services:

  # ============================================================
  # Бэкапы
  # ============================================================
  backup:
    image: ghcr.io/gromov-io/docker-s3-backup:latest
    restart: unless-stopped
    depends_on:
      postgres:
        condition: service_healthy
      gitea:
        condition: service_started
    environment:
      - BACKUP_PROJECT_NAME=gitea-server
      - BACKUP_S3_BUCKET=${S3_BUCKET}
      - BACKUP_S3_ENDPOINT=${S3_ENDPOINT}
      - BACKUP_S3_ACCESS_KEY=${S3_ACCESS_KEY}
      - BACKUP_S3_SECRET_KEY=${S3_SECRET_KEY}
      - BACKUP_S3_FOLDER=gitea-backups
      # Останавливаем сервисы перед началом бекапа.
      - BACKUP_STOP_SERVICES=gitea postgres
    volumes:
      - .:/backup-source:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - gitea_network
  
  # ============================================================
  # База данных
  # ============================================================
  postgres:
    image: postgres:16-alpine
    restart: unless-stopped
    environment:
      - POSTGRES_USER=${POSTGRES_USER}
      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
      - POSTGRES_DB=${POSTGRES_DB}
    volumes:
      - ./docker-data/postgres:/var/lib/postgresql/data
    networks:
      - gitea_network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}"]
      interval: 10s
      timeout: 5s
      retries: 5

  # ============================================================
  # Git Сервер
  # ============================================================
  gitea:
    image: gitea/gitea:latest
    restart: unless-stopped
    depends_on:
      postgres:
        condition: service_healthy
    environment:
      - USER_UID=1000
      - USER_GID=1000
        # Название сайта (корневая секция - пустое имя секции = 4 подчеркивания)
      - GITEA____APP_NAME=${SITE_NAME:-GromLab}
        # Database Connection (PostgreSQL)
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=postgres:5432
      - GITEA__database__NAME=${POSTGRES_DB}
      - GITEA__database__USER=${POSTGRES_USER}
      - GITEA__database__PASSWD=${POSTGRES_PASSWORD}
      - GITEA__database__SCHEMA=public
      - GITEA__database__SSL_MODE=disable
        # Server Configuration
      - GITEA__server__APP_DATA_PATH=/data/gitea
      - GITEA__server__DOMAIN=${HOST}
      - GITEA__server__HTTP_PORT=80
      - GITEA__server__ROOT_URL=${INSTANCE}/
      - GITEA__server__LANDING_PAGE=explore
      - GITEA__server__SSH_PORT=${SSH_PORT}
      - GITEA__server__SSH_DOMAIN=${HOST}
      - GITEA__server__MINIMUM_KEY_SIZE_CHECK=false
      - GITEA__server__LFS_START_SERVER=true
      - GITEA__server__LFS_JWT_SECRET=${LFS_JWT_SECRET}
      - GITEA__server__LFS_HTTP_AUTH_EXPIRY=6h
      - GITEA__server__OFFLINE_MODE=false
      - GITEA__server__ENABLE_GZIP=true
        # Storage Type
      - GITEA__storage__STORAGE_TYPE=${STORAGE_TYPE}
        # UI Configuration
      - GITEA__ui__DEFAULT_THEME=gitea-auto
      - GITEA__ui__THEMES=gitea-auto,gitea-light,gitea-dark
        # Service Configuration
      - GITEA__service__DISABLE_REGISTRATION=false
      - GITEA__service__REGISTER_EMAIL_CONFIRM=true
      - GITEA__service__ENABLE_CAPTCHA=true
      - GITEA__service__DEFAULT_KEEP_EMAIL_PRIVATE=true
      - GITEA__service__ENABLE_NOTIFY_MAIL=true
        # OpenID Configuration
      - GITEA__openid__ENABLE_OPENID_SIGNIN=false
      - GITEA__openid__ENABLE_OPENID_SIGNUP=false
        # Mailer Configuration
      - GITEA__mailer__ENABLED=true
      - GITEA__mailer__FROM=${MAIL_USER}
      - GITEA__mailer__SMTP_ADDR=${MAIL_SMTP_ADDR}
      - GITEA__mailer__SMTP_PORT=${MAIL_SMTP_PORT}
      - GITEA__mailer__USER=${MAIL_USER}
      - GITEA__mailer__PASSWD=${MAIL_PASSWD}
      - GITEA__mailer__PROTOCOL=${MAIL_SMTP_PROTOCOL}
      - GITEA__mailer__FORCE_TRUST_SERVER_CERT=false
      - GITEA__mailer__HELO_HOSTNAME=${MAIL_HELO_HOSTNAME}
        # Packages & Container Configuration
      - GITEA__packages__ENABLED=true
      - GITEA__container__ENABLED=true
        # Custom Path
      - GITEA_CUSTOM=/data/gitea/custom
        # General Storage Configuration
      - GITEA__storage__SERVE_DIRECT=true
      - GITEA__storage__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__storage__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__storage__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__storage__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__storage__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__storage__MINIO_USE_SSL=${S3_USE_SSL}
        # Git LFS Configuration
      - GITEA__lfs__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__lfs__SERVE_DIRECT=true
      - GITEA__lfs__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__lfs__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__lfs__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__lfs__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__lfs__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__lfs__MINIO_USE_SSL=${S3_USE_SSL}
      - GITEA__lfs__PATH=lfs/
        # Actions Configuration
      - GITEA__actions__ENABLED=true
      - GITEA__actions__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__actions__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__actions__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__actions__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__actions__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__actions__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__actions__MINIO_USE_SSL=${S3_USE_SSL}
        # Packages Configuration
      - GITEA__packages__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__packages__SERVE_DIRECT=true
      - GITEA__packages__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__packages__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__packages__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__packages__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__packages__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__packages__MINIO_USE_SSL=${S3_USE_SSL}
      - GITEA__packages__PATH=packages/
        # Avatar Configuration
      - GITEA__avatar__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__avatar__SERVE_DIRECT=true
      - GITEA__avatar__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__avatar__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__avatar__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__avatar__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__avatar__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__avatar__MINIO_USE_SSL=${S3_USE_SSL}
      - GITEA__avatar__PATH=avatars/
        # Attachments Configuration
      - GITEA__attachment__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__attachment__SERVE_DIRECT=true
      - GITEA__attachment__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__attachment__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__attachment__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__attachment__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__attachment__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__attachment__MINIO_USE_SSL=${S3_USE_SSL}
      - GITEA__attachment__PATH=attachments/
        # Repository Archive Configuration
      - GITEA__repo-archive__STORAGE_TYPE=${STORAGE_TYPE}
      - GITEA__repo-archive__SERVE_DIRECT=true
      - GITEA__repo-archive__MINIO_ENDPOINT=${S3_ENDPOINT}
      - GITEA__repo-archive__MINIO_ACCESS_KEY_ID=${S3_ACCESS_KEY}
      - GITEA__repo-archive__MINIO_SECRET_ACCESS_KEY=${S3_SECRET_KEY}
      - GITEA__repo-archive__MINIO_BUCKET=${S3_BUCKET}
      - GITEA__repo-archive__MINIO_LOCATION=${S3_LOCATION}
      - GITEA__repo-archive__MINIO_USE_SSL=${S3_USE_SSL}
      - GITEA__repo-archive__PATH=repo-archive/
        # Cache Configuration
      - GITEA__cache__ENABLED=true
    volumes:
      - ./docker-data/gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    networks:
      - gitea_network
    ports:
      - ${DOCKER_SSH_PORT}:22
      - ${DOCKER_HTTP_PORT}:80

networks:
  gitea_network: