version: '3.9'

services:
    nginx:
        image: nginx
        restart: unless-stopped
        command: nginx -c /config/nginx.conf
        volumes:
            - /home/nick/configs/routing/nginx:/config
            - /mnt/storage:/static:ro
        ports:
            - 80:80
            - 443:443
        extra_hosts:
            - host.docker.internal:host-gateway

    certbot:
        image: certbot/dns-cloudflare
        restart: unless-stopped
        entrypoint: "/bin/sh -c \"trap exit TERM; while :; do certbot renew --post-hook 'chown -R 1000:1000 /etc/letsencrypt'; sleep 12h & wait $${!}; done;\""
        volumes:
            - /home/nick/configs/routing/nginx/certs/letsencrypt:/etc/letsencrypt

    cloudflare-argo-tunnel:
        image: cloudflare/cloudflared
        restart: unless-stopped
        volumes:
            - /home/nick/configs/routing/cloudflared:/etc/cloudflared
        command: tunnel run --url https://nginx:443 --no-tls-verify jupiter
        user: 1000:1000

    cloudflare-ddns:
        image: oznu/cloudflare-ddns
        restart: unless-stopped
        environment:
            API_KEY: ${CF_API_KEY}
            ZONE: ${DOMAIN}
            SUBDOMAIN: ddns
            PROXIED: false
        network_mode: bridge

    whoami:
        image: containous/whoami
        restart: unless-stopped

networks:
    default:
        name: routing