# NETWORK
networks:
  backend:
    # Network for connection between the windmill services & the db
    name: backend
    driver: bridge
    internal: true
  frontend:
    # Network for the windmill-server to be reached from the outside
    name: frontend
    driver: bridge


# SERVICES
services:

  # TAILSCALE VPN
  tailscale:
    container_name: Tailscale
    image: tailscale/tailscale:latest
    restart: always
    volumes:
        - ./tun:/dev/net/tun
        - ./lib:/var/lib
    environment:
        - TS_STATE_DIR=/var/lib/tailscale
        - TS_ROUTES=192.168.2.0/24
        - TS_HOSTNAME=Smallmountains
        - PUID=1002
        - PGID=100
    network_mode: host
    privileged: true

  # POSTGRES FOR WINDMILL
  postgres:
    container_name: Postgres
    image: postgres:16
    restart: always
    shm_size: 1g
    networks:
        - backend
    volumes:
        - ./postgres:/var/lib/postgresql/data
    expose:
        - 5432
    environment:
        - PUID=1002
        - PGID=100
        - POSTGRES_PASSWORD=changeme
        - POSTGRES_DB=windmill

    healthcheck:
        test: ["CMD-SHELL", "pg_isready -U postgres"]
        interval: 10s
        timeout: 5s
        retries: 5

  # WINDMILL SERVER
  windmill_server:
    container_name: Windmill_Server
    image: ghcr.io/windmill-labs/windmill:main
    restart: always
    pull_policy: always
    networks:
        - backend
        - frontend
    expose:
        - 8000
        - 2525
    environment:
        - PUID=1002
        - PGID=100
        - DATABASE_URL=postgres://postgres:changeme@postgres/windmill?sslmode=disable
        - MODE=server
    depends_on:
        postgres:
            condition: service_healthy
    volumes:
        - ./windmill_worker_logs:/tmp/windmill/logs

  # WINDMILL WORKER
  windmill_worker:
    container_name: Windmill_Worker
    image: ghcr.io/windmill-labs/windmill:main
    restart: always
    pull_policy: always
    networks:
        - backend
    deploy:
      replicas: 1
      resources:
        limits:
            cpus: "1"
            memory: 2048M   # for GB, use syntax '2Gi'
    environment:
        - PUID=1002
        - PGID=100
        - DATABASE_URL=postgres://postgres:changeme@postgres:5432/windmill?sslmode=disable
        - MODE=worker
        - WORKER_GROUP=default
    depends_on:
      postgres:
        condition: service_healthy
    volumes:
        # mount the docker socket to allow to run docker containers from within the workers
        - /var/run/docker.sock:/var/run/docker.sock
        - ./windmill_worker_dependency_cache:/tmp/windmill/cache
        - ./windmill_worker_logs:/tmp/windmill/logs

  # WINDMILL so-called NATIVE WORKER
  windmill_worker_native:
    container_name: Windmill_Native_Worker
    image: ghcr.io/windmill-labs/windmill:main
    restart: always
    pull_policy: always
    networks:
        - backend
    deploy:
      replicas: 1
      resources:
        limits:
          cpus: "1"
          memory: 2048M
          # for GB, use syntax '2Gi'
    environment:
        - PUID=1002
        - PGID=100
        - DATABASE_URL=postgres://postgres:changeme@postgres:5432/windmill?sslmode=disable
        - MODE=worker
        - WORKER_GROUP=native
        - NUM_WORKERS=8
        - SLEEP_QUEUE=200
    depends_on:
      postgres:
        condition: service_healthy
    volumes:
      - ./windmill_worker_logs:/tmp/windmill/logs

# WINDMILL IDE INTELLISENSE SUPPORT
  Windmill_lsp:
    container_name: Windmill_LSP
    image: ghcr.io/windmill-labs/windmill-lsp:latest
    restart: always
    pull_policy: always
    networks:
        - backend
    environment:
        - PUID=1002
        - PGID=100
    expose:
      - 3001
    volumes:
      - ./windmill_lsp_cache:/pyls/.cache