version: "3.9"
services:
  coder:
    # This MUST be stable for our documentation and
    # other automations.
    image: ghcr.io/coder/coder:${CODER_VERSION:-latest}
    ports:
      - "7080:7080"
    environment:
      CODER_PG_CONNECTION_URL: "postgresql://${POSTGRES_USER:-username}:${POSTGRES_PASSWORD:-password}@database/${POSTGRES_DB:-coder}?sslmode=disable"
      CODER_HTTP_ADDRESS: "0.0.0.0:7080"
      CODER_DERP_CONFIG_URL: "https://controlplane.tailscale.com/derpmap/default"
      CODER_DERP_SERVER_ENABLE: "false" 
      # You'll need to set CODER_ACCESS_URL to an IP or domain
      # that workspaces can reach. This cannot be localhost
      # or 127.0.0.1 for non-Docker templates!
      CODER_ACCESS_URL: "http://coder.intrashare.org"

    command: --derp-force-websockets
    # If the coder user does not have write permissions on
    # the docker socket, you can uncomment the following
    # lines and set the group ID to one that has write
    # permissions on the docker socket.
    group_add:
      - "1001" # docker group on host
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      # Run "docker volume rm coder_coder_home" to reset the dev tunnel url (https://abc.xyz.try.coder.app).
      # This volume is not required in a production environment - you may safely remove it.
      # Coder can recreate all the files it needs on restart.
      - coder_home:/home/coder
    depends_on:
      database:
        condition: service_healthy
    networks:
      - coder_network # Connect coder to the new network

  database:
    # Minimum supported version is 13.
    # More versions here: https://hub.docker.com/_/postgres
    image: "postgres:17"
    # Uncomment the next two lines to allow connections to the database from outside the server.
    #ports:
    #  - "5432:5432"
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-username} # The PostgreSQL user (useful to connect to the database)
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password} # The PostgreSQL password (useful to connect to the database)
      POSTGRES_DB: ${POSTGRES_DB:-coder} # The PostgreSQL default database (automatically created at first launch)
    volumes:
      - coder_data:/var/lib/postgresql/data # Use "docker volume rm coder_coder_data" to reset Coder
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "pg_isready -U ${POSTGRES_USER:-username} -d ${POSTGRES_DB:-coder}",
        ]
      interval: 5s
      timeout: 5s
      retries: 5
    networks:
      - coder_network # Connect database to the new network, if it needs to communicate with coder via the network

  cloudflared:
    image: cloudflare/cloudflared:latest
    restart: unless-stopped
    command: tunnel run --token {no}
    networks:
      - coder_network # Connect cloudflared to the same network as coder
    depends_on:
      coder:
        condition: service_started # Ensure coder is up before cloudflared tries to connect

volumes:
  coder_data:
  coder_home:

networks:
  coder_network:
    # This creates a bridge network that only these services will use
    driver: bridge