services:
  watchtower: # Watchtower (automatically updates base images)
    container_name: watchtower
    image: containrrr/watchtower:latest
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - service_network

  portainer: # Portainer (visualizes docker stack)
    container_name: portainer
    image: portainer/portainer-ce:latest
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./data/portainer:/data
    networks:
      - service_network
    expose:
      - 9000

  node-exporter: # Node Exporter (collects metrics from the host)
    container_name: node-exporter
    image: quay.io/prometheus/node-exporter:latest
    restart: always
    command: 
      - --path.rootfs=/host
    pid: host
    volumes:
      - /:/host:ro,rslave
    networks:
      - info_network
    expose:
      - 9100

  cadvisor: # cAdvisor (collects metrics from docker)
    container_name: cadvisor
    image: gcr.io/cadvisor/cadvisor:latest
    restart: always
    command:
      - --housekeeping_interval=30s 
      - --disable_metrics=disk,diskIO,network,tcp,udp,percpu,sched,process # lower CPU usage
      - --docker_only=true
    devices:
      - /dev/kmsg
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:ro
      - /sys:/sys:ro
      - /var/lib/docker:/var/lib/docker:ro
      - /dev/disk:/dev/disk:ro
    networks:
      - info_network
    expose:
      - 8080
   
  prometheus: # Prometheus (collects logs & metrics)
    container_name: prometheus
    image: prom/prometheus:latest
    restart: unless-stopped
    command: 
      - --config.file=/config/prometheus.yml
    user: 1001:0
    volumes:
      - ./data/prometheus/config:/config
      - ./data/prometheus/data:/prometheus
    networks:
      - service_network
      - info_network
    expose:
      - 9090

  grafana: # Grafana (visualizes Prometheus logs & metrics)
    container_name: grafana
    image: grafana/grafana-oss:latest
    restart: unless-stopped
    user: 1001:0
    volumes:
      - ./data/grafana:/var/lib/grafana
    networks:
      - service_network
    expose:
      - 3000

  npm: # Nginx Proxy Manager (handles proxies)
    container_name: npm
    image: jc21/nginx-proxy-manager:latest
    restart: always
    env_file: ./env/npm.env
    volumes:
      - ./data/npm:/data
      - ./data/letsencrypt:/etc/letsencrypt
    networks:
      - service_network
      - hidden_network
    ports:
      - 80:80
      - 81:81
      - 443:443

  nextcloud: # Nextcloud (hosts file server)
    container_name: nextcloud
    image: nextcloud:latest
    restart: unless-stopped
    user: 1001:0
    env_file: ./env/nextcloud.env
    volumes:
      - ./data/nextcloud:/var/www/html
      - $LARGE_STORAGE_DIR/nextcloud:/var/www/html/data
    networks:
      - service_network
      - nextcloud_network
    expose:
      - 80
    depends_on:
      - nextcloud-db
      - nextcloud-cache

  nextcloud-db:
    container_name: nextcloud-db
    image: mariadb:10.6
    restart: always
    command: 
      - --transaction-isolation=READ-COMMITTED 
      - --log-bin=binlog 
      - --binlog-format=ROW
    env_file: ./env/nextcloud-db.env
    volumes:
      - ./data/nextcloud-db:/var/lib/mysql
    networks:
      - nextcloud_network

  nextcloud-cache:
    container_name: nextcloud-cache
    image: redis:alpine
    restart: always
    networks:
      - nextcloud_network

  pterodactyl: # Pterodactyl (hosts game servers)
    container_name: pterodactyl
    image: ghcr.io/pterodactyl/panel:latest
    restart: unless-stopped
    env_file: ./env/pterodactyl.env
    volumes:
      - ./data/pterodactyl:/app/var
    networks:
      - service_network
      - pterodactyl_network
    expose:
      - 80
    depends_on:
      - pterodactyl-db
      - pterodactyl-cache

  pterodactyl-db:
    container_name: pterodactyl-db
    image: mariadb:10.5
    restart: always
    command: 
      - --default-authentication-plugin=mysql_native_password
    env_file: ./env/pterodactyl-db.env
    volumes:
      - ./data/pterodactyl-db:/var/lib/mysql
    networks:
      - pterodactyl_network

  pterodactyl-cache:
    container_name: pterodactyl-cache
    image: redis:alpine
    restart: always
    networks:
      - pterodactyl_network

  photoprism: # Photoprism (manages photo and video library)
    container_name: photoprism
    image: photoprism/photoprism:latest
    restart: unless-stopped
    env_file: ./env/photoprism.env
    deploy:
      resources:
        reservations:
          devices:
            - capabilities: [gpu]
    devices:
      - /dev/dri/card0:/dev/dri/card0
      - /dev/dri/renderD128:/dev/dri/renderD128
    working_dir: /photoprism
    volumes:
      - ./data/photoprism:/photoprism/storage
      - $LARGE_STORAGE_DIR/photoprism/import:/photoprism/import
      - $LARGE_STORAGE_DIR/photoprism/originals:/photoprism/originals
    networks:
      - service_network
      - photoprism_network
    expose:
      - 2342
    depends_on:
      - photoprism-db

  photoprism-db:
    container_name: photoprism-db
    image: mariadb:10.10
    restart: always
    command: 
      - --innodb-buffer-pool-size=512M 
      -  --transaction-isolation=READ-COMMITTED 
      - --character-set-server=utf8mb4 
      - --collation-server=utf8mb4_unicode_ci 
      - --max-connections=512 
      - --innodb-rollback-on-timeout=OFF 
      - --innodb-lock-wait-timeout=120
    env_file: ./env/photoprism-db.env
    volumes:
      - ./data/photoprism-db:/var/lib/mysql
    networks:
    - photoprism_network

  jellyfin: # Jellyfin (manages movies, shows, & books)
    container_name: jellyfin
    image: jellyfin/jellyfin:latest
    restart: unless-stopped
    user: 1001:0
    deploy:
      resources:
        reservations:
          devices:
            - capabilities: [gpu]
    devices:
      - /dev/dri/card0:/dev/dri/card0
      - /dev/dri/renderD128:/dev/dri/renderD128
    volumes:
      - ./data/jellyfin/config:/config
      - ./data/jellyfin/cache:/cache
      - $LARGE_STORAGE_DIR/media/movies:/movies
      - $LARGE_STORAGE_DIR/media/shows:/shows
      - $LARGE_STORAGE_DIR/media/books:/books
      - $LARGE_STORAGE_DIR/media/yt:/yt
    networks:
      service_network:
      exposed_service_network:
        ipv4_address: 192.168.1.104

  gitea: # Gitea (hosts git server)
    container_name: gitea
    image: gitea/gitea:latest
    restart: unless-stopped
    env_file: ./env/gitea.env
    volumes:
      - $LARGE_STORAGE_DIR/gitea:/data
    networks:
      - service_network
      - gitea_network
    expose:
      - 3000
    depends_on:
      - gitea-db

  gitea-db:
    container_name: gitea-db
    image: mysql:8
    restart: always
    env_file: ./env/gitea-db.env
    volumes:
      - ./data/gitea-db:/var/lib/mysql
    networks: 
      - gitea_network

  homer: # Homer (displays all self-hosted services)
    container_name: homer
    image: b4bz/homer:latest
    restart: unless-stopped
    user: 1001:0
    env_file: ./env/homer.env
    volumes:
      - ./data/homer:/www/assets
    networks:
      - service_network
    expose:
      - 8080

  uptime-kuma: # Uptime Kuma (displays uptime for all self-hosted services)
    container_name: uptime-kuma
    image: louislam/uptime-kuma:latest
    restart: unless-stopped
    tty: true
    volumes:
      - ./data/uptime-kuma:/app/data
    networks:
      - service_network
    expose:
      - 3001

networks:
  info_network:
    name: info_network
  nextcloud_network:
    name: nextcloud_network
  pterodactyl_network:
    name: pterodactyl_network
  photoprism_network:
    name: photoprism_network
  gitea_network:
    name: gitea_network
  hidden_network:
    name: hidden_network
    external: true
  service_network:
    name: service_network
    ipam:
      config:
        - subnet: 172.1.0.0/24
          gateway: 172.1.0.1
  exposed_service_network:
    name: exposed_service_network
    driver: macvlan
    driver_opts:
      parent: enp5s0
    ipam:
      config:
        - subnet: 192.168.1.0/24
          gateway: 192.168.1.1