---
container_user: containers
container_uid: 1001
container_group: "{{ container_user }}"
container_gid: "{{ container_uid }}"

backups: containers

global_env_vars:
  - PUID={{ container_uid }}
  - PGID={{ container_gid }}
  - TZ=America/Los_Angeles

firewall_ports:
  - 80/tcp
  - 443/tcp

container_networks:
  - name: warchildstory
    driver: bridge
    subnet: 172.28.5.0/24
    ip_range: 172.28.5.0/24
    gateway: 172.28.5.1

containers:
  - name: swag
    active: true
    image: linuxserver/swag
    cap_add:
      - NET_ADMIN # required for fail2ban to modify iptables
    ports:
      - 80:80
      - 443:443
    volumes:
      - /opt/swag:/config
    restart: unless-stopped
    include_global_env_vars: true
    environment:
      - URL=warchildstory.com
      - VALIDATION=http
      - SUBDOMAINS=www,grocy,list,ntfy,
      - EMAIL=certbot@blainestory.com
    mem_limit: 250m
    networks:
      - warchildstory

  - name: grocy
    active: true
    image: linuxserver/grocy
    include_global_env_vars: true
    volumes:
      - /opt/grocy:/config
    restart: unless-stopped
    networks:
      - warchildstory
    mem_limit: 500m

  - name: list
    active: true
    image: linuxserver/nginx
    include_global_env_vars: true
    volumes:
      - /opt/list:/config
    restart: unless-stopped
    networks:
      - warchildstory
    mem_limit: 250m

  - name: urlwatch
    active: true
    image: vimagick/urlwatch
    volumes:
      - /opt/urlwatch:/root/.urlwatch
    restart: unless-stopped
    mem_limit: 250m

  - name: ntfy
    active: true
    image: binwiederhier/ntfy
    command:
      - serve
    environment:
      - NTFY_BASE_URL=https://ntfy.warchildstory.com
      - NTFY_UPSTREAM_BASE_URL=https://ntfy.sh
      - NTFY_BEHIND_PROXY=true
      - NTFY_WEB_ROOT=home
    networks:
      - warchildstory
    mem_limit: 100m