version: "3.7"

networks:
    traefik_proxy:
        name: traefik_proxy

volumes:
  letsencrypt:
    name: traefik-letsencrypt
  nocodb-db:
    name: nocodb-db
  nocodb-data:
    name: nocodb-data

services:

    traefik:
        image: traefik:v2.2
        container_name: traefik
        restart: always
        command:
            #- "--log.level=DEBUG"
            - "--providers.docker=true"
            - "--ping=true"
            - "--ping.entryPoint=ping"
            - "--providers.docker.exposedbydefault=false"
            - "--providers.docker.network=traefik_proxy"
            - "--entryPoints.ping.address=:8081"
            - "--entrypoints.http.address=:80"
            - "--entrypoints.https.address=:443"
            - "--entrypoints.https.http.tls.certresolver=letsencrypt"
            - "--entrypoints.https.http.tls.domains[0].main=${DOMAINNAME}"
            - "--entrypoints.https.http.tls.domains[0].sans=*.${DOMAINNAME}"
            - "--entrypoints.http.http.redirections.entryPoint.to=https"
            - "--entrypoints.http.http.redirections.entryPoint.scheme=https"
            - "--certificatesresolvers.letsencrypt.acme.dnsChallenge.delayBeforeCheck=15"
            - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
            - "--certificatesresolvers.letsencrypt.acme.email=info@${DOMAINNAME}"
            - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
            - "--certificatesResolvers.letsencrypt.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53"
        environment:
            - CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN}
        healthcheck:
            test: ["CMD", "wget", "-c", "http://localhost:8081/ping"]
            timeout: 3s
            retries: 3
        networks:
            - default
            - traefik_proxy
        ports:
            - "80:80"
            - "443:443"
        volumes:
            - "letsencrypt:/letsencrypt"
            - /var/run/docker.sock:/var/run/docker.sock:ro

    watchtower:
        image: containrrr/watchtower
        container_name: watchtower
        restart: always
        networks:
            - traefik_proxy
        command: --schedule "0 5 * * *" --cleanup --label-enable

        volumes:
            - /var/run/docker.sock:/var/run/docker.sock:ro
        labels:
            - "com.centurylinklabs.watchtower.enable=true"

    nocodb:
        container_name: nocodb
        image: nocodb/nocodb:latest
        restart: always
        volumes:
          - nocodb-data:/usr/app/data
        networks:
          - traefik_proxy
        environment:
          - NC_DB=pg://nocodb-db:5432?u=${DATABASE_USER}&p=${DATABASE_PW}&d=${DATABASE_NAME}
          - NC_PUBLIC_URL=https://nocodb.${DOMAINNAME}
          - NC_DISABLE_TELE=true
        labels:
            - "traefik.enable=true"
            - "traefik.http.services.nocodb.loadbalancer.server.port=8080"
            - "traefik.http.routers.nocodb.rule=Host(`nocodb.${DOMAINNAME}`)"
            - "traefik.http.routers.nocodb.entrypoints=https"
            - "com.centurylinklabs.watchtower.enable=true"
        depends_on:
          - nocodb-db

    nocodb-db:
        image: postgres:12.1-alpine
        container_name: nocodb-db
        restart: always
        networks:
            - traefik_proxy
        environment:
           POSTGRES_USER: ${DATABASE_USER}
           POSTGRES_PASSWORD: ${DATABASE_PW}
           POSTGRES_DB: ${DATABASE_NAME}
        volumes:
          - nocodb-db:/var/lib/postgresql/data
        healthcheck:
          test: pg_isready -U ${DATABASE_USER} -d ${DATABASE_NAME}
          interval: 10s
          timeout: 2s
          retries: 10