services:
  gitea:
    image: gitea/gitea:1.22.1
    container_name: gitea
    env_file:
      - /data/secrets/${SERVER_DOMAIN}/${SERVER_DOMAIN}.env
    environment:
      APP_NAME: "Gitea"
      USER_UID: 1000
      USER_GID: 1000
      USER: git
      RUN_MODE: prod
      DOMAIN: git.${SERVER_DOMAIN}
      ROOT_URL: https://git.${SERVER_DOMAIN}
      HTTP_PORT: 3000
  
      SSH_PORT: 22
      SSH_LISTEN_PORT: 22
      SSH_DOMAIN: git.${SERVER_DOMAIN}
  
      GITEA__cache__ENABLED: true
      GITEA__cache__ADAPTER: redis
      GITEA__cache__HOST: redis://gitea-cache:6379/0?pool_size=100&idle_timeout=180s
      GITEA__cache__ITEM_TTL: 24
      GITEA__database__DB_TYPE: postgres
      GITEA__database__HOST: postgres:5432
      GITEA__database__NAME: gitea
      GITEA__database__USER: gitea

      GITEA__REPOSITORY__ENABLE_PUSH_CREATE_USER: true
      GITEA__repository__ENABLE_PUSH_CREATE_ORG: true

      GITEA__security__INSTALL_LOCK: true
    restart: unless-stopped
    networks:
      - proxynet
    depends_on:
      gitea-cache:
        condition: service_started
    labels: 
      - "traefik.enable=true"
      - "traefik.http.routers.gitea.rule=Host(`git.${SERVER_DOMAIN}`)"
      - "traefik.http.routers.gitea.entrypoints=https"
      - "traefik.http.routers.gitea.service=gitea-service"
      - "traefik.http.services.gitea-service.loadbalancer.server.port=3000"
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
    volumes:
      - /data/appdata/gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "22:22"

  gitea-cache:
    container_name: gitea-cache
    image: redis:7.2.5-alpine3.20
    restart: unless-stopped
    networks:
      - proxynet
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 15s
      timeout: 3s
      retries: 30
    logging:
      driver: "json-file"
      options:
        max-size: "1m"

networks:
  proxynet:
    external: true