---
services:
  server:
    image: codeberg.org/forgejo/forgejo:9.0.3
    container_name: forgejo
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=mysql
      - GITEA__database__HOST=db:3306
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=$GITEA__database__PASSWD
    restart: always
    networks:
      - gitea_main
    volumes:
      - /home/ubuntu/forgejo/data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3002:3000"
      - "23:22"
    depends_on:
      - db

  db:
    image: mysql:8
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
      - MYSQL_USER=gitea
      - MYSQL_PASSWORD=$MYSQL_PASSWORD
      - MYSQL_DATABASE=gitea
    networks:
      - gitea_main
    volumes:
      - /home/ubuntu/forgejo/mysql:/var/lib/mysql

  gotify:
    image: gotify/server-arm7:2.6.1
    container_name: gotify
    ports:
      - 9008:80
    volumes:
      - /docker/appdata/gotify:/app/data
    restart: unless-stopped
    environment:
      - TZ=America/New_York
      - GOTIFY_DEFAULTUSER_NAME=$GOTIFY_DEFAULTUSER_NAME
      - GOTIFY_DEFAULTUSER_PASS=$GOTIFY_DEFAULTUSER_PASS
    networks:
      - gitea_main

  nginx-proxy-manager:
    image: jc21/nginx-proxy-manager:2.12.2
    container_name: nginx-proxy-manager
    ports:
      - 80:80
      - 81:81
      - 443:443
    volumes:
      - /docker/appdata/nginx/data:/data
      - /docker/appdata/nginx/letsencrypt:/etc/letsencrypt
    restart: unless-stopped
    networks:
      - gitea_main

  fail2ban:
    image: crazymax/fail2ban:1.1.0
    container_name: fail2ban
    network_mode: "host"
    cap_add:
      - NET_ADMIN
      - NET_RAW
    volumes:
      - "/docker/appdata/fail2ban/data:/data"
      - "/var/log/auth.log:/var/log/auth.log:ro"
      - "/docker/appdata/nginx/data/logs/:/log/npm/:ro"
    environment:
      - TZ=America/New_York
      - F2B_LOG_TARGET=STDOUT
      - F2B_LOG_LEVEL=INFO
      - F2B_DB_PURGE_AGE=1d
      - SSMTP_HOST=$SSMTP_HOST
      - SSMTP_PORT=587
      - SSMTP_HOSTNAME=$SSMTP_HOSTNAME
      - SSMTP_USER=$SSMTP_USER
      - SSMTP_PASSWORD=$SSMTP_PASSWORD
      - SSMTP_TLS=YES
    restart: always

  uptime-kuma:
    image: louislam/uptime-kuma:1.23.16
    container_name: uptime-kuma
    environment:
      - UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN=true
    ports:
      - 3001:3001
    volumes:
      - /docker/appdata/kuma:/app/data
    restart: unless-stopped
    networks:
      - gitea_main

  jellyseerr:
    image: fallenbagel/jellyseerr:2.2.2
    container_name: jellyseerr
    ports:
      - 5055:5055
    volumes:
      - /docker/appdata/jellyseerr:/app/config
    environment:
      - TZ=America/New_York
      - LOG_LEVEL=debug
    restart: unless-stopped
    networks:
      - gitea_main

  linkstack:
    image: linkstackorg/linkstack@sha256:ad2ec7ffa69f4b04367313d1b95566bb00955b9670eb5467fd4fab39dd1f53c1
    container_name: linkstack
    ports:
      - 8005:80
      - 8006:443
    volumes:
      - linkstack:/htdocs
    environment:
      - HTTP_SERVER_NAME=$HTTP_SERVER_NAME
      - HTTPS_SERVER_NAME=$HTTP_SERVER_NAME
      - SERVER_ADMIN=$SERVER_ADMIN
    restart: unless-stopped
    networks:
      - gitea_main
  n8n:
    image: ghcr.io/n8n-io/n8n:1.73.1
    container_name: n8n
    ports:
      - 5678:5678
    volumes:
      - n8n_data:/home/node/.n8n
    environment:
      - GENERIC_TIMEZONE=America/New_York
      - TZ=America/New_York
      - WEBHOOK_URL=$WEBHOOK_URL
    restart: unless-stopped
    networks:
      - gitea_main

  vaultwarden:
    image: vaultwarden/server:1.32.7
    container_name: vaultwarden
    ports:
      - 8989:80
    volumes:
      - /home/ubuntu/vw-data/:/data
    environment:
      - DOMAIN=$VWDOMAIN
      - SIGNUPS_ALLOWED=false
    restart: unless-stopped
    networks:
      gitea_main:
        ipv4_address: 172.25.0.25
  ## Linkwarden
  postgres:
    image: postgres:16-alpine
    env_file: .env
    restart: always
    volumes:
      - /docker/appdata/linkwarden/pgdata:/var/lib/postgresql/data
    networks:
      - gitea_main
  linkwarden:
    env_file: .env
    environment:
      - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
    restart: always
    container_name: linkwarden
    image: ghcr.io/linkwarden/linkwarden:v2.8.4
    networks:
      - gitea_main
    ports:
      - 3005:3000
    volumes:
      - /docker/appdata/linkwarden/data:/data/data
    depends_on:
      - postgres

  syncthing:
    image: ghcr.io/linuxserver/syncthing@sha256:1f55fa811ad3903c4b421129966e0eea4b21d53d2471158288dc4a353e273a0a
    container_name: syncthing
    hostname: ARM #optional
    environment:
      - PUID=0
      - PGID=0
      - TZ=Etc/UTC
    volumes:
      - /home/ubuntu/syncthing/config:/config
      - /docker/appdata/:/docker/appdata/
      - /home/ubuntu/:/home/ubuntu/
    ports:
      - 8384:8384
      - 22000:22000/tcp
      - 22000:22000/udp
      - 21027:21027/udp
    restart: unless-stopped

  wiki-db:
    image: postgres:15-alpine
    environment:
      POSTGRES_DB: wiki
      POSTGRES_PASSWORD: $DB_PASS
      POSTGRES_USER: wikijs
    logging:
      driver: "none"
    restart: unless-stopped
    volumes:
      - db-data:/var/lib/postgresql/data
    networks:
      - gitea_main

  wiki:
    container_name: wiki
    image: ghcr.io/requarks/wiki:2.5.305
    depends_on:
      - wiki-db
    environment:
      DB_TYPE: postgres
      DB_HOST: wiki-db
      DB_PORT: 5432
      DB_USER: wikijs
      DB_PASS: $DB_PASS
      DB_NAME: wiki
    restart: unless-stopped
    ports:
      - "1234:3000"
    networks:
      - gitea_main

networks:
  gitea_main:
    external: true

volumes:
  linkstack:
  n8n_data:
  db-data: