version: '3.5'

networks:
  default:
    external:
      name: traefik_default

services:
  wordpress:
    env_file: live.env
    image: wordpress
    container_name: wordpress-app
    restart: unless-stopped
    labels:
      # Watchtower
      - "com.centurylinklabs.watchtower.enable=true"   
      - "traefik.enable=true"
      ### <https> ###
      - "traefik.http.routers.wordpress.entrypoints=websecure"
      #- "traefik.http.routers.wordpress.middlewares=hsts-header@file"
      - "traefik.http.routers.wordpress.rule=Host(`${DOMAIN}`)"
      - "traefik.http.routers.wordpress.tls=true"
      - "traefik.http.routers.wordpress.tls.certresolver=myresolver"
      #- "traefik.http.routers.wordpress.tls.options=intermediate@file"
      ### </https> ###
    networks:
      - default
    volumes:
      - ${WORDPRESS_ROOT}/data/wordpress/usr/local/etc/php/conf.d/uploads.ini:/usr/local/etc/php/conf.d/uploads.ini
      - ${WORDPRESS_ROOT}/data/wordpress/var/www/html:/var/www/html
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro

  db:
    env_file: live.env
    image: mysql:5.7
    restart: unless-stopped
    container_name: wordpress-db
    labels:
      # Watchtower
      - "com.centurylinklabs.watchtower.enable=true"
    networks:
      - default
    volumes:
      - ${WORDPRESS_ROOT}/db/var/lib/mysql:/var/lib/mysql