---

services:
  nginx-proxy:
    image: nginxproxy/nginx-proxy
    container_name: nginx-proxy
    ports:
      # http
      - "80:80"
      - "443:443"
      # smtp
      - "25:25"
      - "465:465"
      - "587:587"
      # imap
      - "993:993"
      # sieve
      - "4190:4190"
      # src
      - "2222:2222"
    volumes:
      - "/var/run/docker.sock:/tmp/docker.sock:ro"
      - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs"
      - "{{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d"
      - "{{ nginx_proxy_base }}/stubs.conf:/etc/nginx/conf.d/stubs.conf"
      - "{{ nginx_proxy_base }}/htpasswd:/etc/nginx/htpasswd"
    environment:
      - TZ={{ timezone }}
      - DEPLOYMENT_TIME={{ deployment_time }}
      - NO_COLOR=1
      - LOG_JSON=true
      - TRUST_DOWNSTREAM_PROXY=false
    networks:
      - proxy
    labels:
      - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy

  nginx-prometheus-exporter:
    image: nginx/nginx-prometheus-exporter
    restart: always
    environment:
      - TZ={{ timezone }}
      - DEPLOYMENT_TIME={{ deployment_time }}
      - VIRTUAL_HOST={{ outbound_domain }}
      - VIRTUAL_PORT=9113
      - LETSENCRYPT_HOST={{ outbound_domain }}
    command:
      - '--nginx.scrape-uri=http://nginx-proxy:81/nginx_status'
    depends_on:
      - nginx-proxy
    networks:
      - proxy

  nginx-acme-companion:
    image: nginxproxy/acme-companion
    depends_on:
      - nginx-proxy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - acme:/etc/acme.sh
      - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs"
    environment:
      - TZ={{ timezone }}
      - DEPLOYMENT_TIME={{ deployment_time }}
      - DEFAULT_EMAIL={{ certs_email }}
      - ACME_CHALLENGE=DNS-01
      - "ACMESH_DNS_API_CONFIG={'DNS_API': 'dns_cf', 'CF_Key': '{{ cloudflare_token }}', 'CF_Email': '{{ cloudflare_email }}'}"
    networks:
      - proxy

volumes:
  acme:

networks:
  proxy:
    name: proxy