version: "3.0"

services:
  # Traefik reverse proxy
  # https://doc.traefik.io/traefik/
  reverse-proxy:
    image: traefik:v2.6.3
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      # See traefik/traefik.toml for static config
      - ./traefik:/etc/traefik
    labels:
      - "traefik.enable=true"
      # Expose traefik dashboard at http://localhost:8080
      - "traefik.http.routers.dashboard.rule=Host(`localhost`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
      - "traefik.http.routers.dashboard.entrypoints=dashboard"
      - "traefik.http.routers.dashboard.service=api@internal"
      # Secure the dashboard with IPWhiteList middleware
      - "traefik.http.routers.dashboard.middlewares=dashboard-allowlist@docker"
      - "traefik.http.middlewares.dashboard-allowlist.ipwhitelist.sourcerange=127.0.0.1/32"

  # PostgreSQL database
  db:
    image: postgres:14-bullseye
    restart: unless-stopped
    ports:
      - "5432:5432"
    volumes:
      - ./database:/var/lib/postgresql/data
    environment:
      POSTGRES_USER: ${DB_USER}
      POSTGRES_PASSWORD: ${DB_PASS}
      POSTGRES_DB: ${DB_NAME}

  # API server
  api:
    # Use the retropilot-server image from the GitHub Container Registry
    image: ghcr.io/retropilot/retropilot-server:uat
    restart: unless-stopped
    volumes:
      # Mount realdata dir to /realdata in the container
      - ./realdata:/realdata
    env_file:
      - .env
    labels:
      - "traefik.enable=true"
      # API service forwards requests to container port 8080
      - "traefik.http.services.api.loadbalancer.server.port=8080"
      # Expose api at https://uat.api.retropilot.org
      - "traefik.http.routers.api.rule=Host(`api.uat.retropilot.org`)"
      - "traefik.http.routers.api.entrypoints=websecure"
      - "traefik.http.routers.api.service=api@docker"
      - "traefik.http.routers.api.tls=true"
      - "traefik.http.routers.api.tls.certresolver=retropilot"

      # Monitor for image updates and restart automatically
      - "com.centurylinklabs.watchtower.enable=true"

  # API worker
  worker:
    # Use the same image as the server
    image: ghcr.io/retropilot/retropilot-server:uat
    # But run the worker script instead
    command: npm run worker
    restart: unless-stopped
    volumes:
      - ./realdata:/realdata
    env_file:
      - .env
    labels:
      # Monitor for image updates and restart automatically
      - "com.centurylinklabs.watchtower.enable=true"

  watchtower:
    # automatically update containers when new images are released
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    command: --interval 30 --label-enable