version: '3'

# Port
# 6379 = redis
# 5432 = postgres
# 80   = mercure 
# 9000 = minio nginx
# 1025 = fake smtp
# 1080 = fake webmail
# 389  = fake ldap
# 636  = fake ldaps
# 6080 = tool phpldapadmin
# 6081 = tool adminer


services:
  # Service redis
  redis-master:
    image: redis:6-alpine
    container_name: nineskeletor-redismaster
    volumes:
      - "./.data:/data:rw"
    ports:
      - "6379:6379"

  redis-slave:
    image: redis:6-alpine
    container_name: nineskeletor-redisslave
    command: redis-server --slaveof redis-master 6379
    links:
      - redis-master
    volumes:
      - "./.data:/data:rw"

  redis-sentinel:
    container_name: nineskeletor-redissentinel
    build:
      context: ./misc/images/redis-sentinel
    links:
      - redis-master

  # Service postgres pour le stockage de la bdd applicative
  postgres:
    image: postgres:13-alpine
    container_name: nineskeletor-postgres
    hostname: nineskeletor-postgres
    environment:
      POSTGRES_MULTIPLE_DATABASES: app,hydra
      POSTGRES_PASSWORD: changeme
      POSTGRES_USER: symfony
    ports:
      - 5432:5432    
    volumes:
      - db-data:/var/lib/postgres/data:rw
      - ./misc/images/postgres:/docker-entrypoint-initdb.d

  # Service app
  app:
    build:
        context: .
        dockerfile: ./misc/images/app/app-docker/Dockerfile
    container_name: nineskeletor-app
    ports:
        - ${APP_HTTP_PORT:-8080}:8080
    links:
      - postgres   
      - hydra   
      - redis-sentinel
    depends_on:
      - postgres
      - hydra
    volumes:
        - ./src:/app/src:delegated
        - ./public:/app/public:delegated
        - ./templates:/app/templates:delegated
        - ./translations:/app/translations:delegated
        - ./tests:/app/tests:delegated
        - ./config:/app/config:delegated
        - ./.env:/app/.env:delegated
    environment:
        PHP_FPM_MEMORY_LIMIT: 128m
        APP_ENV: dev
        
  # Service websocket
  mercure:
    image: dunglas/mercure
    container_name: nineskeletor-mercure
    restart: unless-stopped
    ports:
      - "8081:80"    
    environment:
      SERVER_NAME: ':80'
      MERCURE_PUBLISHER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
      MERCURE_SUBSCRIBER_JWT_KEY: '!changeme!changeme!changeme!changeme!changeme!changeme!'
      MERCURE_EXTRA_DIRECTIVES: |
        cors_origins "http://localhost:8080"
        anonymous
    # Comment the following line to disable the development mode
    #command: /usr/bin/caddy run -config /etc/caddy/Caddyfile.dev
    volumes:
      - mercure_data:/data
      - mercure_config:/config

  # Service de stockage Minio
  minio1:
    image: minio/minio:RELEASE.2021-01-16T02-19-44Z
    container_name: nineskeletor-minio1
    volumes:
      - data1-1:/data1
      - data1-2:/data2
    expose:
      - "9000"
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: changeme
    command: server http://minio{1...4}/data{1...2}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3

  # Service de stockage Minio
  minio2:
    image: minio/minio:RELEASE.2021-01-16T02-19-44Z
    container_name: nineskeletor-minio2
    volumes:
      - data2-1:/data1
      - data2-2:/data2
    expose:
      - "9000"
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: changeme
    command: server http://minio{1...4}/data{1...2}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3

  # Service de stockage Minio
  minio3:
    image: minio/minio:RELEASE.2021-01-16T02-19-44Z
    container_name: nineskeletor-minio3
    volumes:
      - data3-1:/data1
      - data3-2:/data2
    expose:
      - "9000"
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: changeme
    command: server http://minio{1...4}/data{1...2}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3

  # Service de stockage Minio
  minio4:
    image: minio/minio:RELEASE.2021-01-16T02-19-44Z
    container_name: nineskeletor-minio4
    volumes:
      - data4-1:/data1
      - data4-2:/data2
    expose:
      - "9000"
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: changeme
    command: server http://minio{1...4}/data{1...2}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
      interval: 30s
      timeout: 20s
      retries: 3

  # Service nginx orchestrateur des minio
  nginx:
    image: nginx:1.19.2-alpine
    container_name: nineskeletor-nginx
    volumes:
      - ./misc/images/minio/nginx.conf:/etc/nginx/nginx.conf:ro
    ports:
      - "9000:9000"
    depends_on:
      - minio1
      - minio2
      - minio3
      - minio4
  
  # Service hydra
  hydra:
    image: cadoles/hydra-v1
    container_name: nineskeletor-hydra
    volumes:
      - ./misc/images/hydra/clients.d:/etc/hydra/clients.d
    ports:
      - 7080:4444
      - 4445:4445
    links:
      - postgres      
    depends_on:
      - postgres
    restart: on-failure
    environment:
      LOG_LEAK_SENSITIVE_VALUES: "true"
      HYDRA_URLS_SELF_ISSUER: http://localhost:7080
      HYDRA_URLS_CONSENT: http://localhost:7081/consent
      HYDRA_URLS_LOGIN: http://localhost:7081/login
      HYDRA_URLS_LOGOUT: http://localhost:7081/logout
      HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra
      #HYDRA_WAIT4X_DATABASE_TYPE: postgres
      #HYDRA_WAIT4X_DATABASE_DSN: postgres://symfony:changeme@postgres:5432/hydra
      HYDRA_ALLOW_INSECURE: "yes"
      HYDRA_LEVEL: debug

  hydra-dispatcher:
    build:
      context: ./misc/images/hydra-dispatcher
    container_name: nineskeletor-hydra-dispatcher
    links:
      - hydra
    ports:
      - 7081:80
    restart: on-failure
    environment:
      - APP_ENV=dev
      - APP_DEBUG=yes
      - HYDRA_BASE_URL=http://hydra:4444
      - HYDRA_ADMIN_BASE_URL=http://hydra:4445
      # url dispatcher
      - BASE_URL=http://localhost:7081
      - COOKIE_PATH=/
      - DEFAULT_LOCALE=fr
      - APP_LOCALES=fr,en
    volumes:
      - ./misc/images/hydra-dispatcher/hydra:/var/www/config/hydra:ro
      - ./misc/images/hydra-dispatcher/templates:/var/www/templates
      - ./misc/images/hydra-dispatcher/theme.css:/var/www/public/build/theme/theme.css

  # Service fake smtp = optionnel
  mailer:
    image: schickling/mailcatcher
    container_name: nineskeletor-mailer
    ports:
      - 1025:1025
      - 1080:1080

  # Service fake openldap = optionnel si nineskeletor a une synchronisation avec un annuaire
  openldap:
    image: osixia/openldap:1.5.0
    container_name: nineskeletor-openldap
    environment:
      LDAP_LOG_LEVEL: "256"
      LDAP_ORGANISATION: "nine"
      LDAP_DOMAIN: "nine.fr"
      LDAP_ADMIN_PASSWORD: "changeme"
      LDAP_CONFIG_PASSWORD: "changeme"
      LDAP_READONLY_USER: "true"
      LDAP_READONLY_USER_USERNAME: "readonly"
      LDAP_READONLY_USER_PASSWORD: "readonly"
      LDAP_TLS: "false"
    volumes:
      - /var/lib/ldap
      - /etc/ldap/slapd.d
      - /container/service/slapd/assets/certs/
    ports:
      - "389:389"
      - "636:636"

  # Service tool phpldapadmin = optionnel dans le cas de la présence d'un fake openldap
  phpldapadmin:
    image: osixia/phpldapadmin:latest
    container_name: nineskeletor-phpldapadmin
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    ports:
      - "6080:80"
    depends_on:
      - openldap
  
  # Service tool adminer = optionnel
  adminer:
    image: adminer
    container_name: nineskeletor-adminer
    restart: always
    ports:
      - 6081:8080 

volumes:
  db-data:
  mercure_data:
  mercure_config:
  data1-1:
  data1-2:
  data2-1:
  data2-2:
  data3-1:
  data3-2:
  data4-1:
  data4-2: