version: '3.5'

networks:
  simplesamlphp-network:
    name: simplesamlphp-network
    driver: bridge

services:
  some-simplesamlphp:
    container_name: some-simplesamlphp
    image: venatorfox/simplesamlphp:1.17.6
    environment:
      - CONFIG_BASEURLPATH=https://auth.example.com/simplesaml/
      - CONFIG_AUTHADMINPASSWORD={SSHA256}MjJSiMlkQLa+fqI+CmQ1x1oUJ7OGucYpznKxBBHpgfC+Oh+7B9vgGw==
      - CONFIG_SECRETSALT=exampleabcdefghijklmnopqrstuvwxy
      - CONFIG_TECHNICALCONTACT_NAME=Adam W Zheng
      - CONFIG_TECHNICALCONTACT_EMAIL=adam.w.zheng@icloud.com
      - CONFIG_SHOWERRORS=true
      - CONFIG_ERRORREPORTING=true
      - CONFIG_ADMINPROTECTINDEXPAGE=true
      - CONFIG_LOGGINGLEVEL=INFO
      - CONFIG_ENABLESAML20IDP=true
      - CONFIG_STORETYPE=memcache
      - CONFIG_MEMCACHESTOREPREFIX=simplesamlphp
      - CONFIG_MEMCACHESTORESERVERS=    'memcache_store.servers' => [\n        [\n             ['hostname' => 'some-memcacheda01'],\n             ['hostname' => 'some-memcacheda02'],\n        ],\n        [\n             ['hostname' => 'some-memcachedb01'],\n             ['hostname' => 'some-memcachedb02'],\n        ],
      - OPENLDAP_TLS_REQCERT=allow
      - MTA_NULLCLIENT=true
      - POSTFIX_MYHOSTNAME=auth.example.com
      - POSTFIX_MYORIGIN=$$mydomain
      - POSTFIX_INETINTERFACES=loopback-only
      - DOCKER_REDIRECTLOGS=true
    volumes:
      - /srv/docker/volumes/some-simplesamlphp/cache/:/var/simplesamlphp/cache/:Z
      - /srv/docker/volumes/some-simplesamlphp/config/:/var/simplesamlphp/config/:Z
      - /srv/docker/volumes/some-simplesamlphp/cert/:/var/simplesamlphp/cert/:Z
      - /srv/docker/volumes/some-simplesamlphp/locales/:/var/simplesamlphp/locales/:Z
      - /srv/docker/volumes/some-simplesamlphp/log/:/var/simplesamlphp/log/:Z
      - /srv/docker/volumes/some-simplesamlphp/metadata/:/var/simplesamlphp/metadata/:Z
      - /srv/docker/volumes/some-simplesamlphp/modules/:/var/simplesamlphp/modules/:Z
      - /srv/docker/volumes/some-simplesamlphp/templates/:/var/simplesamlphp/templates/:Z
      - /srv/docker/volumes/some-simplesamlphp/www/:/var/simplesamlphp/www/:Z
    restart: always
    networks:
      - simplesamlphp-network

  some-memcacheda01:
    container_name: some-memcacheda01
    image: memcached:latest
    restart: always
    networks:
      - simplesamlphp-network

  some-memcacheda02:
    container_name: some-memcacheda02
    image: memcached:latest
    restart: always
    networks:
      - simplesamlphp-network

  some-memcachedb01:
    container_name: some-memcachedb01
    image: memcached:latest
    restart: always
    networks:
      - simplesamlphp-network

  some-memcachedb02:
    container_name: some-memcachedb02
    image: memcached:latest
    restart: always
    networks:
      - simplesamlphp-network

  some-haproxy:
    container_name: some-haproxy
    image: million12/haproxy:latest
    depends_on:
      - some-simplesamlphp
    ports:
      - 80:80
      - 443:443
    volumes:
      - /srv/docker/volumes/some-haproxy/haproxy/:/etc/haproxy/:Z
    restart: always
    cap_add:
      - NET_ADMIN
    networks:
      - simplesamlphp-network