services: ########################SERVICES########################

#-------------------------------------CADDY--------------------------------------------
  caddy:
    image: caddy:2
    restart: unless-stopped
    container_name: caddy
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - ./caddy/config/:/etc/caddy/
      - caddy_data:/data
      - caddy_config:/config
    networks:
      - gateway
    # tty: true
#-----------------------------------OAUTH2PROXY--------------------------------------
  oauth2proxy:
    image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
    container_name: oauth2proxy
    restart: unless-stopped
    ports:
      - "4180:4180"
    networks:
      - gateway
    volumes:
      - "./oauth2-proxy/oauth2-proxy.cfg:/etc/oauth2-proxy.cfg"
      - "./oauth2-proxy/allowed_emails.txt:/etc/allowed_emails.txt"
    command: --config /etc/oauth2-proxy.cfg
    # command: --config /etc/oauth2-proxy.cfg --authenticated-emails-file /etc/allowed_emails.txt
    # command: --config /etc/oauth2-proxy.cfg --whitelist-domain .diukman.com
    # tty: true

#########################VOLUMES########################

volumes:
  caddy_data:
  caddy_config:

########################NETWORKS########################
networks:
  gateway:
    external: false


# reload after config change: 
# docker exec -w /etc/caddy caddy sh -c 'caddy fmt --overwrite && caddy reload'

# The required section for 'watch' inside the service definition!
# develop:
#   watch:
#     - action: restart
#       path: ./caddy/config/Caddyfile  # Host path to watch
#       target: /etc/caddy/Caddyfile