version: "{{ compose_version }}"

services:
  redis:
    image: redis:latest
    deploy:
      resources:
        limits:
          memory: 256M

  worker:
    image: registry.kadet.net/keylighter.kadet.net/php-fpm:{{ keylighter_version }}
    command: ['./bin/console', 'messenger:consume', '-vvv']
    volumes:
      - storage-data:/var/www/var
    configs:
      - source: dotenv_{{ dotenv_file.checksum }}
        target: /var/www/.env.local

  site:
    image: registry.kadet.net/podlike
    command: -logs -ipc=false -pull
    networks: ["{{ ingress_network }}", "default"]
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}.rule={{ traefik_routing_rule }}
        - traefik.http.routers.{{ service }}.priority=100
        - traefik.http.routers.{{ service }}.tls=true
        - traefik.http.routers.{{ service }}.tls.certresolver=lets-encrypt-tls
        - traefik.http.services.{{ service }}.loadbalancer.server.port=80
      restart_policy:
        condition: any
        delay: 60s
    labels:
      pod.component.fpm: |
        image: registry.kadet.net/keylighter.kadet.net/php-fpm:{{ keylighter_version }}
        environment:
          - TRUSTED_PROXIES=10.0.0.0/8
        volumes:
          - {{ service }}-www-data:/var/www
          - {{ service }}-storage-data:/var/www/var
      pod.component.nginx: |
        image: nginx:latest
        volumes:
          - {{ service }}-www-data:/var/www
          - {{ service }}-storage-data:/var/www/var
          - {{ service }}-nginx-config:/etc/nginx/templates
      pod.copy.fpm: /var/conf/keylighter/.env:/var/www/.env.local
      pod.copy.nginx: /var/conf/nginx/nginx.conf:/etc/nginx/conf.d/default.conf
      pod.init.components: |
        - image: registry.kadet.net/keylighter.kadet.net/php-fpm:{{ keylighter_version }}
          entrypoint: ["/bin/sh", "-c"]
          command: ["cp -a /var/www /mnt"]
          volumes:
            - {{ service }}-www-data:/mnt/www
    configs:
      - source: dotenv_{{ dotenv_file.checksum }}
        target: /var/conf/keylighter/.env
      - source: nginx_conf_{{ nginx_conf.checksum }}
        target: /var/conf/nginx/nginx.conf
    secrets:
      - source: dockerregistryauth
        target: /var/run/secrets/podlike/dockerregistryauth.json
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - nginx-config:/mnt/nginx-config
      - www-data:/mnt/www-data
      - storage-data:/mnt/storage-data

secrets:
  dockerregistryauth:
    name: dockerregistryauth
    external: true

configs:
  dotenv_{{ dotenv_file.checksum }}:
    file: ./config/.env
  nginx_conf_{{ nginx_conf.checksum }}:
    file: ./config/nginx.conf

volumes:
  nginx-config:
    name: '{{ service }}-{{ "nginx-config.{{.Task.ID}}" }}'
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-nginx-config"
  www-data:
    name: '{{ service }}-{{ "www-data.{{.Task.ID}}" }}'
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-www-data"
  storage-data:
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-storage-data"