### Tools (./apps/tools/docker-compose.yml)
# - [ ] Create services for Nextcloud, LimeSurvey, and LinkStack
# - [ ] Configure volumes for persistent storage of files, survey data, and link management data
# - [ ] Set up environment variables using the new structure (../../env/${ENVIRONMENT}/tools.env)
# - [ ] Configure networking to expose these services to the internet via the proxy
# - [ ] Set up regular backup jobs for critical data in these services

services:
  nextcloud-db:
    image: mariadb:10.6
    container_name: ${INFRASTRUCTURE_LABEL}-nextcloud-db-${ENVIRONMENT}
    profiles: ["all", "tools", "nextcloud"]
    command: --transaction-isolation=READ-COMMITTED --innodb_read_only_compressed=OFF
    restart: unless-stopped
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - ../../volumes/tools/${INFRASTRUCTURE_LABEL}_cloud/database:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=headpiece-constant1-denim-mindboost #SQL root Passwort eingeben
      - MYSQL_PASSWORD=idealist9-frayed-murkiness-mindboost #SQL Benutzer Passwort eingeben
      - MYSQL_DATABASE=nextcloud-mindboost #Datenbank Name
      - MYSQL_USER=mindboostcloud #SQL Nutzername
      - MYSQL_INITDB_SKIP_TZINFO=1
      - MARIADB_AUTO_UPGRADE=1
  nextcloud-redis:
    image: redis:alpine
    container_name: ${INFRASTRUCTURE_LABEL}-nextcloud-redis-${ENVIRONMENT} 
    profiles: ["all", "tools", "nextcloud"]
    hostname: nextcloud-redis
    restart: unless-stopped
    command: redis-server --requirepass redis-mindboost-passwort # Redis Passwort eingeben
  cloud:
    image: nextcloud
    container_name: ${INFRASTRUCTURE_LABEL}-nextcloud-app-${ENVIRONMENT} 
    profiles: ["all", "tools", "nextcloud"]
    restart: unless-stopped
    depends_on:
      - nextcloud-db
      - nextcloud-redis
    environment:
        TRUSTED_PROXIES: 172.16.255.254/16
        OVERWRITEPROTOCOL: https
        OVERWRITECLIURL: https://${CLOUD_DOMAIN}
        OVERWRITEHOST: ${CLOUD_DOMAIN}
        REDIS_HOST: nextcloud-redis
        REDIS_HOST_PASSWORD: redis-mindboost-passwort # Redis Passwort von oben wieder eingeben
    volumes:
      - ./app:/var/www/html
      - ../../volumes/tools/${INFRASTRUCTURE_LABEL}_cloudapp/:/var/www/html/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.entrypoints=websecure"
      - "traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.rule=Host(`${CLOUD_DOMAIN}`)"
      - "traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.tls=true"
      - "traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.tls.certresolver=http_resolver"
      - 'traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.service=cloud'
      - "traefik.http.services.cloud.loadbalancer.server.port=80"
      - "traefik.docker.network=${TRAEFIK_NETWORK}"
      - "traefik.http.routers.${INFRASTRUCTURE_LABEL}_cloud.middlewares=nextcloud-dav,default@file"
      - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
      - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
    networks:
      - ${TRAEFIK_NETWORK}
networks:
  nextcloud:
    name: ${INFRASTRUCTURE_LABEL}_nextcloud