infrastructure/docker/web/docker-compose.yaml

version: "3"

services:
  # Webserver for static files and reverse proxy
  web:
    image: pbrinkmeier/web
    build: .
    ports:
      - 80:80
      - 443:443
    volumes:
      - caddy_data:/data
      - caddy_config:/config
      - /home/paul/Sites:/srv:ro
    restart: always

  codi:
    image: hackmdio/hackmd:2.4.2
    # CMD_DB_{URL,CMD_SESSION_SECRET}
    env_file: codi.env
    environment:
      - CMD_USECDN=false
      - CMD_DOMAIN=codi.pbrinkmeier.de
      - CMD_PROTOCOL_USESSL=true
      - CMD_EMAIL=true
      - CMD_ALLOW_EMAIL_REGISTER=false
      - CMD_ALLOW_ANONYMOUS_EDITS=true
      - CMD_PLANTUML_SERVER=https://plantuml.pbrinkmeier.de
    depends_on:
      - codi_db
      - codi_plantuml
    volumes:
      - codi_uploads:/home/hackmd/app/public/uploads
    restart: always
    
  codi_db:
    image: postgres:11.6-alpine
    # POSTGRES_{USER,PASSWORD,DB}
    # Must match CMD_DB_URL in codi.env
    env_file: codi_db.env
    volumes:
      - codi_database:/var/lib/postgresql/data
    restart: always
  
  codi_plantuml:
    image: plantuml/plantuml-server:jetty-v1.2022.7
    restart: always

  gitlab:
    image: gitlab/gitlab-ce:15.3.2-ce.0
    ports:
      - "22:22"
    volumes:
      - gitlab_data:/var/opt/gitlab
      - gitlab_logs:/var/log/gitlab
      - gitlab_config:/etc/gitlab
    restart: always
    # GITLAB_SMTP_PASSWORD
    env_file: gitlab.env
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://git.pbrinkmeier.de'

        gitlab_rails['smtp_enable'] = true
        gitlab_rails['smtp_address'] = "smtp.mailbox.org"
        gitlab_rails['smtp_port'] = 465
        gitlab_rails['smtp_user_name'] = "hallo@pbrinkmeier.de"
        gitlab_rails['smtp_password'] = ENV['GITLAB_SMTP_PASSWORD']
        gitlab_rails['smtp_domain'] = "smtp.mailbox.org"
        gitlab_rails['smtp_authentication'] = "login"
        gitlab_rails['smtp_enable_starttls_auto'] = true
        gitlab_rails['smtp_tls'] = true
        gitlab_rails['smtp_openssl_verify_mode'] = 'none'
        gitlab_rails['gitlab_email_from'] = 'git@pbrinkmeier.de'
        gitlab_rails['gitlab_email_reply_to'] = 'noreply@pbrinkmeier.de'

        gitlab_rails['gitlab_shell_ssh_port'] = 22

        # https://docs.gitlab.com/omnibus/settings/rpi.html
        puma['worker_processes'] = 2
        sidekiq['concurrency'] = 9
        prometheus_monitoring['enable'] = false

        nginx['listen_port'] = 80
        nginx['listen_https'] = false

  jupyter:
    image: ihaskell-docker:1.0
    # ports:
    #   - "8888:8888"
    user: "42000" # Jupyter user UID (jupyter does not exist in container (TODO...))
    environment:
      HOME: /Notebooks
    volumes:
      - /home/jupyter/Notebooks:/Notebooks
    restart: always
  
  drone:
    image: drone/drone:2
    # DRONE_{GITLAB_CLIENT_ID,GITLAB_CLIENT_SECRET,RPC_SECRET}
    env_file: drone.env
    environment:
      DRONE_GITLAB_SERVER: https://git.pbrinkmeier.de
      DRONE_SERVER_HOST: ci.pbrinkmeier.de
      DRONE_SERVER_PROTO: http
    volumes:
      - /var/lib/pbri/docker/drone_server:/data
    restart: always

volumes:
  caddy_data:
  caddy_config:
  codi_uploads:
    external: yes
  codi_database:
    external: yes
  gitlab_data:
    external: yes
  gitlab_logs:
    external: yes
  gitlab_config:
    external: yes