---
version: '3.8'

services:
  agent:
    image: portainer/agent:2.14.1
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - portainer_agent_network
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]

  portainer:
    image: portainer/portainer-ce:2.14.1
    command: -H tcp://tasks.agent:9001 --tlsskipverify --admin-password-file /run/secrets/portainer_admin_password --logo {{ .docker.portainer.siteLogoUrl }} --no-analytics true --templates {{ .docker.portainer.templatesUrl }}
    expose:
      - 9443
    ports:
      - "8000:8000"
    volumes:
      - portainer_manager_data:/data
    networks:
      - portainer_agent_network
      - nginx_network
    secrets:
      - portainer_admin_password
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]

networks:
  portainer_agent_network:
    driver: overlay
    attachable: true
    internal: true
  nginx_network:
    external: true

secrets:
  portainer_admin_password:
    external: true

volumes:
  portainer_manager_data: