version: '3.9'

services:
    nginx:
        image: nginx
        restart: unless-stopped
        command: nginx -c /config/nginx.conf
        volumes:
            - /home/nick/configs/routing/nginx:/config
            - /mnt/storage:/static:ro
        ports:
            - 80:80
            - 443:443
        extra_hosts:
            - "host.docker.internal:host-gateway"

    certbot:
        image: certbot/dns-cloudflare
        restart: unless-stopped
        entrypoint: "/bin/sh -c \"trap exit TERM; while :; do certbot renew --post-hook 'chown -R 1000:1000 /etc/letsencrypt'; sleep 12h & wait $${!}; done;\""
        volumes:
            - /home/nick/configs/routing/nginx/certs/letsencrypt:/etc/letsencrypt

    cloudflare-argo-tunnel:
        image: cloudflare/cloudflared
        restart: unless-stopped
        volumes:
            - '/home/nick/configs/routing/cloudflared:/etc/cloudflared'
        command: tunnel run --url https://nginx:443 --no-tls-verify jupiter
        user: '1000:1000'

    cloudflare-ddns:
        image: oznu/cloudflare-ddns
        restart: unless-stopped
        environment:
            - API_KEY=${CF_API_KEY}
            - ZONE=${DOMAIN}
            - SUBDOMAIN=ddns
            - PROXIED=false
        network_mode: bridge

    whoami:
        image: containous/whoami
        restart: unless-stopped

networks:
    default:
        name: routing