services:
  renovate:
    image: renovate/renovate:37-slim
    command: /entrypoint.sh
    user: "{{ docker_user.id }}"
    environment:
      - TZ={{ timezone }}
      - GITHUB_COM_TOKEN={{ vault_renovate_github_token }}
      - DOCKER_HOST=tcp://docker_proxy:2375
      - LOG_LEVEL=debug  # Noisy, but required for debugging
    restart: unless-stopped
    networks:
      - default
      - renovate_private
    depends_on:
      - redis
      - docker_proxy
    volumes:
      - ./config.js:/usr/src/app/config.js:ro
      - ./entrypoint.sh:/entrypoint.sh:ro
      - /mnt/data:/mnt/data  # These must be the same

  redis:
    image: redis:7-alpine
    restart: unless-stopped
    volumes:
      - ./redis:/data

  docker_proxy:
    image: lscr.io/linuxserver/socket-proxy:latest
    restart: unless-stopped
    environment:
      - POST=1
      - CONTAINERS=1
      - INFO=1
      - IMAGES=1
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - renovate_private
    tmpfs:
      - /run
    logging:
      driver: none

networks:
  renovate_private:
    internal: true