version: "{{ compose_version }}"

services:
  redis:
    image: redis:latest
    deploy:
      resources:
        limits:
          memory: 256M

  registry:
    image: registry:2
    secrets:
      - source: htpasswd_{{ registry_htpasswd.stat.checksum }}
        target: /etc/docker/registry/htpasswd
    configs:
      - source: registry_{{ registry_config.checksum }}
        target: /etc/docker/registry/config.yml
    environment:
      - REGISTRY_STORAGE_DELETE_ENABLED=true
    deploy:
      placement:
        constraints:
          - node.role == manager
    networks: ['default']

  ui:
    image: joxit/docker-registry-ui:2.2.1
    environment:
        - DELETE_IMAGES=true
        - REGISTRY_TITLE=Kadet's private registry
        - NGINX_PROXY_PASS_URL=http://registry:5000
        - SINGLE_REGISTRY=true
    depends_on: ['registry']
    deploy:
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}.rule=Host(`{{ service }}.{{ main_domain }}`)
        - traefik.http.routers.{{ service }}.tls=true
        - traefik.http.routers.{{ service }}.tls.certresolver=lets-encrypt
        - traefik.http.services.{{ service }}.loadbalancer.server.port=80
    networks: ['{{ ingress_network }}', 'default']

  image-cleanup-job:
    image: registry:2
    command: ["registry", "garbage-collect", "/etc/docker/registry/config.yml", "-m"]
    secrets:
      - source: htpasswd_{{ registry_htpasswd.stat.checksum }}
        target: /etc/docker/registry/htpasswd
    configs:
      - source: registry_{{ registry_config.checksum }}
        target: /etc/docker/registry/config.yml
    deploy:
      placement:
        constraints:
          - node.role == manager
      labels:
        - "swarm.cronjob.enable=true"
        - "swarm.cronjob.schedule=0 0 0 1 * *"
      restart_policy:
        condition: none

configs:
  registry_{{ registry_config.checksum }}:
    file: ./config/config.yml

secrets:
  htpasswd_{{ registry_htpasswd.stat.checksum }}:
    file: ./config/htpasswd