version: '3.7'

services:
        tor:
                container_name: tor
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
                    - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
                ports:
                  - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT"
                networks:
                    default:
                        ipv4_address: $TOR_PROXY_IP
        app_tor:
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
                    - ${PWD}/tor/torrc-apps:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
                networks:
                    default:
                        ipv4_address: $APPS_TOR_IP
        app_2_tor:
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
                    - ${PWD}/tor/torrc-apps-2:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
                networks:
                    default:
                        ipv4_address: $APPS_2_TOR_IP
        app_3_tor:
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
                    - ${PWD}/tor/torrc-apps-3:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
                networks:
                    default:
                        ipv4_address: $APPS_3_TOR_IP
        nginx:
                container_name: nginx
                image: nginx:1.17.8@sha256:380eb808e2a3b0dd954f92c1cae2f845e6558a15037efefcabc5b4e03d666d03
                depends_on: [ dashboard, manager ]
                volumes:
                        - ${PWD}/nginx:/etc/nginx
                restart: on-failure
                stop_grace_period: 30s
                ports:
                    - "${NGINX_PORT}:80"
                networks:
                    default:
                        ipv4_address: $NGINX_IP
        bitcoin:
                container_name: bitcoin
                image: lncm/bitcoind:v22.0@sha256:37a1adb29b3abc9f972f0d981f45e41e5fca2e22816a023faa9fdc0084aa4507
                depends_on: [ tor, manager, nginx ]
                volumes:
                        - ${PWD}/bitcoin:/data/.bitcoin
                restart: on-failure
                stop_grace_period: 15m30s
                ports:
                    - "$BITCOIN_P2P_PORT:$BITCOIN_P2P_PORT"
                networks:
                    default:
                        ipv4_address: $BITCOIN_IP
        lnd:
                container_name: lnd
                image: lightninglabs/lnd:v0.14.1-beta@sha256:810f290f4da51adaf57d53bc1f1e65b52b03c543f322da0b98fb8c47be94a27a
                user: 1000:1000
                depends_on: [ tor, manager ]
                volumes:
                        - ${PWD}/lnd:/data/.lnd
                environment:
                  HOME: /data
                restart: on-failure
                stop_grace_period: 5m30s
                ports:
                    - "9735:9735"
                    - "$LND_REST_PORT:$LND_REST_PORT"
                    - "$LND_GRPC_PORT:$LND_GRPC_PORT"
                networks:
                    default:
                        ipv4_address: $LND_IP
        dashboard:
                container_name: dashboard
                image: getumbrel/dashboard:v0.3.30@sha256:b784e7796e60ba23770b552f99950db4640008fe4f5eebf2731bea8198e66665
                restart: on-failure
                stop_grace_period: 1m30s
                networks:
                    default:
                        ipv4_address: $DASHBOARD_IP
        manager:
                container_name: manager
                image: getumbrel/manager:v0.2.17@sha256:52e306203dc86bcad61c96e33a43e7d6e445d98c3e7f0f06d3c5a88ec7f5126b
                depends_on: [ tor ]
                restart: on-failure
                stop_grace_period: 5m30s
                volumes:
                        - ${PWD}:${PWD}
                        - ${PWD}/info.json:/info.json
                        - ${PWD}/db:/db
                        - ${PWD}/events/signals:/signals
                        - ${PWD}/apps:/apps
                        - ${PWD}/lnd:/lnd:ro
                        - ${PWD}/statuses:/statuses
                        - ${PWD}/tor/data:/var/lib/tor/
                        - /var/run/docker.sock:/var/run/docker.sock
                        - ${DOCKER_BINARY:-/usr/bin/docker}:/usr/bin/docker
                        - jwt-public-key:/jwt-public-key
                        - jwt-private-key:/jwt-private-key
                environment:
                    PORT: "3006"
                    USER_PASSWORD_FILE: "/db/user.json"
                    JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem"
                    JWT_PRIVATE_KEY_FILE: "/jwt-private-key/jwt.key"
                    JWT_EXPIRATION: "3600"
                    DOCKER_COMPOSE_DIRECTORY: $PWD
                    DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://umbrel.local"}
                    DEVICE_HOSTNAME: ${DEVICE_HOSTNAME:-""}
                    MIDDLEWARE_API_URL: "http://$MIDDLEWARE_IP"
                    UMBREL_SEED_FILE: "/db/umbrel-seed/seed"
                    UMBREL_DASHBOARD_HIDDEN_SERVICE_FILE: "/var/lib/tor/web/hostname"
                    BITCOIN_P2P_HIDDEN_SERVICE_FILE: "/var/lib/tor/bitcoin-p2p/hostname"
                    BITCOIN_P2P_PORT: $BITCOIN_P2P_PORT
                    BITCOIN_RPC_HIDDEN_SERVICE_FILE: "/var/lib/tor/bitcoin-rpc/hostname"
                    BITCOIN_RPC_PORT: $BITCOIN_RPC_PORT
                    BITCOIN_RPC_USER: $BITCOIN_RPC_USER
                    BITCOIN_RPC_PASSWORD: $BITCOIN_RPC_PASS
                    LND_REST_HIDDEN_SERVICE_FILE: "/var/lib/tor/lnd-rest/hostname"
                    LND_GRPC_HIDDEN_SERVICE_FILE: "/var/lib/tor/lnd-grpc/hostname"
                    LND_CERT_FILE: "/lnd/tls.cert"
                    LND_ADMIN_MACAROON_FILE: "/lnd/data/chain/bitcoin/${BITCOIN_NETWORK}/admin.macaroon"
                    SHUTDOWN_SIGNAL_FILE: "/signals/shutdown"
                    REBOOT_SIGNAL_FILE: "/signals/reboot"
                    GITHUB_REPO: "getumbrel/umbrel"
                    UMBREL_VERSION_FILE: "/info.json"
                    UPDATE_STATUS_FILE: "/statuses/update-status.json"
                    UPDATE_SIGNAL_FILE: "/signals/update"
                    UPDATE_LOCK_FILE: "/statuses/update-in-progress"
                    BACKUP_STATUS_FILE: "/statuses/backup-status.json"
                    DEBUG_STATUS_FILE: "/statuses/debug-status.json"
                    TOR_PROXY_IP: "${TOR_PROXY_IP}"
                    TOR_PROXY_PORT: "${TOR_PROXY_PORT}"
                    TOR_HIDDEN_SERVICE_DIR: "/var/lib/tor"
                    IS_UMBREL_OS: ${IS_UMBREL_OS:-"false"}
                networks:
                    default:
                        ipv4_address: $MANAGER_IP
        middleware:
                container_name: middleware
                image: getumbrel/middleware:v0.1.12@sha256:2d689fbf9248d638a772f77c85e3fbf92c6bf69134533cbe4b450d80b2319c92
                depends_on: [ manager, bitcoin, lnd ]
                command: ["./wait-for-node-manager.sh", $MANAGER_IP, "npm", "start"]
                restart: on-failure
                volumes:
                        - ${PWD}/lnd:/lnd
                        - jwt-public-key:/jwt-public-key
                environment:
                    PORT: "3005"
                    BITCOIN_HOST: $BITCOIN_IP
                    RPC_PORT: $BITCOIN_RPC_PORT
                    RPC_USER: $BITCOIN_RPC_USER
                    RPC_PASSWORD: $BITCOIN_RPC_PASS
                    LND_NETWORK: $BITCOIN_NETWORK
                    LND_HOST: "${LND_IP}"
                    JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem"
                    DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://umbrel.local"}
                networks:
                    default:
                        ipv4_address: $MIDDLEWARE_IP
        neutrino-switcher:
                container_name: neutrino-switcher
                image: getumbrel/neutrino-switcher:v1.3.0@sha256:399ccea7f39129ff16c9c408f9e68a01dd4671f428273f3c3f401a8a0d2f7ddc
                depends_on: [ bitcoin, lnd ]
                restart: on-failure
                volumes:
                    - ${PWD}/lnd:/lnd
                    - ${PWD}/statuses:/statuses
                    - /var/run/docker.sock:/var/run/docker.sock
                environment:
                    JSONRPCURL: "http://${BITCOIN_IP}:${BITCOIN_RPC_PORT}"
                    RPCUSER: $BITCOIN_RPC_USER
                    RPCPASS: $BITCOIN_RPC_PASS
                    LND_CONTAINER_NAME: lnd
                    SLEEPTIME: 3600
                networks:
                    default:
                        ipv4_address: $NEUTRINO_SWITCHER_IP
        electrs:
              container_name: electrs
              image: getumbrel/electrs:v0.9.1@sha256:cf196695423fd5139ccde08e6bb1d7b6b1c9093333c879037801af3a18229c32
              volumes:
                - ${PWD}/bitcoin:/data/.bitcoin:ro
                - ${PWD}/electrs:/data
              restart: on-failure
              stop_grace_period: 5m
              ports:
                  - "$ELECTRUM_PORT:$ELECTRUM_PORT"
              networks:
                  default:
                      ipv4_address: $ELECTRUM_IP
networks:
    default:
      name: umbrel_main_network
      ipam:
          driver: default
          config:
              - subnet: "$NETWORK_IP/24"

volumes:
    jwt-public-key:
    jwt-private-key: