version: '3'

services:
  mariadb:
    image: mariadb:latest
    container_name: pdns-mariadb
    environment:
      MARIADB_ROOT_PASSWORD: ${MARIADB_ROOT_PASSWORD}
      MARIADB_DATABASE: ${MARIADB_DATABASE}
      MARIADB_USER: ${MARIADB_USER}
      MARIADB_PASSWORD: ${MARIADB_PASSWORD}
      MARIADB_REPLICATION_USER: ${MARIADB_REPLICA_USER}
      MARIADB_REPLICATION_PASSWORD: ${MARIADB_REPLICA_PASSWORD}
    volumes:
      - mariadb_data:/var/lib/mysql
      - mariadb_config:/etc/mysql
    networks:
      - pdns_network
    ports:
      - "3306:3306"
    restart: always

  pdns:
    image: pschiffe/pdns-mysql:latest
    container_name: pdns-master
    environment:
      PDNS_gmysql_host: mariadb
      PDNS_gmysql_port: 3306
      PDNS_gmysql_user: ${MARIADB_USER}
      PDNS_gmysql_password: ${MARIADB_PASSWORD}
      PDNS_gmysql_dbname: ${MARIADB_DATABASE}
      PDNS_gmysql-dnssec: true
      PDNS_primary: yes
      PDNS_api: yes
      PDNS_api_key: ${PDNS_API_KEY}
      PDNS_webserver: yes
      PDNS_webserver_address: 0.0.0.0
      PDNS_webserver_password: ${PDNS_WEBSERVER_KEY}
      PDNS_webserver_allow_from: 10.0.10.0/24
      PDNS_version_string: ${PDNS_VERSION_STRING}
      PDNS_default_ttl: 300
      PDNS_allow_axfr_ips: 172.17.0.0
      PDNS_only_notify: 172.5.0.21
    depends_on:
      - mariadb
    links:
      - mariadb
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "8081:8081"
    networks:
      - pdns_network
    restart: always

  pdns-admin:
    image: pschiffe/pdns-admin:latest
    container_name: pdns-admin
    environment:
      PDNS_ADMIN_SQLA_DB_HOST: mariadb
      PDNS_ADMIN_SQLA_DB_PORT: 3306
      PDNS_ADMIN_SQLA_DB_USER: ${MARIADB_USER}
      PDNS_ADMIN_SQLA_DB_PASSWORD: ${MARIADB_PASSWORD}
      PDNS_ADMIN_SQLA_DB_NAME: pdns
      PDNS_STATS_URL: http://pdns:8081
      PDNS_API_KEY: ${PDNS_API_KEY}
      PDNS_VERSION: ${PDNS_VERSION_STRING}
    depends_on:
      - pdns
    links:
      - mariadb
      - pdns
    networks:
      - pdns_network
    restart: always

  pdns-api:
    image: dalbodeule/dnsapi:latest
    container_name: pdns-api
    environment:
      DB_NAME: pdns
      DB_HOST: mariadb
      DB_PORT: 3306
      DB_USER: ${MARIADB_USER}
      DB_PASSWORD: ${MARIADB_PASSWORD}
      PDNS_API_URL: http://pdns:8081
      PDNS_API_KEY: ${PDNS_API_KEY}
      PDNS_NS: ${PDNS_NS}
    depends_on:
      - pdns
      - mariadb
    networks:
      - pdns_network
    restart: always

  nginx:
    image: jonasal/nginx-certbot:latest
    container_name: pdns-nginx
    restart: always
    environment:
      CERTBOT_EMAIL: ${CERTBOT_EMAIL}
      DHPARAM_SIZE: 4096
      RSA_KEY_SIZE: 4096
    ports:
      - 80:80
      - 443:443
      - 8443:8443
    volumes: # Storage can be either a
      - nginx_secrets:/etc/letsencrypt          # Docker managed volume (see list at the bottom)
      - nginx_conf:/etc/nginx/user_conf.d    # or a host mount with a relative or full path.
    networks:
      - pdns_network

volumes:
  mariadb_data:
  mariadb_config:
  nginx_secrets:
  nginx_conf:

networks:
  pdns_network:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: "10.0.10.0/24"
          gateway: "10.0.10.1"