version: "3.9"

services:
  firefly-iii:
    image: fireflyiii/core:version-6
    container_name: firefly-iii
    restart: unless-stopped
    volumes:
      - ${APP_DATA_DIR}/data/uplodad:/var/www/html/storage/upload
    ports:
      - ${APP_PORT}:8080
    depends_on:
      - firefly-iii-db
    environment:
      - APP_ENV=local
      - APP_DEBUG=false
      - SITE_OWNER=${EMAIL}
      - APP_KEY=${APP_KEY}
      - STATIC_CRON_TOKEN=${STATIC_CRON_TOKEN}
      - TZ=${TZ}
      - TRUSTED_PROXIES=**

      # Database
      - DB_CONNECTION=mysql
      - DB_HOST=firefly-iii-db
      - DB_PORT=3306
      - DB_DATABASE=firefly
      - DB_USERNAME=firefly
      - DB_PASSWORD=${MYSQL_PASSWORD}

      # Cookie settings
      - COOKIE_PATH="/"
      - COOKIE_DOMAIN=
      - COOKIE_SECURE=false
      - COOKIE_SAMESITE=lax

      - APP_NAME=FireflyIII
      - BROADCAST_DRIVER=log
      - QUEUE_DRIVER=sync
      - CACHE_PREFIX=firefly
      - IS_HEROKU=false
      - FIREFLY_III_LAYOUT=v1
      - APP_URL=http://localhost:${APP_PORT}
    networks:
      - tipi_main_network
    labels:
      # Main
      traefik.enable: true
      traefik.http.middlewares.firefly-iii-web-redirect.redirectscheme.scheme: https
      traefik.http.services.firefly-iii.loadbalancer.server.port: 8080
      # Web
      traefik.http.routers.firefly-iii-insecure.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.firefly-iii-insecure.entrypoints: web
      traefik.http.routers.firefly-iii-insecure.service: firefly-iii
      traefik.http.routers.firefly-iii-insecure.middlewares: firefly-iii-web-redirect
      # Websecure
      traefik.http.routers.firefly-iii.rule: Host(`${APP_DOMAIN}`)
      traefik.http.routers.firefly-iii.entrypoints: websecure
      traefik.http.routers.firefly-iii.service: firefly-iii
      traefik.http.routers.firefly-iii.tls.certresolver: myresolver
      # Local domain
      traefik.http.routers.firefly-iii-local-insecure.rule: Host(`firefly-iii.${LOCAL_DOMAIN}`)
      traefik.http.routers.firefly-iii-local-insecure.entrypoints: web
      traefik.http.routers.firefly-iii-local-insecure.service: firefly-iii
      traefik.http.routers.firefly-iii-local-insecure.middlewares: firefly-iii-web-redirect
      # Local domain secure
      traefik.http.routers.firefly-iii-local.rule: Host(`firefly-iii.${LOCAL_DOMAIN}`)
      traefik.http.routers.firefly-iii-local.entrypoints: websecure
      traefik.http.routers.firefly-iii-local.service: firefly-iii
      traefik.http.routers.firefly-iii-local.tls: true

  firefly-iii-db:
    container_name: firefly-iii-db
    image: mariadb
    hostname: fireflyiii-db
    restart: unless-stopped
    environment:
      - MYSQL_RANDOM_ROOT_PASSWORD=yes
      - MYSQL_USER=firefly
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
      - MYSQL_DATABASE=firefly
    volumes:
      - ${APP_DATA_DIR}/data/db:/var/lib/mysql
    networks:
      - tipi_main_network

  firefly-iii-cron:
    container_name: firefly-iii-cron
    image: alpine
    command: sh -c "echo \"0 3 * * * wget -qO- http://${APP_DOMAIN}/api/v1/cron/${STATIC_CRON_TOKEN}\" | crontab - && crond -f -L /dev/stdout"
    networks:
      - tipi_main_network