version: "{{ compose_version }}"

services:
  site:
    image: registry.kadet.net/podlike
    command: -logs -ipc=false -pull
    networks: ["{{ ingress_network }}"]
    deploy:
      mode: replicated
      replicas: 1
      update_config:
        parallelism: 1
        order: start-first
      labels:
        - traefik.enable=true
        - traefik.http.routers.{{ service }}.rule={{ traefik_routing_rule }}
        - traefik.http.routers.{{ service }}.priority=100
        - traefik.http.routers.{{ service }}.tls=true
        - traefik.http.routers.{{ service }}.tls.certresolver=lets-encrypt-tls
        - traefik.http.services.{{ service }}.loadbalancer.server.port=80
      restart_policy:
        condition: any
        max_attempts: 3
    labels:
      pod.component.fpm: |
        image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
        volumes:
          - {{ service }}-www-data:/var/www
          - {{ service }}-storage-data:/var/www/storage
      pod.component.nginx: |
        image: nginx:latest
        volumes:
          - {{ service }}-www-data:/var/www
          - {{ service }}-storage-data:/var/www/storage
          - {{ service }}-nginx-config:/etc/nginx/templates
      pod.copy.fpm: /var/conf/wipe/.env:/var/www/.env
      pod.init.components: |
        - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
          entrypoint: ["/bin/sh", "-c"]
          command: ["cp -r /var/www/* /mnt/www"]
          volumes:
            - {{ service }}-www-data:/mnt/www
        - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
          entrypoint: ["/bin/sh", "-c"]
          command: ["cp -rnp /var/www/storage/* /mnt/storage"]
          volumes:
            - {{ service }}-storage-data:/mnt/storage
        - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
          entrypoint: ["/bin/sh", "-c"]
          command: ["cp -r /var/www/nginx/* /mnt/config"]
          volumes:
            - {{ service }}-nginx-config:/mnt/config
    configs:
      - source: dotenv_{{ dotenv_file.checksum }}
        target: /var/conf/wipe/.env
    secrets:
      - source: dockerregistryauth
        target: /var/run/secrets/podlike/dockerregistryauth.json
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - nginx-config:/mnt/nginx-config
      - www-data:/mnt/www-data
      - storage-data:/mnt/storage-data

secrets:
  dockerregistryauth:
    name: dockerregistryauth
    external: true

configs:
  dotenv_{{ dotenv_file.checksum }}:
    file: ./config/.env

volumes:
  nginx-config:
    name: '{{ service }}-{{ "nginx-config.{{.Task.ID}}" }}'
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-nginx-config"
  www-data:
    name: '{{ service }}-{{ "www-data.{{.Task.ID}}" }}'
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-www-data"
  storage-data:
    labels:
      com.github.rycus86.podlike.volume-ref: "{{ service }}-storage-data"