version: "3.8"

services:
  ntfy:
    image: binwiederhier/ntfy:latest
    command: ["serve"]
    restart: unless-stopped
    ports:
      - "8080:80" # ntfy web/app (optional)
    volumes:
      - ntfy_etc:/etc/ntfy
      - ntfy_var_lib:/var/lib/ntfy
    environment:
      # Make sure auth-file is configured in /etc/ntfy/server.yml
      # Example:
      #   auth-file: "/var/lib/ntfy/user.db"
      #   auth-default-access: "deny-all"
      - TZ=Europe/Berlin

  ntfywui:
    build: .
    restart: unless-stopped
    depends_on:
      - ntfy
    ports:
      - "8090:8080" # WebUI
    volumes:
      - ntfy_etc:/etc/ntfy:ro
      - ntfy_var_lib:/var/lib/ntfy
      - ntfywui_data:/data
    environment:
      - TZ=Europe/Berlin
      # REQUIRED: strong random secret (>=32 bytes; base64 recommended)
      - NTFYWUI_SECRET=${NTFYWUI_SECRET}
      # First admin (only used if admins.json doesn't exist yet)
      - NTFYWUI_BOOTSTRAP_USER=${NTFYWUI_BOOTSTRAP_USER}
      - NTFYWUI_BOOTSTRAP_PASS=${NTFYWUI_BOOTSTRAP_PASS}
      # Behind reverse proxy? Trust the proxy IP/CIDR to read X-Forwarded-For safely.
      # - NTFYWUI_TRUST_PROXY=172.18.0.0/16

volumes:
  ntfy_etc:
  ntfy_var_lib:
  ntfywui_data: