services:
  db:
    image: postgres:17
    container_name: gitea-db
    hostname: gitea-db
    security_opt:
      - no-new-privileges:true
    healthcheck:
      test: ["CMD", "pg_isready", "-q", "-d", "gitea", "-U", "giteauser"]
      timeout: 45s
      interval: 10s
      retries: 10
    volumes:
      - db:/var/lib/postgresql/data:rw
    environment:
      - POSTGRES_DB=gitea
      - POSTGRES_USER=giteauser
      - POSTGRES_PASSWORD=giteapass
    restart: on-failure:5

  web:
    image: gitea/gitea:latest
    container_name: gitea
    hostname: gitea
    security_opt:
      - no-new-privileges:true
    healthcheck:
      test: wget --no-verbose --tries=1 --spider http://localhost:3000/ || exit 1
    ports:
      - 3052:3000
      - 2222:22
    volumes:
      - data:/data:rw
      - repositories:/data/git/repositories:rw
      - /etc/TZ:/etc/TZ:ro
      - /etc/localtime:/etc/localtime:ro
    environment:
      - USER_UID=1026
      - USER_GID=100
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=gitea-db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=giteauser
      - GITEA__database__PASSWD=giteapass
      - ROOT_URL=https://gitea.scheidel.biz
    restart: on-failure:5

volumes:
  db:
  data:
  repositories: