# {{ ansible_managed }}

networks:
  forgejo:
    external: false

services:
  server:
    image: '{{ image_tag }}'
    container_name: forgejo
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__server__DOMAIN={{ domain }}
      - FORGEJO__server__ROOT_URL=https://{{ domain }}/
      - FORGEJO__server__SSH_DOMAIN={{ domain }}
      - FORGEJO__database__DB_TYPE=postgres
      - FORGEJO__database__HOST=db:5432
      - FORGEJO__database__NAME={{ postgres_name }}
      - FORGEJO__database__USER={{ postgres_user }}
      - FORGEJO__database__PASSWD={{ postgres_password }}
    restart: always
    networks:
      - forgejo
    volumes:
      - {{ data_dir }}:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - '3000:3000'
      - '22:22'
    depends_on:
      - db

  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER={{ postgres_user }}
      - POSTGRES_PASSWORD={{ postgres_password }}
      - POSTGRES_DB={{ postgres_name }}
    networks:
      - forgejo
    volumes:
      - {{ postgres_dir }}:/var/lib/postgresql/data

  docker-in-docker:
    image: docker:dind
    privileged: true
    container_name: 'docker_dind'
    command: ['dockerd', '--host', 'tcp://0.0.0.0:2375', '--tls=false']
    restart: 'unless-stopped'

  # see https://forgejo.org/docs/latest/admin/runner-installation/#oci-image-installation
  runner:
    image: 'code.forgejo.org/forgejo/runner:3.4.1'
    user: 1001:1001 # User without root privileges, but with access to {{ runner_dir }}
    command: '/bin/sh -c "sleep 5; forgejo-runner daemon"'
    environment:
      DOCKER_HOST: tcp://docker-in-docker:2375
    links:
      - docker-in-docker
    depends_on:
      docker-in-docker:
        condition: service_started

    volumes:
      - {{ runner_dir }}:/data
    restart: 'unless-stopped'