version: "3"

services:
  server:
    image: gitea/gitea:latest
    container_name: gitea
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=${GITEA_DBUSER}
      - GITEA__database__PASSWD=${GITEA_DBPW}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.gitea.entrypoints=http"
      - "traefik.http.routers.gitea.rule=Host(`${GITEA_HOST}`)"
      - "traefik.http.middlewares.gitea-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.gitea.middlewares=portainer-https-redirect"
      - "traefik.http.routers.gitea-secure.entrypoints=https"
      - "traefik.http.routers.gitea-secure.rule=Host(`${GITEA_HOST}`)"
      - "traefik.http.routers.gitea-secure.tls=true"
      - "traefik.http.routers.gitea-secure.tls.certresolver=http"
      - "traefik.http.routers.gitea-secure.service=gitea"
      - "traefik.http.services.gitea.loadbalancer.server.port=${GITEA_LBPORT}"
      - "traefik.docker.network=traefik-proxy"
    networks:
      - gitea
      - traefik-proxy
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - target: 3000
      - target: 222
    depends_on:
       - db
 
  db:
    image: postgres:14
    restart: unless-stopped
    environment:
      - POSTGRES_USER=${POSTGRESS_DBUSER}
      - POSTGRES_PASSWORD=${POSTGRESS_DBPW}
      - POSTGRES_DB=gitea
    networks:
      - gitea
    volumes:
      - ./postgres:/var/lib/postgresql/data

networks:
  gitea:
    driver: bridge
    external: false
    name: int_gitea
  traefik-proxy:
    external: true
    name: traefik-proxy