networks:
  gitea:
    external: false
    enable_ipv6: true

volumes:
  server:
    driver: local

services:
  server:
    image: codeberg.org/forgejo/forgejo:9.0.2
    restart: always
    container_name: forgejo
    env_file:
      - .env
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__database__DB_TYPE=postgres
      - FORGEJO__cache__ENABLED=true
      - FORGEJO__cache__ADAPTER=redis
      - FORGEJO__cache__HOST=redis://cache:6379/0?pool_size=100&idle_timeout=180s
      - FORGEJO__indexer__REPO_INDEXER_ENABLED=false
      - FORGEJO__webhook__ALLOWED_HOST_LIST="cicd.gnous.eu,build.net.enpls.org,deploy.net.enpls.org"
      - FORGEJO__service__REGISTER_EMAIL_CONFIRM=true
      - FORGEJO__service__DISABLE_REGISTRATION=false
      - FORGEJO__service__ENABLE_CAPTCHA=true
      - FORGEJO__security__PASSWORD_HASH_ALGO=argon2
      - FORGEJO__session__PROVIDER=db
      - FORGEJO__security__LOGIN_REMEMBER_DAYS=365
      - FORGEJO__log__LEVEL=info
      - FORGEJO__log__MODE=console
      - FORGEJO__ui__DEFAULT_THEME=gitea-auto
      - FORGEJO__ui.meta__AUTHOR="GnousGit"
      - FORGEJO__ui.meta__KEYWORDS="gitea,forge,forgejo,free,software,open,source,code,foss,oss,gnous,gnouseu"
      - FORGEJO__cron.delete_inactive_accounts__ENABLED=true
      - FORGEJO__cron.delete_inactive_accounts__SCHEDULE="@every 48h"
      - FORGEJO__cron.delete_inactive_accounts__OLDER_THAN="48h"
      - FORGEJO__markup.asciidoc__ENABLED=true
      - FORGEJO__markup.asciidoc__FILE_EXTENSIONS=.adoc,.asciidoc
      - FORGEJO__markup.asciidoc__RENDER_COMMAND="timeout 30s sudo -u nobody asciidoctor -s --safe-mode secure -a data-uri -a showtitle --out-file=- -"
      - FORGEJO__markup.asciidoc__IS_INPUT_FILE=false
      - FORGEJO__markup.pandoc_rst__ENABLED=true
      - FORGEJO__markup.pandoc_rst__FILE_EXTENSIONS=.rst
      - FORGEJO__markup.pandoc_rst__RENDER_COMMAND="timeout 30s sudo -u nobody pandoc +RTS -M512M -RTS -f rst"
      - FORGEJO__markup.pandoc_rst__IS_INPUT_FILE=false
      - FORGEJO__mailer__SMTP_ADDR=mx.gnous.eu
      - FORGEJO__mailer__SMTP_PORT=587
    #      - FORGEJO__mailer__FROM=${SMTP_USER}
    #      - FORGEJO__mailer__USER=${SMTP_USER}
    #      - FORGEJO__mailer__PASSWD=${SMTP_PASS}
    #      - FORGEJO__database__HOST=${MEP_DB_HOST}
    #      - FORGEJO__database__NAME=${FORGEJO_DB_NAME}
    #      - FORGEJO__database__USER=${FORGEJO_DB_USER}
    #      - FORGEJO__database__PASSWD=${FORGEJO_DB_PASS}
    networks:
      - gitea
    volumes:
      - server:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3001:3000"
      - "3002:22"
    labels:
      - "traefik.enable=true"
      # web server
      - "traefik.http.services.forgejo-service-gnous.loadbalancer.server.port=3001"
      - "traefik.http.routers.forgejognous.rule=Host(`git.gnous.eu`)"
      - "traefik.http.routers.forgejognous.tls=true"
      - "traefik.http.routers.forgejognous.tls.certresolver=defaultacme"
      - "traefik.http.routers.forgejognous.entrypoints=websecure"
      - "traefik.http.routers.forgejognous.service=forgejo-service-gnous"
      - "traefik.http.routers.forgejognous.middlewares=proxyHeader@file,proxyError@file"
      #  ssh service
      - "traefik.tcp.routers.forgejo-ssh-gnous.entrypoints=ssh"
      - "traefik.tcp.routers.forgejo-ssh-gnous.rule=HostSNI(`*`)"
      - "traefik.tcp.routers.forgejo-ssh-gnous.service=forgejo-ssh-gnous"
      - "traefik.tcp.services.forgejo-ssh-gnous.loadbalancer.server.port=3002"
    depends_on:
      - cache
  cache:
    image: "redis:7-alpine"
    restart: always
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
    networks:
      - gitea
    tmpfs:
      - "/var/lib/redis"