version: '3.5'

networks:
  reverse-proxy:
    external:
      name: reverse-proxy

services:
  web:
    labels:
      - "traefik.docker.network=reverse-proxy"
      - "traefik.enable=true"
      ### <http> ###
      - "traefik.http.middlewares.nopaque-header.headers.customrequestheaders.X-Forwarded-Proto=http"
      - "traefik.http.routers.nopaque.entrypoints=web"
      - "traefik.http.routers.nopaque.middlewares=nopaque-header, redirect-to-https@file"
      - "traefik.http.routers.nopaque.rule=Host(`${NOPAQUE_DOMAIN}`)"
      ### </http> ###
      ### <https> ###
      - "traefik.http.middlewares.nopaque-secure-header.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.nopaque-secure.entrypoints=web-secure"
      - "traefik.http.routers.nopaque-secure.middlewares=hsts-header@file, nopaque-secure-header"
      - "traefik.http.routers.nopaque-secure.rule=Host(`${NOPAQUE_DOMAIN}`)"
      - "traefik.http.routers.nopaque-secure.tls.options=intermediate@file"
      ### </https> ###
      ### <basicauth help="https://docs.traefik.io/middlewares/basicauth/"> ###
      # - "traefik.http.middlewares.nopaque-basicauth.basicauth.users=<USERNAME>:<PASSWORD>"
      # - "traefik.http.routers.nopaque.middlewares=nopaque-basicauth, nopaque-header, redirect-to-https@file"
      # - "traefik.http.routers.nopaque-secure.middlewares=nopaque-basicauth, hsts-header@file, nopaque-secure-header"
      ### </basicauth> ###
    networks:
      - default
      - reverse-proxy
    volumes:
      # Mount code as volumes
      - "./web/app:/home/nopaque/app"
      - "./web/migrations:/home/nopaque/migrations"
      - "./web/tests:/home/nopaque/tests"
      - "./web/config.py:/home/nopaque/config.py"
      - "./web/docker-entrypoint.sh:/home/nopaque/docker-entrypoint.sh"
      - "./web/nopaque.py:/home/nopaque/nopaque.py"
      - "./web/requirements.txt:/home/nopaque/requirements.txt"
  daemon:
    volumes:
      # Mount code as volumes
      - "./daemon/logger:/home/nopaqued/logger"
      - "./daemon/notify:/home/nopaqued/notify"
      - "./daemon/tasks:/home/nopaqued/tasks"
      - "./daemon/docker-entrypoint.sh:/home/nopaqued/docker-entrypoint.sh"
      - "./daemon/nopaqued.py:/home/nopaqued/nopaqued.py"
      - "./daemon/requirements.txt:/home/nopaqued/requirements.txt"