version: '3.5'

networks:
  reverse-proxy:
    external:
      name: reverse-proxy

volumes:
  redis-trash1:

services:
  web:
    build:
      args:
        gid: ${gid}
        uid: ${uid}
      context: ./web
    depends_on:
      - db
      - redis
    env_file: nopaque.env
    image: nopaque/web
    labels:
      - "traefik.docker.network=reverse-proxy"
      - "traefik.enable=true"
      ### <http> ###
      - "traefik.http.middlewares.nopaque-header.headers.customrequestheaders.X-Forwarded-Proto=http"
      - "traefik.http.routers.nopaque.entrypoints=web"
      - "traefik.http.routers.nopaque.middlewares=nopaque-header, redirect-to-https@file"
      - "traefik.http.routers.nopaque.rule=Host(`nopaque.localhost`)"
      ### </http> ###
      ### <https> ###
      - "traefik.http.middlewares.nopaque-secure-header.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.nopaque-secure.entrypoints=web-secure"
      - "traefik.http.routers.nopaque-secure.middlewares=hsts-header@file, nopaque-secure-header"
      - "traefik.http.routers.nopaque-secure.rule=Host(`nopaque.localhost`)"
      - "traefik.http.routers.nopaque-secure.tls.options=intermediate@file"
      ### </https> ###
      ### <basicauth help="https://docs.traefik.io/middlewares/basicauth/"> ###
      # - "traefik.http.middlewares.nopaque-basicauth.basicauth.users=name:hashed-password"
      # - "traefik.http.routers.nopaque.middlewares=nopaque-basicauth, nopaque-header, redirect-to-https@file"
      # - "traefik.http.routers.nopaque-secure.middlewares=nopaque-basicauth, hsts-header@file, nopaquesecure-header"
      ### </basicauth> ###
    networks:
      - default
      - reverse-proxy
    volumes:
      - "/mnt/dind-swarm/nopaque:/mnt/dind-swarm/nopaque"
      - "./logs:/home/nopaque/logs"
      - "./web/app:/home/nopaque/app"
      - "./web/migrations:/home/nopaque/migrations"
      - "./web/tests:/home/nopaque/tests"
      - "./web/config.py:/home/nopaque/config.py"
      - "./web/docker-entrypoint.sh:/usr/local/bin/docker-entrypoint.sh"
      - "./web/nopaque.py:/home/nopaque/nopaque.py"
      - "./web/requirements.txt:/home/nopaque/requirements.txt"
  daemon:
    build:
      args:
        docker_gid: ${docker_gid}
        gid: ${gid}
        uid: ${uid}
      context: ./daemon
    depends_on:
      - db
      - web
    env_file: nopaque.env
    image: nopaque/daemon
    volumes:
      - "/mnt/dind-swarm/nopaque:/mnt/dind-swarm/nopaque"
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "./logs:/home/nopaqued/logs"
      - "./daemon/notify:/home/nopaqued/notify"
      - "./daemon/decorators.py:/home/nopaqued/decorators.py"
      - "./daemon/docker-entrypoint.sh:/usr/local/bin/docker-entrypoint.sh"
      - "./daemon/nopaqued.py:/home/nopaqued/nopaqued.py"
      - "./daemon/requirements.txt:/home/nopaqued/requirements.txt"
  db:
    env_file: nopaque.env
    image: postgres:11
    volumes:
      - "/srv/nopaque/db:/var/lib/postgresql/data"
  redis:
    image: redis:5
    volumes:
      - "redis-trash1:/data"