# ROMM - ROM Manager for Game Libraries
# Domain: arcade.{{DOMAIN}}
# Database: MariaDB + Redis
# RAM: ~300MB | Pi-compatible: Possible but heavy
#
# Environment variables (set in Portainer):
#   DB_PASSWORD             - MariaDB user password (required)
#   MYSQL_ROOT_PASSWORD     - MariaDB root password (required)
#   ROMM_AUTH_SECRET_KEY    - Auth secret (required, generate with: openssl rand -hex 32)
#   IGDB_CLIENT_ID          - IGDB API client ID (optional, for game metadata)
#   IGDB_CLIENT_SECRET      - IGDB API client secret (optional)
#   STEAMGRIDDB_API_KEY     - SteamGridDB API key (optional, for cover art)
#
# Storage layout:
#   ROM library    → {{HDD_PATH}}/storage/romm/library     (HDD, host path)
#   Cover art etc  → {{HDD_PATH}}/storage/romm/resources   (HDD, host path)
#   App config     → romm_config                            (named volume, NVMe)
#   MariaDB data   → romm_db_data                           (named volume, NVMe)
#   Redis data     → romm_redis_data                        (named volume, NVMe)
#
# First-time setup:
#   Default login: admin / admin — change immediately!

services:
  romm:
    image: rommapp/romm:4.5.0
    container_name: romm
    restart: unless-stopped
    depends_on:
      romm-db:
        condition: service_healthy
      romm-redis:
        condition: service_started
    entrypoint: ["/bin/sh", "-c"]
    command:
      - |
        if [ ! -f /romm/config/config.yml ]; then
          echo "Creating default config.yml..."
          cat > /romm/config/config.yml << 'CONF'
        exclude:
          platforms: []
          roms: []
        system:
          log_level: INFO
        CONF
        fi
        exec /docker-entrypoint.sh /init
    environment:
      - ROMM_AUTH_SECRET_KEY=${ROMM_AUTH_SECRET_KEY}
      - DB_PASSWD=${DB_PASSWORD}
      - DB_HOST=romm-db
      - DB_PORT=3306
      - DB_NAME=romm
      - DB_USER=romm
      - REDIS_HOST=romm-redis
      - REDIS_PORT=6379
      - ROMM_PORT=8080
      - IGDB_CLIENT_ID=${IGDB_CLIENT_ID:-}
      - IGDB_CLIENT_SECRET=${IGDB_CLIENT_SECRET:-}
      - STEAMGRIDDB_API_KEY=${STEAMGRIDDB_API_KEY:-}
      - TZ=Europe/Budapest
    volumes:
      - {{HDD_PATH}}/storage/romm/library:/romm/library
      - {{HDD_PATH}}/storage/romm/resources:/romm/resources
      - romm_config:/romm/config
    networks:
      - traefik-public
      - romm-internal
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.romm.rule=Host(`arcade.{{DOMAIN}}`)"
      - "traefik.http.routers.romm.entrypoints=websecure"
      - "traefik.http.routers.romm.tls=true"
      - "traefik.http.services.romm.loadbalancer.server.port=8080"

  romm-db:
    image: mariadb:11.4
    container_name: romm-db
    restart: unless-stopped
    environment:
      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
      - MYSQL_DATABASE=romm
      - MYSQL_USER=romm
      - MYSQL_PASSWORD=${DB_PASSWORD}
      - TZ=Europe/Budapest
    volumes:
      - romm_db_data:/var/lib/mysql
    networks:
      - romm-internal
    healthcheck:
      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

  romm-redis:
    image: redis:7-alpine
    container_name: romm-redis
    restart: unless-stopped
    command: redis-server --appendonly yes
    volumes:
      - romm_redis_data:/data
    networks:
      - romm-internal
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 3

volumes:
  romm_config:
  romm_db_data:
  romm_redis_data:

networks:
  traefik-public:
    external: true
  romm-internal: