version: "3"

services:
  codi:
    image: hackmdio/hackmd:2.4.2
    user: hackmd
    environment:
      # Admin stuff
      CMD_DB_URL: "postgres://${CODI_DB_USER}:${CODI_DB_PASSWORD}@codi_db/${CODI_DB_DB}"
      CMD_SESSION_SECRET: "${CODI_SESSION_SECRET}"
      CMD_USECDN: "false"
      CMD_DOMAIN: pad.pbrinkmeier.de
      CMD_PROTOCOL_USESSL: "true"
      CMD_ALLOW_GRAVATAR: "false"
      # Don't allow unauthenticated users to create notes
      CMD_ALLOW_ANONYMOUS: "false"
      # Allow unauthenticated users to edit "Freely" notes
      CMD_ALLOW_ANONYMOUS_EDITS: "true"
      # Misc
      CMD_ALLOW_FREEURL: "true"
      CMD_REQUIRE_FREEURL_AUTHENTICATION: "true"
      CMD_PLANTUML_SERVER: https://plantuml.pbrinkmeier.de
      # Authentication: Use Gitea OAuth2
      CMD_EMAIL: "false"
      CMD_ALLOW_EMAIL_REGISTER: "false"
      CMD_OAUTH2_CLIENT_ID: "${CODI_OAUTH2_CLIENT_ID}"
      CMD_OAUTH2_CLIENT_SECRET: "${CODI_OAUTH2_CLIENT_SECRET}"
      CMD_OAUTH2_AUTHORIZATION_URL: https://git.pbrinkmeier.de/login/oauth/authorize
      CMD_OAUTH2_TOKEN_URL: https://git.pbrinkmeier.de/login/oauth/access_token
      CMD_OAUTH2_USER_PROFILE_URL: https://git.pbrinkmeier.de/api/v1/user
      CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: login
      CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: full_name
      CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: email

    depends_on:
      - codi_db
      - codi_plantuml
    volumes:
      - /var/lib/pbri/docker/codi_uploads:/home/hackmd/app/public/uploads
    restart: always
    
  codi_db:
    image: postgres:11.6-alpine
    environment:
      POSTGRES_USER: "${CODI_DB_USER}"
      POSTGRES_PASSWORD: "${CODI_DB_PASSWORD}"
      POSTGRES_DB: "${CODI_DB_DB}"
    volumes:
      - /var/lib/pbri/docker/codi_database:/var/lib/postgresql/data
    restart: always

  codi_plantuml:
    image: plantuml/plantuml-server:jetty-v1.2022.7
    restart: always

networks:
  default:
    name: caddy-network
    external: true