---
coder_svc:
  domain: coder.serguzim.me
  additional_domains:
    - "*.coder.serguzim.me"
  caddy_extra: import acmedns
  name: coder
  port: 7080
  db:
    host: "{{ postgres.host }}"
    port: "{{ postgres.port }}"
  ssh_port: 22
  ssh_port_alt: 3022

coder_env:
  CODER_ADDRESS: "0.0.0.0:7080"
  CODER_ACCESS_URL: https://{{ svc.domain }}
  CODER_WILDCARD_ACCESS_URL: "*.{{ svc.domain }}"

  CODER_PG_CONNECTION_URL: postgres://{{ vault_coder.db.user }}:{{ vault_coder.db.pass }}@{{ svc.db.host }}:{{ svc.db.port }}/coder?sslmode=verify-full

  CODER_OIDC_ISSUER_URL: https://auth.serguzim.me/application/o/coder-serguzim-me/
  CODER_OIDC_CLIENT_ID: "{{ vault_coder.oidc_client.id }}"
  CODER_OIDC_CLIENT_SECRET: "{{ vault_coder.oidc_client.secret }}"

coder_compose:
  watchtower: true
  image: ghcr.io/coder/coder:latest
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
  file:
    services:
      app:
        group_add:
          - "972" # docker group on host