version: "3.4"
services:
  element:
    image: vectorim/element-web:v1.7.21-rc.1
    networks: 
      - clientnet
    volumes:
      - ./element/config.json:/app/config.json
    depends_on:
      - haproxy
  postgres:
    image: postgres
    build:
      context: ./postgres/
    networks:
      - dbnet
    volumes:
      - db-data:/var/lib/postgresql/13/
    ports:
      - "5432:5432"
    environment:
      # - POSTGRES_PASSWORD_FILE=/run/secrets/pg_pass_secret
      # - POSTGRES_USER_FILE=/run/secrets/pg_user_secret
      # - POSTGRES_INITDB_ARGS_FILE=/run/secrets/pg_initdb_args_secret
      # - POSTGRES_DB_FILE=/run/secrets/pg_db_secret
      - POSTGRES_PASSWORD=El3ph@nt#13
      - POSTGRES_USER=postgres
      - POSTGRES_INITDB_ARGS=--encoding='UTF-8' --lc-collate='C' --lc-ctype='C'
      - POSTGRES_DB=synapse
    secrets:
      - pg_pass_secret
      - pg_user_secret
      - pg_initdb_args_secret
      - pg_db_secret
  synapse:
    image: synapse
    build:
      context: ./synapse/
    networks:
      - matrixnet
      - dbnet
    volumes:
      - synapse-data:/data/
    # entrypoint: ["tail", "-f", "/dev/null"]
    # command: ["generate"]
    depends_on:
      - postgres
      - haproxy
    ports:
      - "8008:8008"
      # - "8484:8484/tcp"
      # - "443:443"
    environment:
      - SYNAPSE_SERVER_NAME=terminaldweller.com
      - SYNAPSE_REPORT_STATS=yes
      - SYNAPSE_DATA_DIR=/data/
      - SYNAPSE_CONFIG_DIR=/data/
      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
      # - SYNAPSE_CONFIG_DIR=/data/
      # - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
      # - TZ=Tehran/Asia
    healthcheck:
      test: ["CMD", "curl", "-fSs", "http://localhost:8008/health"]
      interval: 1m
      timeout: 10s
      retries: 3
  haproxy:
    image: haproxy
    build:
      context: ./haproxy/
    ports:
      - "80:80"
      - "443:443"
      - "9999:9999"
      - "8448:8448/tcp"
    networks:
      - matrixnet
      - turnnet
      - certnet
      - clientnet
    volumes:
      - ./haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
      # - cert-data:/usr/local/etc/haproxy/certificates:ro
      # - cert-data:/etc/certificates:ro
      - certificates:/etc/certificates
      - ./haproxy/error.html:/srv/error.html
    # restart: on-failure
    healthcheck:
      test: ["CMD", "curl", "-fSs", "http://localhost:80/health"]
      interval: 1m
      timeout: 10s
      retries: 3
  certbot:
    image: certbot
    build:
      context: ./certbot
    ports:
      - "9080:80"
      - "9443:443"
    networks:
      - certnet
    volumes:
      # - cert-data:/etc/certificates
      - certificates:/etc/certificates
      - certbot-data:/etc/letsencrypt
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do . /etc/scripts/renew-certificates.sh ; sleep 12h & wait $${!}; done;'"
    restart: always
    command: ["certonly"]
    depends_on:
      - haproxy
  # coturn:
  #   image: coturn/coturn:latest
  #   networks:
  #     - turnnet
  #   volumes:
  #     - ./coturn/turnserver.conf:/etc/turnserver.conf:ro
  #   ports:
  #     - "3478:3478"
  #     - "5349:5349"
  #   depends_on:
  #     - synapse
  #     - haproxy
  debugger:
    image: alpine:3.13
    volumes:
      - synapse-data:/data/
    entrypoint: ["tail", "-f", "/dev/null"]
networks:
  matrixnet:
  certnet:
  dbnet:
  turnnet:
  clientnet:
volumes:
  db-data:
  synapse-data:
  # cert-data:
  certificates:
  certbot-data:
secrets:
  pg_pass_secret:
    file: ./postgres/pg_pass_secret
  pg_user_secret:
    file: ./postgres/pg_user_secret
  pg_initdb_args_secret:
    file: ./postgres/pg_initdb_args_secret
  pg_db_secret:
    file: ./postgres/pg_db_secret