version: "3.9"
services:
  gitea:
    image: gitea/gitea:latest
    container_name: gitea
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__server__ROOT_URL=https://code.lazyworkhorse.net
      - GITEA__actions__ENABLED=true
      - GITEA__actions__DEFAULT_ACTIONS_URL=off
      - SSH_PORT=2222
      - SSH_LISTEN_PORT=2222
      # Enable Gitea Actions (act_runner required on host)
      - GITEA__actions__ENABLED=true
      # Don't fetch actions from GitHub (offline mode + local only)
      - GITEA__actions__DEFAULT_ACTIONS_URL=off
    volumes:
      - /mnt/HoardingCow_docker_data/Gitea:/data
    networks:
      - vc_net
    restart: always
    ports:
      - "2222:2222"
    labels:
      - "traefik.enable=true"

      # HTTP -> HTTPS Redirect
      - "traefik.http.routers.gitea-http.rule=Host(`code.lazyworkhorse.net`)"
      - "traefik.http.routers.gitea-http.entrypoints=web"
      - "traefik.http.routers.gitea-http.middlewares=redirect-to-https"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

      # HTTPS Router
      - "traefik.http.routers.gitea-https.rule=Host(`code.lazyworkhorse.net`)"
      - "traefik.http.routers.gitea-https.entrypoints=websecure"
      - "traefik.http.routers.gitea-https.tls=true"
      - "traefik.http.routers.gitea-https.tls.certresolver=njalla"
      - "traefik.http.routers.gitea-https.middlewares=gitea-home-redirect"

      # The Redirect Logic - Using single quotes to allow backslashes
      - 'traefik.http.middlewares.gitea-home-redirect.redirectregex.regex=^https://code\.lazyworkhorse\.net/?$$'
      - 'traefik.http.middlewares.gitea-home-redirect.redirectregex.replacement=https://code.lazyworkhorse.net/gortium'
      - "traefik.http.middlewares.gitea-home-redirect.redirectregex.permanent=true"

      # Internal Routing
      - "traefik.http.services.gitea.loadbalancer.server.port=3000"

  act_runner:
    image: gitea/act_runner:latest
    container_name: act_runner
    environment:
      - GITEA_INSTANCE_URL=https://code.lazyworkhorse.net
      - GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_TOKEN}
      - GITEA_RUNNER_NAME=ai-host-runner
      - GITEA_RUNNER_LABELS=ubuntu-latest:docker://catthehacker/ubuntu:full-22.04,nixos-builder:docker://nixos/nix
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - vc_net
    restart: always
    depends_on:
      - gitea

networks:
  vc_net:
    external: true