version: "2.4"

services:

  app:

    image: gitlab/gitlab-ce:15.11.13-ce.0
    restart: always
    ports:
      - "444:22"
    volumes:
      - /srv/gitlab/conf:/etc/gitlab
      - /srv/gitlab/log:/var/log/gitlab
      - /srv/gitlab/data:/var/opt/gitlab
    labels:
      - traefik.enable=true
      - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
      - traefik.http.routers.{{ servicename }}.entrypoints=websecure
      - traefik.http.routers.{{ servicename }}.service={{ servicename }}
      - traefik.http.services.{{ servicename }}.loadbalancer.server.port=80
      - traefik.http.routers.{{ servicename }}.middlewares={{ servicename }}-cors-headers
      - traefik.http.middlewares.{{ servicename }}-cors-headers.headers.accesscontrolalloworiginlist=*
      - traefik.http.routers.{{ servicename }}_registry.rule=Host(`{{ domain_registry }}`)
      - traefik.http.routers.{{ servicename }}_registry.entrypoints=websecure
      - traefik.http.routers.{{ servicename }}_registry.service={{ servicename }}_registry
      - traefik.http.services.{{ servicename }}_registry.loadbalancer.server.port=5005
    networks:
      - default
      - web


  # Docker in Docker for Gitlab-Runner execution
  # see https://forum.gitlab.com/t/example-gitlab-runner-docker-compose-configuration/67344

  dind:

    image: docker:24-dind
    restart: always
    privileged: true
    environment:
      DOCKER_TLS_CERTDIR: ""
    command:
      - --storage-driver=overlay2
    networks:
      - default


  runner:

    restart: always
    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
    depends_on:
      - dind
      - app
    environment:
      - DOCKER_HOST=tcp://dind:2375
    volumes:
      - "/srv/gitlab/runner:/etc/gitlab-runner:z"
    networks:
      - default

  
  # Runner Registration 
  # Excecute once when Gitlab is running 

  # register-runner:

  #   restart: 'no'
  #   image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
  #   depends_on:
  #     - dind
  #     - app
  #   environment:
  #     - CI_SERVER_URL=https://{{ domain }}
  #     - REGISTRATION_TOKEN={{ runner_registration_token }}
  #   command:
  #     - register
  #     - --non-interactive
  #     - --locked=false
  #     - --name=warpzone-webserver
  #     - --executor=docker
  #     - --docker-image=docker:20-dind
  #     - --docker-volumes=/var/run/docker.sock:/var/run/docker.sock
  #   volumes:
  #     - "/srv/gitlab/runner:/etc/gitlab-runner:z"
  #   networks:
  #     - default


networks:
  web:
    external: true
  default:
    driver: bridge
    enable_ipv6: true
    ipam:
      driver: default
      config:
        # must be a ULA range
        - subnet: fd00:dead:beef:444::/64