version: "3.4"

services:
  monica:
    build: ./monica
    image: monica
    env_file: ./monica/.env
    environment:
      - APP_URL=https://personel.${DOMAIN}
      - DB_PASSWORD=${DB_PASSWORD}
      - DB_USERNAME=${DB_USER}
      - MAIL_FROM_ADDRESS=${MAIL_FROM}
      - MAIL_HOST=${MAIL_HOST}
      - MAIL_PORT=${MAIL_PORT}
      - MAIL_USERNAME=${MAIL_USER}
      - MAIL_PASSWORD=${MAIL_PASSWORD}
    volumes:
      - monica-data:/var/www/html/storage
      - monica-public:/var/www/html/public
    restart: always
    depends_on:
      - db

  nextcloud:
    build: ./nextcloud
    image: nextcloud
    restart: always
    volumes:
      - nextcloud:/var/www/html
    environment:
      - REDIS_HOST=redis
      - MYSQL_HOST=db
      - MYSQL_PASSWORD=${DB_PASSWORD}
      - MYSQL_DATABASE=nextcloud
      - MYSQL_USER=${DB_USER}
      - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
      - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
      - MAIL_FROM=${MAIL_FROM}
      - MAIL_HOST=${MAIL_HOST}
      - MAIL_PORT=${MAIL_PORT}
      - MAIL_USER=${MAIL_USER}
      - MAIL_PASSWORD=${MAIL_PASSWORD}
      - NEXTCLOUD_TRUSTED_DOMAINS=tower.${DOMAIN}
    depends_on:
      - db
      - redis

  db:
    image: mariadb
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    environment:
      - MYSQL_ROOT_PASSWORD=${DB_PASSWORD}
      - MYSQL_USER=${DB_USER}
      - MYSQL_PASSWORD=${DB_PASSWORD}
    volumes:
      - db:/var/lib/mysql
      - ./db/init:/docker-entrypoint-initdb.d
    restart: always

  redis:
    image: redis:alpine
    restart: always

  nginx:
    image: nginx:alpine
    restart: always
    volumes:
      - certs:/etc/nginx/certs:ro
      - ./nginx.conf:/etc/nginx/nginx.conf
      - monica-public:/var/www/html/monica/public:ro
      - monica-data:/var/www/html/monica/storage:ro
      - nextcloud:/var/www/html/nextcloud:ro
    depends_on:
      - monica
      - nextcloud
    ports:
      - 80:80
      - 443:443
    depends_on:
      - omgwtfssl-monica
      - omgwtfssl-nextcloud

  omgwtfssl-monica:
    image: paulczar/omgwtfssl
    restart: "no"
    volumes:
      - certs:/certs
    environment:
      - SSL_SUBJECT=personel.${DOMAIN}
      - CA_SUBJECT=chris@${DOMAIN}
      - SSL_KEY=/certs/personel.${DOMAIN}.key
      - SSL_CSR=/certs/personel.${DOMAIN}.csr
      - SSL_CERT=/certs/personel.${DOMAIN}.crt

  omgwtfssl-nextcloud:
    image: paulczar/omgwtfssl
    restart: "no"
    volumes:
      - certs:/certs
    environment:
      - SSL_SUBJECT=tower.${DOMAIN}
      - CA_SUBJECT=chris@${DOMAIN}
      - SSL_KEY=/certs/tower.${DOMAIN}.key
      - SSL_CSR=/certs/tower.${DOMAIN}.csr
      - SSL_CERT=/certs/tower.${DOMAIN}.crt

volumes:
  db:
  monica-public:
  monica-data:
  nextcloud:
  certs: