services:
  nginx-proxy:
    image: docker.io/nginx:alpine
    container_name: nginx-proxy
    restart: always
    ports:
      - 8080:80
      - 8443:443
    volumes:
      - ./nginx/conf.d:/etc/nginx/conf.d:ro
      # Папки для SSL сертификатов
      - ./ssl/conf:/etc/letsencrypt:ro
      - ./ssl/www:/var/www/certbot:ro
    # Подхватываем новые ssl сертификаты
    command: /bin/sh -c "while :; do sleep 24h & wait $${!}; nginx -s reload; done & nginx -g 'daemon off;'"
    deploy:
      resources:
        limits:
          cpus: '0.25'
          memory: 128M
        reservations:
          memory: 64M
    networks:
      - proxy_network
      - gitea_network
      - cloud_network
      - matrix_network

  certbot:
    image: docker.io/certbot/certbot
    container_name: certbot
    restart: always
    volumes:
      - ./ssl/conf:/etc/letsencrypt
      - ./ssl/www:/var/www/certbot
    # Проверяет сертификаты дважды в сутки. Если осталось менее 30 дней - обновляем
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; sleep 30s & wait $${!}; do certbot renew; sleep 12h & wait $${!}; done;'"
    deploy:
      resources:
        limits:
          cpus: '0.25'
          memory: 128M
        reservations:
          memory: 64M
    networks:
      - proxy_network

  ddns:
    build: ./ddns
    container_name: ddns
    restart: always
    command: ["${REGRU_LOGIN:?}", "${REGRU_PASSWORD:?}"]
    volumes:
      - ./ddns/domains.txt:/app/domains.txt
    environment:
      - TZ=Europe/Samara
    deploy:
      resources:
        limits:
          cpus: '0.25'
          memory: 128M
        reservations:
          memory: 64M
    networks:
      - proxy_network

networks:
  proxy_network:
    name: proxy_network
    driver: bridge
  gitea_network:
    external: true
    name: gitea_network
  cloud_network:
    external: true
    name: cloud_network
  matrix_network:
    external: true
    name: matrix_network