version: '3'
services:
  database:
    image: git.nixc.us/colin/hedgedoc:production-database
    environment:
      - POSTGRES_USER=hedgedoc
      - POSTGRES_PASSWORD=password
      - POSTGRES_DB=hedgedoc
    volumes:
      - /mnt/tank/persist/nixc.us/hedgedoc/production/db:/var/lib/postgresql/data
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
          - node.hostname == macmini2
#          - node.labels.mac-rack == true
      labels:
        - "us.nixc.autodeploy=true"
        - "traefik.enable=false"
    networks:
      - default
    # logging:
    #   driver: "gelf"
    #   options:
    #     gelf-address: "udp://log.nixc.us:15124"
    #     tag: "hedgedoc_database"
  hedgedoc:
    # Make sure to use the latest release from https://hedgedoc.org/latest-release
    image: git.nixc.us/colin/hedgedoc:production-hedgedoc
    environment:
      # CMD_ALLOW_ANONYMOUS: "true"
      CMD_ALLOW_ANONYMOUS_EDITS: "true"
      CMD_ALLOW_FREEURL: "true"
      CMD_DB_URL: "postgres://hedgedoc:password@hedgedoc_database:5432/hedgedoc"
      CMD_DOMAIN: "hedgedoc.nixc.us"
      # CMD_URL_ADDPORT: "true"
      CMD_PROTOCOL_USESSL: "true"
      CMD_SESSION_SECRET: "kcxFbvEv4gQeeDuXTJJDQ4Vj878C4p2AQFe9Ur33tLeUdQNzGGiQz6NAmEoxjZXH"
      CMD_DB_USERNAME: "hedgedoc"
      CMD_DB_PASSWORD: "password"
      CMD_DB_HOST: "database"
      CMD_DB_PORT: "5432"
#      CMD_LDAP_URL: ldap://lldap_lldap:3890
#      CMD_LDAP_BINDDN: uid=admin,ou=people,dc=nixc,dc=us
#      CMD_LDAP_BINDCREDENTIALS: ehgJHdnbMvz8vEGVSYqRAC2r3WUisLxTRLnuXuXb72DEvhi8Ayzu4CQj9h2sexpX
#      CMD_LDAP_SEARCHBASE: ou=people,dc=nixc,dc=us
#      CMD_LDAP_SEARCHFILTER: '(&(memberOf=cn=hedgedocUsers,ou=groups,dc=nixc,dc=us)(uid={{username}}))'
#      CMD_LDAP_USERIDFIELD: uid
    volumes:
      - /mnt/tank/persist/nixc.us/hedgedoc/production/uploads:/hedgedoc/public/uploads
    # ports:
    #   - "3000:3000"
    depends_on:
      - database
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
          - node.hostname == macmini2
#          - node.labels.mac-rack == true
      labels:
        homepage.group: apps
        homepage.name: hedgedoc
        homepage.href: https://hedgedoc.nixc.us/
        homepage.description: hedgedoc
        us.nixc.autodeploy: "true"
        traefik.enable: "true"
        traefik.http.routers.production_hedgedoc.tls: "true"
        traefik.http.services.production_hedgedoc.loadbalancer.server.port: 3000
        traefik.http.routers.production_hedgedoc.rule: Host(`hedgedoc.nixc.us`)
        traefik.http.routers.production_hedgedoc.entrypoints: websecure
        traefik.http.routers.production_hedgedoc.tls.certresolver: letsencryptresolver
        traefik.http.routers.production_hedgedoc.service: production_hedgedoc
        traefik.docker.network: traefik
        # - 'traefik.http.routers.production_hedgedoc.middlewares=authelia@docker'
    networks:
      - default
      - traefik
    # logging:
    #   driver: "gelf"
    #   options:
    #     gelf-address: "udp://log.nixc.us:15124"
    #     tag: "hedgedoc_app"

networks:
  traefik:
    external: true
  default:
    external: false