version: "3"
services:
  reverse-proxy:
    image: traefik:v2.0
    command:
      - --api.insecure=true
      - --providers.docker
      - --entryPoints.web.address=:80
      - --entryPoints.websecure.address=:443
    ports:
      - "80:80"
      - "443:443"
      # The Web UI (enabled by --api.insecure=true)
      - "8080:8080"
    depends_on:
      - back
      - front
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

  front:
    image: thecodingmachine/nodejs:14
    environment:
      DEBUG_MODE: "$DEBUG_MODE"
      JITSI_URL: $JITSI_URL
      JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
      HOST: "0.0.0.0"
      NODE_ENV: development
      PUSHER_URL: //pusher.workadventure.localhost
      UPLOADER_URL: //uploader.workadventure.localhost
      ADMIN_URL: //workadventure.localhost
      ICON_URL: //icon.workadventure.localhost
      STARTUP_COMMAND_1: ./templater.sh
      STARTUP_COMMAND_2: yarn install
      STUN_SERVER: "stun:stun.l.google.com:19302"
      TURN_SERVER: "turn:coturn.workadventure.localhost:3478,turns:coturn.workadventure.localhost:5349"
      DISABLE_NOTIFICATIONS: "$DISABLE_NOTIFICATIONS"
      SKIP_RENDER_OPTIMIZATIONS: "$SKIP_RENDER_OPTIMIZATIONS"
      # Use TURN_USER/TURN_PASSWORD if your Coturn server is secured via hard coded credentials.
      # Advice: you should instead use Coturn REST API along the TURN_STATIC_AUTH_SECRET in the Back container
      TURN_USER: ""
      TURN_PASSWORD: ""
      START_ROOM_URL: "$START_ROOM_URL"
      MAX_PER_GROUP: "$MAX_PER_GROUP"
      MAX_USERNAME_LENGTH: "$MAX_USERNAME_LENGTH"
      DISABLE_ANONYMOUS: "$DISABLE_ANONYMOUS"
      OPID_LOGIN_SCREEN_PROVIDER: "$OPID_LOGIN_SCREEN_PROVIDER"
    command: yarn run start
    volumes:
      - ./front:/usr/src/app
    labels:
      - "traefik.http.routers.front.rule=Host(`play.workadventure.localhost`)"
      - "traefik.http.routers.front.entryPoints=web"
      - "traefik.http.services.front.loadbalancer.server.port=8080"
      - "traefik.http.routers.front-ssl.rule=Host(`play.workadventure.localhost`)"
      - "traefik.http.routers.front-ssl.entryPoints=websecure"
      - "traefik.http.routers.front-ssl.tls=true"
      - "traefik.http.routers.front-ssl.service=front"

  pusher:
    image: thecodingmachine/nodejs:14
    command: yarn dev
    environment:
      DEBUG: "socket:*"
      STARTUP_COMMAND_1: yarn install
      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
      SECRET_KEY: yourSecretKey
      ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
      API_URL: back:50051
      JITSI_URL: $JITSI_URL
      JITSI_ISS: $JITSI_ISS
      FRONT_URL: http://play.workadventure.localhost
      OPID_CLIENT_ID: $OPID_CLIENT_ID
      OPID_CLIENT_SECRET: $OPID_CLIENT_SECRET
      OPID_CLIENT_ISSUER: $OPID_CLIENT_ISSUER
      OPID_CLIENT_REDIRECT_URL: $OPID_CLIENT_REDIRECT_URL
      OPID_PROFILE_SCREEN_PROVIDER: $OPID_PROFILE_SCREEN_PROVIDER
      DISABLE_ANONYMOUS: $DISABLE_ANONYMOUS
    volumes:
      - ./pusher:/usr/src/app
    labels:
      - "traefik.http.routers.pusher.rule=Host(`pusher.workadventure.localhost`)"
      - "traefik.http.routers.pusher.entryPoints=web"
      - "traefik.http.services.pusher.loadbalancer.server.port=8080"
      - "traefik.http.routers.pusher-ssl.rule=Host(`pusher.workadventure.localhost`)"
      - "traefik.http.routers.pusher-ssl.entryPoints=websecure"
      - "traefik.http.routers.pusher-ssl.tls=true"
      - "traefik.http.routers.pusher-ssl.service=pusher"

  maps:
    image: thecodingmachine/nodejs:12-apache
    environment:
      DEBUG_MODE: "$DEBUG_MODE"
      HOST: "0.0.0.0"
      NODE_ENV: development
      #APACHE_DOCUMENT_ROOT: dist/
      #APACHE_EXTENSIONS: headers
      #APACHE_EXTENSION_HEADERS: 1
      STARTUP_COMMAND_0: sudo a2enmod headers
      STARTUP_COMMAND_1: yarn install
      STARTUP_COMMAND_2: yarn run dev &
    volumes:
      - ./maps:/var/www/html
    labels:
      - "traefik.http.routers.maps.rule=Host(`maps.workadventure.localhost`)"
      - "traefik.http.routers.maps.entryPoints=web,traefik"
      - "traefik.http.services.maps.loadbalancer.server.port=80"
      - "traefik.http.routers.maps-ssl.rule=Host(`maps.workadventure.localhost`)"
      - "traefik.http.routers.maps-ssl.entryPoints=websecure"
      - "traefik.http.routers.maps-ssl.tls=true"
      - "traefik.http.routers.maps-ssl.service=maps"

  back:
    image: thecodingmachine/nodejs:12
    command: yarn dev
    #command: yarn run profile
    environment:
      DEBUG: "*"
      STARTUP_COMMAND_1: yarn install
      SECRET_KEY: yourSecretKey
      SECRET_JITSI_KEY: "$SECRET_JITSI_KEY"
      ALLOW_ARTILLERY: "true"
      ADMIN_API_TOKEN: "$ADMIN_API_TOKEN"
      JITSI_URL: $JITSI_URL
      JITSI_ISS: $JITSI_ISS
      TURN_STATIC_AUTH_SECRET: SomeStaticAuthSecret
      MAX_PER_GROUP: "MAX_PER_GROUP"
      REDIS_HOST: redis
      NODE_ENV: development
    volumes:
      - ./back:/usr/src/app
    labels:
      - "traefik.http.routers.back.rule=Host(`api.workadventure.localhost`)"
      - "traefik.http.routers.back.entryPoints=web"
      - "traefik.http.services.back.loadbalancer.server.port=8080"
      - "traefik.http.routers.back-ssl.rule=Host(`api.workadventure.localhost`)"
      - "traefik.http.routers.back-ssl.entryPoints=websecure"
      - "traefik.http.routers.back-ssl.tls=true"
      - "traefik.http.routers.back-ssl.service=back"

  uploader:
    image: thecodingmachine/nodejs:12
    command: yarn dev
    #command: yarn run profile
    environment:
      DEBUG: "*"
      STARTUP_COMMAND_1: yarn install
    volumes:
      - ./uploader:/usr/src/app
    labels:
      - "traefik.http.routers.uploader.rule=Host(`uploader.workadventure.localhost`)"
      - "traefik.http.routers.uploader.entryPoints=web"
      - "traefik.http.services.uploader.loadbalancer.server.port=8080"
      - "traefik.http.routers.uploader-ssl.rule=Host(`uploader.workadventure.localhost`)"
      - "traefik.http.routers.uploader-ssl.entryPoints=websecure"
      - "traefik.http.routers.uploader-ssl.tls=true"
      - "traefik.http.routers.uploader-ssl.service=uploader"

  messages:
    #image: thecodingmachine/nodejs:14
    image: thecodingmachine/workadventure-back-base:latest
    environment:
      #STARTUP_COMMAND_0: sudo apt-get install -y inotify-tools
      STARTUP_COMMAND_1: yarn install
      STARTUP_COMMAND_2: yarn run proto:watch
    volumes:
      - ./messages:/usr/src/app
      - ./back:/usr/src/back
      - ./front:/usr/src/front
      - ./pusher:/usr/src/pusher

  redis:
    image: redis:6

  redisinsight:
    image: redislabs/redisinsight:latest
    labels:
      - "traefik.http.routers.redisinsight.rule=Host(`redis.workadventure.localhost`)"
      - "traefik.http.routers.redisinsight.entryPoints=web"
      - "traefik.http.services.redisinsight.loadbalancer.server.port=8001"
      - "traefik.http.routers.redisinsight-ssl.rule=Host(`redis.workadventure.localhost`)"
      - "traefik.http.routers.redisinsight-ssl.entryPoints=websecure"
      - "traefik.http.routers.redisinsight-ssl.tls=true"
      - "traefik.http.routers.redisinsight-ssl.service=redisinsight"

  icon:
    image: matthiasluedtke/iconserver:v3.13.0
    labels:
      - "traefik.http.routers.icon.rule=Host(`icon.workadventure.localhost`)"
      - "traefik.http.routers.icon.entryPoints=web"
      - "traefik.http.services.icon.loadbalancer.server.port=8080"
      - "traefik.http.routers.icon-ssl.rule=Host(`icon.workadventure.localhost`)"
      - "traefik.http.routers.icon-ssl.entryPoints=websecure"
      - "traefik.http.routers.icon-ssl.tls=true"
      - "traefik.http.routers.icon-ssl.service=icon"

#  coturn:
#    image: coturn/coturn:4.5.2
#    command:
#      - turnserver
#      #- -c=/etc/coturn/turnserver.conf
#      - --log-file=stdout
#      - --external-ip=$$(detect-external-ip)
#      - --listening-port=3478
#      - --min-port=10000
#      - --max-port=10010
#      - --tls-listening-port=5349
#      - --listening-ip=0.0.0.0
#      - --realm=coturn.workadventure.localhost
#      - --server-name=coturn.workadventure.localhost
#      - --lt-cred-mech
#      # Enable Coturn "REST API" to validate temporary passwords.
#      #- --use-auth-secret
#      #- --static-auth-secret=SomeStaticAuthSecret
#      #- --userdb=/var/lib/turn/turndb
#      - --user=workadventure:WorkAdventure123
#      # use real-valid certificate/privatekey files
#      #- --cert=/root/letsencrypt/fullchain.pem
#      #- --pkey=/root/letsencrypt/privkey.pem
#    network_mode: host