---
version: '3.9'

services:
  searxng:
    image: searxng/searxng:latest  # >.<
    container_name: searxng
    restart: always
    networks:
      - gateway
      - default
      - backend
    volumes:
      - ./settings.yml:/etc/searxng/settings.yml:ro,z
      - ./uwsgi.ini:/etc/searxng/uwsgi.ini:ro,z
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.searxng.rule=Host(`search.tobiasmanske.de`)"
      - "traefik.http.routers.searxng.entryPoints=websecure"
      - "traefik.http.services.searxng.loadbalancer.server.port=8080"
      - "traefik.http.middlewares.compression.compress=true"
      - "traefik.http.routers.searxng.middlewares=compression"
      - "com.centurylinklabs.watchtower.scope=update"

  redis:
    container_name: redis
    image: "redis:alpine"
    command: redis-server --save "" --appendonly "no"
    networks:
      - backend
    tmpfs:
      - /var/lib/redis
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
      - DAC_OVERRIDE

  # morty:
  #   container_name: morty
  #   image: dalf/morty
  #   restart: always
  #   command: -timeout 6 -ipv6
  #   environment:
  #     - MORTY_KEY={{ search.morty.key }}
  #     - MORTY_ADDRESS=0.0.0.0:3030
  #   labels:
  #     - "traefik.enable=true"
  #     - "traefik.http.routers.morty.rule=Host(`search.tobiasmanske.de`) && PathPrefix(`/morty`)"
  #     - "traefik.http.routers.morty.entrypoints=websecure"
  #     - "traefik.http.services.morty.loadbalancer.server.port=3030"
  #   networks:
  #     - gateway
  #     - backend

networks:
  gateway:
    external: true
  backend:
    internal: true

volumes:
  data: