version: "{{ compose_version }}"

services:
  frontend:
    image: {{ system_praktyk_image_group }}/front:{{ system_praktyk_version }}
    networks:
      - "{{ ingress_network }}"
      - default
    environment:
      APP_API_BASE: https://system-praktyk.stg.kadet.net
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}-front.rule=({{ traefik_routing_rule }})
        - traefik.http.routers.{{ service }}-front.priority=200
        - traefik.http.routers.{{ service }}-front.tls=true
        - traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
        - traefik.http.services.{{ service }}-front.loadbalancer.server.port=80
        
  api:
    image: {{ system_praktyk_image_group }}/api:{{ system_praktyk_version }}
    networks:
      - "{{ ingress_network }}"
      - default
    environment:
      TRUSTED_PROXIES: 10.0.0.0/8
      CONNECTIONSTRINGS__INTERNSHIPDATABASE: "Host=postgres;Port=5432;Database=praktyki;Username=praktyki;Password=praktyki"
      ASPNETCORE_ENVIRONMENT: Development
      ASPNETCORE_URLS: http://0.0.0.0:80
      SECURITYOPTIONS__SECRET: iewaiwie3aig9wi3chieBai9eephai
      SECURITYOPTIONS__EXPIRATION: 1440     # 24h in minutes
      SECURITYOPTIONS__BASEURL: https://logowanie.pg.edu.pl
      SECURITYOPTIONS__TOKENPATH: /oauth2.0/accessToken
      SECURITYOPTIONS__PROFILEPATH: /oauth2.0/profile
      SECURITYOPTIONS__CLIENTID: PraktykiClientId
      SECURITYOPTIONS__REDIRECTURL: https://system-praktyk.stg.kadet.net/user/login/check/pg
      FILLER__USE_DEFAULT_DATA: "true"
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}-api.rule=({{ traefik_routing_rule }}) && (PathPrefix(`/api/`))
        - traefik.http.routers.{{ service }}-api.priority=300
        - traefik.http.routers.{{ service }}-api.tls=true
        - traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
        - traefik.http.routers.{{ service }}-api.middlewares={{ service }}-api-strip
        - traefik.http.services.{{ service }}-api.loadbalancer.server.port=80
        - traefik.http.middlewares.{{ service }}-api-strip.stripprefix.prefixes=/api

  postgres:
    image: postgres:12.
    environment:
      - POSTGRES_DB=praktyki
      - POSTGRES_USER=praktyki
      - POSTGRES_PASSWORD=praktyki


volumes:
  pg_data: ~