services:
  nginx:
    container_name: nginx
    image: nginx:latest
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./data/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./data/conf.d:/etc/nginx/conf.d:ro
      - ./data/logs:/var/log/nginx
      - ./data/public:/usr/share/nginx/html:rw
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
    restart: always
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
    networks: 
      - nginx

  certbot:
    container_name: certbot
    image: certbot/dns-cloudflare:latest
    restart: unless-stopped
    volumes:
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
      - /var/run/docker.sock:/var/run/docker.sock # Allows container to talk to Docker
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
    networks: 
      - nginx

  goaccess:
    container_name: goaccess
    image: allinurl/goaccess
    user: "0:0"
    ports:
      - 0.0.0.0:7890:7890
    volumes:
      - ./goaccess/goaccess.conf:/srv/config/goaccess.conf
      - ./data/logs:/srv/logs:rw
      - ./data/public:/srv/report:rw
      - ./certbot/conf:/etc/letsencrypt  
    command: ["--no-global-config", 
              "--config-file=/srv/config/goaccess.conf", 
              "--ssl-cert=/etc/letsencrypt/live/novicelab.io/fullchain.pem",
              "--ssl-key=/etc/letsencrypt/live/novicelab.io/privkey.pem"] 
    environment:
      - TZ=Africa/Nairobi
    restart: unless-stopped 
    networks: 
      - nginx 

networks:
  nginx:
    driver: bridge
    external: true