version: "3"

# This Docker cluster spins up the following containers:
#
# - My web blog for Kirsle.net (which is a custom Go program)
# - Redis as a cache for the blog to use.
# - Gitea, a self-hosted Git server.
# - PostgreSQL as the database for Gitea.
# - nginx, a reverse web proxy that makes all of these services available.
#
# The services are mounted at my test domains in nginx:
#
# - https://blog.kirsle.lh   for the web blog
# - https://git.kirsle.lh    for Gitea
#
# Exported ports:
# - 80 (nginx)
# - 443 (nginx)
# - 22 (gitea-ssh)

# Define named networks to isolate the apps from each other. Each app will
# list the networks it needs to share with others.
networks:
  default:
    driver: bridge
  redis:
    driver: bridge
  blog:
    driver: bridge
  gitea:
    driver: bridge

# Named volumes to let the apps store their own data persistently on disk
# between reboots. They end up somewhere at /var/lib/docker/volumes on the
# host filesystem, useful for self-contained apps.
volumes:
  gitea-db-data:
    driver: local
  gitea-data:
    driver: local
  redis-data:
    driver: local

services:

  # nginx reverse proxy in front of all the apps
  nginx:
    image: nginx
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./nginx/sites-enabled:/etc/nginx/sites-enabled:z"
      - "./nginx/nginx.conf:/etc/nginx/nginx.conf:z"
      - "./nginx/ssl_params:/etc/nginx/ssl_params:z"
      - "./ssl/snakeoil.key:/etc/nginx/certs/privkey.pem:z"
      - "./ssl/snakeoil.pem:/etc/nginx/certs/fullchain.pem:z"
    networks:
      - default
      - blog
      - gitea

  # shared Redis cache for various apps
  redis:
    image: redis
    restart: always
    expose:
      - 6379
    volumes:
      - "redis-data:/data"
    networks:
      - redis

  # My custom Go web blog for kirsle.net
  # https://github.com/kirsle/blog/blob/master/Dockerfile
  blog:
    build: /home/kirsle/go/src/github.com/kirsle/blog
    restart: always
    expose:
      - 80
    volumes:
      - "./www:/data/www:z"
    networks:
      - blog
      - redis

  # Postgres DB for gitea.
  gitea-postgres:
    image: postgres:10.5
    restart: always
    environment:
      - "POSTGRES_USER=gitea"
      - "POSTGRES_PASSWORD=gitea"
      - "POSTGRES_DB=gitea"
    volumes:
      - "gitea-db-data:/var/lib/postgresql/data"
    networks:
      - gitea

  # Gitea git server.
  gitea:
    image: gitea/gitea:latest
    restart: always
    volumes:
      - "gitea-data:/data"
    expose:
      - 3000
    ports:
      - "22:22"
    networks:
      - gitea
    environment:
      - DISABLE_REGISTRATION=true
    depends_on:
      - gitea-postgres
      - nginx