version: "3.9"
services:
  windows:
    container_name: windows
    image: dockurr/windows:3.05
    restart: unless-stopped
    devices:
      - /dev/kvm
    cap_add:
      - NET_ADMIN
    ports:
      - ${APP_PORT}:8006
      - 3389:3389/tcp
      - 3389:3389/udp
    stop_grace_period: 2m
    environment:
      - RAM_SIZE=${WINDOWS_RAM_GB}G
      - CPU_CORE=${WINDOWS_CPU_CORES}
      - DISK_SIZE=${WINDOWS_DISK_SIZE_GB}G
      - VERSION=${WINDOWS_VERSION}
    volumes:
      - ${APP_DATA_DIR}/data/storage:/storage
    networks:
      - tipi_main_network
    labels:
      # Main
      traefik.enable: true
      traefik.http.middlewares.windows-web-redirect.redirectscheme.scheme: https
      traefik.http.services.windows.loadbalancer.server.port: 8006
      # Web
      traefik.http.routers.windows-insecure.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.windows-insecure.entrypoints: web
      traefik.http.routers.windows-insecure.service: windows
      traefik.http.routers.windows-insecure.middlewares: windows-web-redirect
      # Websecure
      traefik.http.routers.windows.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.windows.entrypoints: websecure
      traefik.http.routers.windows.service: windows
      traefik.http.routers.windows.tls.certresolver: myresolver
      # Local domain
      traefik.http.routers.windows-local-insecure.rule: Host(`windows.${LOCAL_DOMAIN}`)
      traefik.http.routers.windows-local-insecure.entrypoints: web
      traefik.http.routers.windows-local-insecure.service: windows
      traefik.http.routers.windows-local-insecure.middlewares: windows-web-redirect
      # Local domain secure
      traefik.http.routers.windows-local.rule: Host(`windows.${LOCAL_DOMAIN}`)
      traefik.http.routers.windows-local.entrypoints: websecure
      traefik.http.routers.windows-local.service: windows
      traefik.http.routers.windows-local.tls: true