services:
  # ---------------------------------------------------------------------------
  # NetBird core services (proven config from existing PoC)
  # ---------------------------------------------------------------------------
  caddy:
    image: caddy:{{ caddy_version }}
    restart: unless-stopped
    networks:
      - netbird
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./config/Caddyfile:/etc/caddy/Caddyfile:ro
      - caddy_data:/data
      - caddy_config:/config
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  dashboard:
    image: netbirdio/dashboard:{{ dashboard_version }}
    restart: unless-stopped
    networks:
      - netbird
    env_file:
      - ./config/dashboard.env
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  signal:
    image: netbirdio/signal:{{ netbird_version }}
    restart: unless-stopped
    networks:
      - netbird
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  relay:
    image: netbirdio/relay:{{ netbird_version }}
    restart: unless-stopped
    networks:
      - netbird
    env_file:
      - ./config/relay.env
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  management:
    image: netbirdio/management:{{ netbird_version }}
    restart: unless-stopped
    networks:
      - netbird
    volumes:
      - netbird_management:/var/lib/netbird
      - ./config/management.json:/etc/netbird/management.json
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  coturn:
    image: coturn/coturn:{{ coturn_version }}
    restart: unless-stopped
    networks:
      - netbird
    ports:
      - "3478:3478/udp"
      - "3478:3478/tcp"
    volumes:
      - ./config/turnserver.conf:/etc/coturn/turnserver.conf:ro
    logging:
      driver: json-file
      options:
        max-size: "500m"
        max-file: "2"

  # ---------------------------------------------------------------------------
  # Gitea (local Git server for GitOps source-of-truth)
  # ---------------------------------------------------------------------------
  gitea:
    image: gitea/gitea:{{ gitea_version }}
    restart: unless-stopped
    networks:
      - netbird
    environment:
      - GITEA__server__DOMAIN={{ gitea_domain }}
      - GITEA__server__ROOT_URL=https://{{ gitea_domain }}
      - GITEA__server__SSH_DOMAIN={{ gitea_domain }}
      - GITEA__database__DB_TYPE=sqlite3
      - GITEA__actions__ENABLED=true
    volumes:
      - gitea_data:/data
    ports:
      - "{{ gitea_ssh_port }}:22"
    logging:
      driver: json-file
      options:
        max-size: "50m"
        max-file: "2"

  # ---------------------------------------------------------------------------
  # NetBird GitOps Reconciler
  # ---------------------------------------------------------------------------
  reconciler:
    build:
      context: {{ base_dir }}/reconciler-src
      dockerfile: Dockerfile
    restart: unless-stopped
    networks:
      - netbird
    env_file:
      - ./config/reconciler.env
    volumes:
      - reconciler_data:/data
    ports:
      - "127.0.0.1:{{ reconciler_port }}:{{ reconciler_port }}"
    depends_on:
      - management
    logging:
      driver: json-file
      options:
        max-size: "50m"
        max-file: "2"

networks:
  netbird:

volumes:
  netbird_management:
  caddy_data:
  caddy_config:
  gitea_data:
  reconciler_data: