version: '3.6'

volumes:
  certs:
  acme:
  html:

networks:
  proxy:
  gitea:
    external: false

services:
  gitea:
    image: gitea/gitea:latest
    container_name: gitea
    restart: always
    environment: 
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=gitea-db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
      - GITEA__git__HOME_PATH=/data/git
      - GITEA__repository.ENABLE_PUSH_CREATE_USER=true
      - GITEA__repository.ENABLE_PUSH_CREATE_ORG=true
      - GITEA__repository.signing__DEFAULT_TRUST_MODEL=collaborator
      - GITEA__repository.signing__SIGNING_KEY=013E4D2815379A35
      - GITEA__repository.signing__SIGNING_NAME=Gitea
      - GITEA__repository.signing__SIGNING_EMAIL=gitea@othoulrich.com
      - GITEA__repository.signing__INITIAL_COMMIT=pubkey
      - GITEA__repository.signing__WIKI=pubkey
      - GITEA__repository.signing__CRUD_ACTIONS=pubkey
      - GITEA__repository.signing__MERGES=pubkey,commitssigned
      - VIRTUAL_HOST=code.othoulrich.com
      - VIRTUAL_PORT=3000
      - LETSENCRYPT_HOST=code.othoulrich.com
    networks:
      - gitea
      - proxy
    volumes:
      - .data/gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "922:22"
    depends_on:
      - gitea-db

  gitea-db:
    image: postgres:14
    container_name: gitea-db
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=gitea
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - .data/gitea-db:/var/lib/postgresql/data

  apache:
    image: httpd:2.4
    container_name: apache
    restart: always
    environment:
      - VIRTUAL_HOST=www.othoulrich.com,othoulrich.com
      - LETSENCRYPT_HOST=www.othoulrich.com,othoulrich.com
    networks:
      - proxy
    volumes:
      - ./htdocs:/usr/local/apache2/htdocs

####################################3
## nginx proxy

  nginx-proxy:
    image: nginxproxy/nginx-proxy
    container_name: nginx-proxy
    restart: always
    ports:
      - 80:80
      - 443:443
    labels:
      com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    volumes:
      - certs:/etc/nginx/certs:ro
      - ./vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - proxy

  letsencrypt-companion:
    image: nginxproxy/acme-companion
    container_name: acme-companion
    restart: always
    volumes:
      - certs:/etc/nginx/certs
      - acme:/etc/acme.sh
      - ./vhost.d:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - proxy
    depends_on:
      - nginx-proxy