services:
  overleaf:
    extends:
      file: ${TEMPLATES_PATH}
      service: default
    image: sharelatex/sharelatex
    container_name: overleaf
    ports:
      - 4008:80
    volumes:
      - ${SERVICE_PATH}/overleaf/config:/configs
    environment:
      OVERLEAF_APP_NAME: Overleaf on ${SECOND_LEVEL_DOMAIN}
      OVERLEAF_NAV_TITLE: Overleaf
      ENABLED_LINKED_FILE_TYPES: 'project_file,project_output_file'
      # Enables Thumbnail generation using ImageMagick
      ENABLE_CONVERSIONS: 'true'
      # Disables email confirmation requirement
      EMAIL_CONFIRMATION_DISABLED: 'true'
      # temporary fix for LuaLaTex compiles, see https://github.com/overleaf/overleaf/issues/695
      TEXMFVAR: /var/lib/overleaf/tmp/texmf-var
      OVERLEAF_SITE_URL: https://overleaf.${LOCAL_DOMAIN}
      # OVERLEAF_HEADER_IMAGE_URL: http://example.com/mylogo.png
      OVERLEAF_ADMIN_EMAIL: ${EMAIL}
      # OVERLEAF_LEFT_FOOTER: '[{"text": "Another page I want to link to can be found <a href=\"here\">here</a>"} ]'
      # OVERLEAF_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
      # OVERLEAF_EMAIL_FROM_ADDRESS: "hello@example.com"
      # ENABLE_CRON_RESOURCE_DELETION: true
      # OVERLEAF_TEMPLATES_USER_ID: "578773160210479700917ee5"
      # OVERLEAF_NEW_PROJECT_TEMPLATE_LINKS: '[ {"name":"All Templates","url":"/templates/all"}]'
      # OVERLEAF_PROXY_LEARN: "true"

      # DB
      OVERLEAF_MONGO_URL: mongodb://overleaf:${OVERLEAF_DB_PASSWORD}@mongodb:27017/overleaf
      # Redis
      OVERLEAF_REDIS_HOST: redis
      REDIS_HOST: redis
      # LDAP
      LDAP_SERVER_URL: ldap://lldap:3890
      OVERLEAF_LDAP_SEARCH_BASE: ou=people,dc=${SECOND_LEVEL_DOMAIN},dc=${TOP_LEVEL_DOMAIN}
      OVERLEAF_LDAP_SEARCH_FILTER: '(uid={{username}})'
      OVERLEAF_LDAP_BIND_DN: cn=readonly_user,ou=people,dc=${SECOND_LEVEL_DOMAIN},dc=${TOP_LEVEL_DOMAIN}
      OVERLEAF_LDAP_BIND_CREDENTIALS: ${LLDAP_READONLY_USER_PASSWORD}
      OVERLEAF_LDAP_EMAIL_ATT: mail
      OVERLEAF_LDAP_NAME_ATT: firstName
      OVERLEAF_LDAP_LAST_NAME_ATT: lastName
      OVERLEAF_LDAP_UPDATE_USER_DETAILS_ON_LOGIN: false
      ## SMTP
      # OVERLEAF_EMAIL_SMTP_HOST: smtp.example.com
      # OVERLEAF_EMAIL_SMTP_PORT: 587
      # OVERLEAF_EMAIL_SMTP_SECURE: false
      # OVERLEAF_EMAIL_SMTP_USER:
      # OVERLEAF_EMAIL_SMTP_PASS:
      # OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
      # OVERLEAF_EMAIL_SMTP_IGNORE_TLS: false
      # OVERLEAF_EMAIL_SMTP_NAME: '127.0.0.1'
      # OVERLEAF_EMAIL_SMTP_LOGGER: true
      # OVERLEAF_CUSTOM_EMAIL_FOOTER: "This system is run by department x"
    labels:
      # Watchtower
      - "com.centurylinklabs.watchtower.enable=true"
      # Traefik
      - "traefik.enable=true"
      - "traefik.http.routers.overleaf.rule=Host(`overleaf.${LOCAL_DOMAIN}`)"
      - "traefik.http.routers.overleaf.entrypoints=https"
      - "traefik.http.routers.overleaf.tls=true"
      # Middlewares
      - "traefik.http.routers.overleaf.middlewares=crowdsec-bouncer@file"