# vim: ft=yaml.ansible
---
- name: run membersystem containers
  docker_compose:
    project_name: "member.data.coop"
    pull: yes
    definition:
      version: "3"
      services:
        backend:
          image: "docker.data.coop/membersystem:{{ services.membersystem.version }}"
          restart: always
          user: $UID:$GID
          tty: true
          depends_on:
            - postgres
          networks:
            - membersystem
            - external_services
            - postfix
          environment:
            SECRET_KEY: "{{ membersystem_secrets.secret_key }}"
            DATABASE_URL: postgres://postgres:{{ postgres_passwords.membersystem }}@postgres:5432/postgres
            POSTGRES_HOST: postgres
            POSTGRES_PORT: 5432
            EMAIL_BACKEND: "django.core.mail.backends.smtp.EmailBackend"
            EMAIL_URL: "smtp://noop@{{ smtp_host }}:{{ smtp_port }}"
            VIRTUAL_HOST: "{{ services.membersystem.domain }}"
            VIRTUAL_PORT: "8000"
            LETSENCRYPT_HOST: "{{ services.membersystem.domain }}"
            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
            ALLOWED_HOSTS: "{{ services.membersystem.domain }}"
            CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
            DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
            DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
          labels:
            com.centurylinklabs.watchtower.enable: "true"

        postgres:
          image: "postgres:{{ services.membersystem.postgres_version }}"
          restart: always
          volumes:
            - "{{ volume_root_folder }}/membersystem/postgres/data:/var/lib/postgresql/data"
          networks:
            - membersystem
          environment:
            POSTGRES_PASSWORD: "{{ postgres_passwords.membersystem }}"

      networks:
        membersystem:
        external_services:
          external: true
        postfix:
          external: true