version: '3.7'
services:
  # Nginx reverse proxy container
  # Reference:
  # https://github.com/jwilder/nginx-proxy
  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    restart: always
    environment:
      - DEFAULT_HOST=mthmmy.tk
    labels:
        com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    logging:
      options:
        max-size: '4m'
        max-file: '10'
    networks:
      - jenkins-net
      - apella-net
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./volumes/nginx/conf:/etc/nginx/conf.d
      - ./volumes/nginx/vhost:/etc/nginx/vhost.d
      - ./volumes/nginx/html:/usr/share/nginx/html
      - ./volumes/nginx/dhparam:/etc/nginx/dhparam
      - ./volumes/nginx/certs:/etc/nginx/certs:ro

  # Letsencrypt automated creation, renewal and use of Let's Encrypt certificates
  # Reference:
  # https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-proxy-le
    restart: always
    depends_on:
      - nginx-proxy
    logging:
      options:
        max-size: '4m'
        max-file: '10'
    networks:
      - jenkins-net
      - apella-net
    volumes:
      - ./volumes/nginx/conf:/etc/nginx/conf.d
      - ./volumes/nginx/vhost:/etc/nginx/vhost.d
      - ./volumes/nginx/html:/usr/share/nginx/html
      - ./volumes/nginx/dhparam:/etc/nginx/dhparam
      - ./volumes/nginx/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro

  # Jenkins automation server, image bundled with Blue Ocean
  # Reference:
  # https://jenkins.io/doc/book/blueocean/
  jenkins:
    build:
      dockerfile: ./Dockerfile
      context: ./jenkins
    container_name: jenkins
    restart: always
    user: root
    env_file:
     - ./env/jenkins.env
    secrets:
      - jenkins_admin_username
      - jenkins_admin_password
      - jenkins_dockerhub_username
      - jenkins_dockerhub_password
    networks:
      - jenkins-net
    volumes:
      - ./volumes/jenkins/log:/var/log/jenkins
      - jenkins-data:/var/jenkins_home
      - ./jenkins/downloads:/var/jenkins_home/downloads
      - /var/run/docker.sock:/var/run/docker.sock

# Networks in use
# TODO: maybe add/split to separate networks
networks:
  jenkins-net:
    driver: bridge
  apella-net:
    driver: bridge
# Secrets in use
secrets:
  jenkins_admin_username:
    file: ./jenkins/secrets/adminUsername
  jenkins_admin_password:
    file: ./jenkins/secrets/adminPassword
  jenkins_dockerhub_username:
    file: ./jenkins/secrets/dockerhubUsername
  jenkins_dockerhub_password:
    file: ./jenkins/secrets/dockerhubPassword
volumes:
  jenkins-data: