# NAME leenooks/nginx
# VERSION latest

FROM nginx:alpine

# Change to http respositories, so they we can cache the install packages
RUN if [ -n "${HTTP_PROXY}" ] ; then echo "Using HTTP PROXY [${HTTP_PROXY}]" && sed -i -e s'/https/http/' /etc/apk/repositories; fi

RUN apk add --no-cache nginx nginx-mod-mail bash

# Add acme-lego Certbot
ENV LEGOVER=v4.14.2
RUN curl -sL https://github.com/go-acme/lego/releases/download/${LEGOVER}/lego_${LEGOVER}_linux_amd64.tar.gz | tar -C /usr/sbin -xzf -

# Configuration
COPY etc/nginx/nginx.conf /etc/nginx
COPY etc/nginx/default.d /etc/nginx/default.d
COPY etc/nginx/include.d /etc/nginx/include.d
RUN chmod 444 /etc/nginx/default.d/ssl/* && \
	chmod 400 /etc/nginx/default.d/ssl/default.key /etc/nginx/default.d/ssl/dhparams.pem

# Default SSL cert
RUN mkdir -p /etc/nginx/conf.d/ssl && \
	ln -s ../../default.d/ssl/default.crt /etc/nginx/conf.d/ssl/mail.crt && \
	ln -s ../../default.d/ssl/default.key /etc/nginx/conf.d/ssl/mail.key
COPY ssl.sh /usr/sbin/
COPY init-docker /sbin/

COPY var/www/maintenance /var/www/maintenance

# Expose our web root and log directories log.
#VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d", "/etc/nginx/include.d" ]

# Starting
EXPOSE 80 443 25 110 143
LABEL cron.container.weekly root#/usr/sbin/ssl.sh lego renew
ENTRYPOINT [ "/sbin/init-docker" ]