version: "3.9"

services:
  woodpecker-server:
    image: woodpeckerci/woodpecker-server:next-alpine
    environment:
    environment:
      - WOODPECKER_HOST=https://woodpecker.nixc.us
      - WOODPECKER_SERVER_ADDR=:8000
      - WOODPECKER_PROTO=https
      - WOODPECKER_DATABASE_DRIVER=mysql
      - WOODPECKER_DATABASE_DATASOURCE=/data/database.sqlite
      - WOODPECKER_GIT_ALWAYS_AUTH=false
      - WOODPECKER_AGENT_SECRET=redacted
      - WOODPECKER_ADMIN=colin
      - WOODPECKER_REPO_OWNERS=colin,meta
      - WOODPECKER_OPEN=true
      # - WOODPECKER_DOCKER_CONFIG=/home/user/.docker/config.json
      # https://github.com/go-sql-driver/mysql#dsn-data-source-name
      - WOODPECKER_DATABASE_DATASOURCE=woodpecker:woodpecker@tcp(db:3306)/woodpecker?parseTime=true
      ## Gitea config
      - WOODPECKER_GITEA=true
      - WOODPECKER_GITEA_URL=https://git.nixc.us/
      - WOODPECKER_GITEA_CLIENT=redacted
      - WOODPECKER_GITEA_SECRET=redacted
    networks:
      - traefik
      - default
    volumes:
      - /mnt/tank/persist/nixc.us/woodpecker/production/data:/var/lib/woodpecker/
      # - /root/.docker/config.json:/home/user/.docker/config.json:rw
    deploy:
      replicas: 1
    deploy:
      placement:
        constraints:
          # - node.role == manager
          - node.hostname == ingress.nixc.us
      labels:
        - "traefik.enable=true"
        - "traefik.http.routers.woodpecker.tls=true"
        - "traefik.http.services.woodpecker.loadbalancer.server.port=8000"
        - "traefik.http.routers.woodpecker.rule=Host(`woodpecker.nixc.us`)"
        - "traefik.http.routers.woodpecker.entrypoints=websecure"
        - "traefik.http.routers.woodpecker.tls.certresolver=letsencryptresolver"
        - "traefik.http.routers.woodpecker.service=woodpecker"
        - "traefik.docker.network=traefik"
        # - 'traefik.http.routers.woodpecker.middlewares=authelia@docker'

  woodpecker-agent:
    image: woodpeckerci/woodpecker-agent:next-alpine
    networks:
      - default
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      # - WOODPECKER_AGENT_HOST=https://woodpecker.nixc.us
      # - WOODPECKER_AGENT_PROTO=http
      - WOODPECKER_SERVER=woodpecker-server:9000
      - WOODPECKER_AGENT_SECRET=redacted
      - WOODPECKER_MAX_WORKFLOWS=4
      - WOODPECKER_DEBUG=TRUE
      - WOODPECKER_LOG_LEVEL=error
      - WOODPECKER_DEBUG_PRETTY=true
    deploy:
      replicas: 1
      placement:
        constraints:
          # - node.labels.role == db
          # - node.hostname == macmini14
          - node.labels.mac-rack == true
          # - node.role == manager
      labels:
        - "traefik.enable=false"

  db:
    image: mariadb:10.6
    environment:
      - MYSQL_DATABASE=woodpecker
      - MYSQL_USER=woodpecker
      - MYSQL_PASSWORD=woodpecker
      - MYSQL_RANDOM_ROOT_PASSWORD=1
    volumes:
      - /mnt/tank/persist/nixc.us/woodpecker/production/db:/var/lib/mysql
    networks:
      - default
    deploy:
      replicas: 1
      placement:
        constraints:
##          - node.labels.role == db
#          - node.hostname == macmini8
          - node.labels.mac-rack == true
      labels:
       - "traefik.enable=false"

networks:
  default:
    external: false
  traefik:
    external: true

# volumes:
#   woodpeckerdata:
#     external: true