#
# updated: 2025-02-25
# stack:   pterodactyl
#

x-defaults: &defaults
    environment:
      TZ: "UTC"
      PUID: 1000
      PGID: 1000
      # DOCKER_HOST: "unix:///var/run/docker.sock"
      DOCKER_HOST: "tcp://${VM_IP}:${VM_PORT_DOCKER}"
    logging:
      driver: local
    user: ${VM_USER}:${VM_GROUP}
    privileged: false
    read_only: false
    security_opt:
      - no-new-privileges=true
    ipc: "private"
    restart: unless-stopped
    stdin_open: false
    tty: false
    dns:
      - 1.1.1.1
      - 1.0.0.1
      - 8.8.8.8
      - 8.8.4.4
    healthcheck:
      interval: 60s
      timeout: 10s
      retries: 5
      start_period: 60s
    labels:
      traefik.docker.network: traefik
      com.centurylinklabs.watchtower.enable: true
    deploy:
      resources:
        limits:
          cpus: "1.0"
          memory: 64M
    tmpfs:
      - /tmp:rw,size=64M
    networks:
      - dockerproxy
    volumes:
      - /etc/localtime:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
      - /proc/cgroups:/cgroup:rw
      # - /var/run/docker.sock:/var/run/docker.sock:ro

networks:
  dockerproxy:
    external: true
  pterodactyl:
    name: pterodactyl
    driver: bridge
    enable_ipv6: false
    driver_opts:
      com.docker.network.driver.mtu: 1500
  default:
    ipam:
      config:
        - subnet: 171.172.0.0/16
  node:
    name: node
    driver: bridge
    enable_ipv6: false
    ipam:
      config:
        - subnet: "172.172.0.0/16"
    driver_opts:
      com.docker.network.bridge.name: node
      com.docker.network.driver.mtu: 1500

services:
  panel:
    <<: *defaults
    user: 0:0
    container_name: panel
    hostname: panel
    image: ghcr.io/pterodactyl/panel:latest
    restart: always
    ports:
      - "${VM_PORT_PANEL}:80"
    expose:
      - "80"
    networks:
      - pterodactyl
    healthcheck:
      test: uname -a || exit 1
    env_file:
      - ./env/pterodactyl.env
      - ./env/panel.env
    deploy:
      resources:
        limits:
          cpus: "${PROCESSORS}"
          memory: 1G
    tmpfs:
      - /tmp:rw,noexec,nosuid,size=512M
    volumes:
      - ./conf/panel/nginx/:/etc/nginx/http.d/:rw
      - ./datas/common/letsencrypt/:/etc/letsencrypt/:rw
      - ./datas/panel/appvar/:/app/var/:rw
      - ./datas/panel/logs/:/app/storage/logs:rw

  node:
    <<: *defaults
    user: 0:0
    container_name: node
    hostname: node
    image: ghcr.io/pterodactyl/wings:latest
    restart: always
    depends_on:
      panel:
        condition: service_healthy
    ports:
      - "${VM_PORT_WINGS_HTTP}:8080"
      - "${VM_PORT_WINGS_SFTP}:2022"
    expose:
      - "8080"
      - "2022"
    networks:
      - pterodactyl
      - node
    healthcheck:
      test: ["CMD", "/usr/bin/wings", "version"]
    env_file:
      - ./env/pterodactyl.env
      - ./env/node.env
    deploy:
      resources:
        limits:
          cpus: "${PROCESSORS}"
          memory: 8G
    volumes:
      - /etc/ssl/certs:/etc/ssl/certs:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /var/lib/docker/containers:/var/lib/docker/containers:rw
      - ./conf/node:/etc/pterodactyl:rw
      - ./datas/common/letsencrypt/:/etc/letsencrypt/:rw
      - ./datas/common:/var/lib/pterodactyl:rw
      - ./datas/node/logs:/var/log/pterodactyl:rw
      - ./datas/node/tmp:/tmp/pterodactyl/:rw