version: "{{ compose_version }}"

x-defaults: 
  worker: &worker
    image: {{ cojedzie_image_base }}/worker:{{ cojedzie_worker_version }}
    env_file:
      - ./api.env
      - ./sentry.env
    volumes:
      - db_data:/var/db
    depends_on:
      - api

services:
  api:
    image: {{ cojedzie_image_base }}/api:{{ cojedzie_api_version }}
    networks:
      - "{{ ingress_network }}"
      - default
    volumes:
      - db_data:/var/db
    environment:
      - TRUSTED_PROXIES=10.0.0.0/8
    env_file:
      - ./api.env
      - ./sentry.env
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}-api.rule=({{ traefik_routing_rule }}) && (PathPrefix(`/api/`) || PathPrefix(`/bundles/`))
        - traefik.http.routers.{{ service }}-api.priority=100
        - traefik.http.routers.{{ service }}-api.tls=true
        - traefik.http.routers.{{ service }}-api.tls.certresolver=lets-encrypt
        - traefik.http.services.{{ service }}-api.loadbalancer.server.port=8080

  schedule:
    <<: *worker
    environment:
      COJEDZIE_WORKER_OPTS: '-vv'
      COJEDZIE_WORKER_QUEUES: 'scheduler_default scheduler_hub'

  worker:
    <<: *worker

  mercure:
    image: dunglas/mercure:{{ cojedzie_mercure_version|default('latest') }}
    networks:
      - "{{ ingress_network }}"
      - default
    environment:
      SERVER_NAME: ":80"
      USE_FORWARDED_HEADERS: 1
      MERCURE_PUBLISHER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
      MERCURE_SUBSCRIBER_JWT_KEY: "{{ cojedzie_mercure_jwt_key }}"
    volumes:
      - mercure_data:/data
      - mercure_config:/config
    deploy:
      mode: replicated
      replicas: 1
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}-mercure.rule=({{ traefik_routing_rule }}) && PathPrefix(`/.well-known/mercure`)
        - traefik.http.routers.{{ service }}-mercure.tls=true
        - traefik.http.routers.{{ service }}-mercure.tls.certresolver=lets-encrypt
        - traefik.http.services.{{ service }}-mercure.loadbalancer.server.port=80

  front:
    image: {{ cojedzie_image_base }}/front:{{ cojedzie_front_version }}
    networks:
      - "{{ ingress_network }}"
      - default
    depends_on:
      - api
    env_file:
      - ./front.env
      - ./sentry.env
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}-front.rule={{ traefik_routing_rule }}
        - traefik.http.routers.{{ service }}-front.tls=true
        - traefik.http.routers.{{ service }}-front.tls.certresolver=lets-encrypt
        - traefik.http.routers.{{ service }}-front.middlewares=gzip@file
        - traefik.http.services.{{ service }}-front.loadbalancer.server.port=3000

volumes:
  db_data: ~
  mercure_data: ~
  mercure_config: ~