version: "3"
services:
  pixelfed-app:
    image: osresearch/pixelfed:latest
    container_name: pixelfed-app
    restart: always
    volumes:
      - ./data/pixelfed/storage:/var/www/storage
    environment:
      - APP_NAME="${DOMAIN_NAME} Pixelfed"
      - INSTANCE_DESCRIPTION="${DOMAIN_NAME} Pixelfed"
      - OIDC_CLIENT_ID=pixelfed
      - OIDC_CLIENT_SECRET=${PIXELFED_CLIENT_SECRET}
      - OIDC_PROVIDER_URL=https://${KEYCLOAK_HOSTNAME}.${DOMAIN_NAME}/realms/${REALM}
      - OIDC_ENABLED=true
      - OIDC_PROVIDER_NAME=Keycloak
      - APP_URL="https://${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - APP_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - ADMIN_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - SESSION_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - MAIL_DRIVER=log
      - MAIL_HOST=${SMTP_SERVER}
      - MAIL_PORT=${SMTP_PORT}
      - MAIL_FROM_ADDRESS="pixelfed@${DOMAIN_NAME}"
      - MAIL_FROM_NAME="Pixelfed"
      - MAIL_USERNAME="${SMTP_USER}"
      - MAIL_PASSWORD="${SMTP_PASSWORD}"
    env_file:
      - ./pixelfed/env.production
      - ./secrets/pixelfed.app
    depends_on:
      - pixelfed-db
      - pixelfed-redis

  pixelfed-worker:
    image: osresearch/pixelfed:latest
    container_name: pixelfed-worker
    restart: unless-stopped
    volumes:
      - ./data/pixelfed/storage:/var/www/storage
    env_file:
      - ./pixelfed/env.production
      - ./secrets/pixelfed.app
    environment:
      - APP_URL="https://${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - APP_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - ADMIN_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - SESSION_DOMAIN="${PIXELFED_HOSTNAME}.${DOMAIN_NAME}"
      - MAIL_DRIVER=log
      - MAIL_HOST=${SMTP_SERVER}
      - MAIL_PORT=${SMTP_PORT}
      - MAIL_FROM_ADDRESS="pixelfed@${DOMAIN_NAME}"
      - MAIL_FROM_NAME="Pixelfed"
      - MAIL_USERNAME="${SMTP_USER}"
      - MAIL_PASSWORD="${SMTP_PASSWORD}"
    command: gosu www-data php artisan horizon
    depends_on:
      - pixelfed-db
      - pixelfed-redis

## DB and Cache
  pixelfed-db:
    image: mysql:8.0
    container_name: pixelfed-db
    restart: unless-stopped
    command: --default-authentication-plugin=mysql_native_password
    volumes:
      - ./data/pixelfed/db-data:/var/lib/mysql
    env_file:
      - ./pixelfed/env.production

  pixelfed-redis:
    image: redis:5-alpine
    container_name: pixelfed-redis
    restart: unless-stopped
    volumes:
      - ./data/pixelfed/redis-data:/data
    env_file:
      - ./pixelfed/env.production

  # add the subdomain nginx configuration into the nginx volume
  # as well as the storage directory for direct sendfile of static data
  nginx:
    volumes:
      - ./pixelfed/nginx.conf:/etc/nginx/templates/pixelfed.conf.template:ro
      - ./data/pixelfed/storage:/pixelfed/storage:ro

  # add the subdomain client secrets to the keycloak-setup volume
  keycloak:
    volumes:
      - ./pixelfed/keycloak.sh:/keycloak-setup/pixelfed.sh:ro