services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: unless-stopped
    networks:
      - internal
    environment:
      DOMAIN: "https://bitwarden.vm.local"
      DATABASE_URL: "postgres://vaultwarden:vaultwarden@vaultwarden-db/vaultwarden"
    volumes:
      - ./vw-data/:/data/
    expose:
      - 80

  vaultwarden-db:
    image: docker.io/library/postgres:latest
    container_name: vaultwarden-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: vaultwarden
      POSTGRES_USER: vaultwarden
      POSTGRES_PASSWORD: vaultwarden
    volumes:
      - ./vw-postgres:/var/lib/postgresql/data
    networks:
      - internal

  gitea:
    image: docker.gitea.com/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=gitea-db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
      - GITEA__security__INSTALL_LOCK=true
    restart: unless-stopped
    networks:
      - internal
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    expose:
      - 3000
      - 22

  gitea-db:
    image: docker.io/library/postgres:latest
    container_name: gitea-db
    restart: unless-stopped
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=gitea
      - POSTGRES_DB=gitea
    volumes:
      - ./postgres:/var/lib/postgresql/data
    networks:
      - internal

  nginx:
    image: nginx:latest
    container_name: nginx
    restart: unless-stopped
    networks:
      - internal
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf
      - ./nginx/certs:/etc/nginx/certs
    ports:
      - 80:80
      - 443:443

networks:
  internal:
    driver: bridge