME_SAME_AS_CORE
-POSTGRES_DB=breakpilot_db
+COMPLIANCE_DATABASE_URL=postgresql://breakpilot:CHANGE_ME@<coolify-postgres-hostname>:5432/breakpilot_db
 
 # --- Security ---
 JWT_SECRET=CHANGE_ME_SAME_AS_CORE
@@ -19,10 +15,11 @@ JWT_SECRET=CHANGE_ME_SAME_AS_CORE
 S3_ENDPOINT=<s3-endpoint-host:port>
 S3_ACCESS_KEY=CHANGE_ME_SAME_AS_CORE
 S3_SECRET_KEY=CHANGE_ME_SAME_AS_CORE
+S3_SECURE=true
 
-# --- External Qdrant (Coolify-managed, same as Core) ---
-QDRANT_HOST=<coolify-qdrant-hostname>
-QDRANT_PORT=6333
+# --- External Qdrant ---
+QDRANT_URL=https://<qdrant-hostname>
+QDRANT_API_KEY=CHANGE_ME_QDRANT_API_KEY
 
 # --- Session ---
 SESSION_TTL_HOURS=24

docker-compose.coolify.yml

@@ -32,6 +32,7 @@ services:
       - "3000"
     environment:
       NODE_ENV: production
+      DATABASE_URL: ${COMPLIANCE_DATABASE_URL}
       BACKEND_URL: http://backend-compliance:8002
       CONSENT_SERVICE_URL: http://bp-core-consent-service:8081
       SDK_URL: http://ai-compliance-sdk:8090
@@ -83,7 +84,7 @@ services:
       - "8002"
     environment:
       PORT: 8002
-      DATABASE_URL: postgresql+asyncpg://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}?options=-csearch_path%3Dcompliance,core,public
+      DATABASE_URL: ${COMPLIANCE_DATABASE_URL}
       JWT_SECRET: ${JWT_SECRET}
       ENVIRONMENT: production
       CONSENT_SERVICE_URL: http://bp-core-consent-service:8081
@@ -127,7 +128,7 @@ services:
     environment:
       PORT: 8090
       ENVIRONMENT: production
-      DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}
+      DATABASE_URL: ${COMPLIANCE_DATABASE_URL}
       JWT_SECRET: ${JWT_SECRET}
       LLM_PROVIDER: ${COMPLIANCE_LLM_PROVIDER:-anthropic}
       LLM_FALLBACK_PROVIDER: ${LLM_FALLBACK_PROVIDER:-}
@@ -141,8 +142,8 @@ services:
       AUDIT_LOG_PROMPTS: ${AUDIT_LOG_PROMPTS:-true}
       ALLOWED_ORIGINS: "*"
       TTS_SERVICE_URL: http://compliance-tts-service:8095
-      QDRANT_HOST: ${QDRANT_HOST}
-      QDRANT_PORT: ${QDRANT_PORT:-6333}
+      QDRANT_URL: ${QDRANT_URL}
+      QDRANT_API_KEY: ${QDRANT_API_KEY:-}
     healthcheck:
       test: ["CMD", "wget", "-q", "--spider", "http://127.0.0.1:8090/health"]
       interval: 30s
@@ -174,6 +175,7 @@ services:
       MINIO_ENDPOINT: ${S3_ENDPOINT}
       MINIO_ACCESS_KEY: ${S3_ACCESS_KEY}
       MINIO_SECRET_KEY: ${S3_SECRET_KEY}
+      MINIO_SECURE: ${S3_SECURE:-true}
       PIPER_MODEL_PATH: /app/models/de_DE-thorsten-high.onnx
     healthcheck:
       test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://127.0.0.1:8095/health')"]
@@ -241,7 +243,7 @@ services:
       - "8098"
     environment:
       PORT: 8098
-      DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB}
+      DATABASE_URL: ${COMPLIANCE_DATABASE_URL}
       LLM_GATEWAY_URL: http://ai-compliance-sdk:8090
       DSMS_GATEWAY_URL: http://dsms-gateway:8082
       CRAWL_BASE_PATH: /data/crawl