version: '3.9'
networks:
  proxy:
    driver: bridge   
  default:
    name: automatisch_network
    enable_ipv6: ${ENABLE_IPV6}
    ipam:
      config:
        - subnet: ${IPV6_SUBNET}
services:
  # for local https development using self-signed certs via openssl
  # nginx:
  #   image: nginx:latest
  #   depends_on:
  #     - main    
  #   ports:
  #     - "443:443"
  #   volumes:
  #     - ./https/certs/${SSL_SELF_SIGNED_CRT}:/etc/nginx/certs/${SSL_SELF_SIGNED_CRT}:ro
  #     - ./https/certs/${SSL_SELF_SIGNED_KEY}:/etc/nginx/certs/${SSL_SELF_SIGNED_KEY}:ro
  #     - ./https/nginx/automatisch_self_signed_nginx.conf:/etc/nginx/conf.d/
  # for production using letsencrypt and certbot
  nginx:
    image: nginx:latest
    depends_on:
      - main      
    restart: unless-stopped
    volumes:
      - ./https/nginx/automatisch_letsencrypt_nginx.conf:/etc/nginx/conf.d/automatisch_letsencrypt_nginx.conf
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
    ports:
      - ${NGINX_HTTP_PORT}:${NGINX_HTTP_PORT}
      - ${NGINX_HTTPS_PORT}:443
  
  certbot:
     image: certbot/certbot:latest
     volumes:
       - ./certbot/conf:/etc/letsencrypt
       - ./certbot/www:/var/www/certbot     
     command: certonly --webroot -w /var/www/certbot --keep-until-expiring --email ${SSL_CERT_EMAIL} -d ${HOST} --agree-tos
     depends_on:
       - nginx     
  main:
    build:
      context: ./docker
      dockerfile: Dockerfile.compose
    entrypoint: /compose-entrypoint.sh
    ports:
      - '${MAIN_HTTP_PORT}:${MAIN_HTTP_PORT}'
    depends_on:
      postgres:
        condition: service_healthy
      redis:
        condition: service_started
    environment:
      - HOST=${HOST}
      - PROTOCOL=${PROTOCOL}
      - PORT=${MAIN_HTTP_PORT}
      - APP_ENV=${APP_ENV}
      - REDIS_HOST=${REDIS_HOST}
      - POSTGRES_HOST=${POSTGRES_HOST}
      - POSTGRES_DATABASE=${POSTGRES_DATABASE}
      - POSTGRES_USERNAME=${POSTGRES_USERNAME}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - ENCRYPTION_KEY=${ENCRYPTION_KEY}
      - WEBHOOK_SECRET_KEY=${WEBHOOK_SECRET_KEY}
      - WEBHOOK_URL=${WEBHOOK_URL}
      - APP_SECRET_KEY=${APP_SECRET_KEY}
    volumes:
      - automatisch_storage:/automatisch/storage
  worker:
    build:
      context: ./docker
      dockerfile: Dockerfile.compose
    entrypoint: /compose-entrypoint.sh
    depends_on:
      - main
    environment:
      - APP_ENV=${APP_ENV}
      - REDIS_HOST=${REDIS_HOST}
      - POSTGRES_HOST=${POSTGRES_HOST}
      - POSTGRES_DATABASE=${POSTGRES_DATABASE}
      - POSTGRES_USERNAME=${POSTGRES_USERNAME}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - ENCRYPTION_KEY=${ENCRYPTION_KEY}
      - WEBHOOK_SECRET_KEY=${WEBHOOK_SECRET_KEY}
      - WEBHOOK_URL=${WEBHOOK_URL}
      - APP_SECRET_KEY=${APP_SECRET_KEY}
      - WORKER=true
    volumes:
      - automatisch_storage:/automatisch/storage
  postgres:
    image: 'postgres:14.5'
    environment:
      - POSTGRES_DB=${POSTGRES_DATABASE}
      - POSTGRES_USER=${POSTGRES_USERNAME}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
    volumes:
      - postgres_data:/var/lib/postgresql/data
    healthcheck:
      test: ['CMD-SHELL', 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}']
      interval: 10s
      timeout: 5s
      retries: 5
  redis:
    image: 'redis:7.0.4'
    volumes:
      - redis_data:/data
volumes:
  automatisch_storage:
  postgres_data:
  redis_data: