ARG REPO_LOCATION
# ARG BASE_VERSION

FROM ${REPO_LOCATION}minideb AS builder

RUN install_packages curl ca-certificates \
	&& curl -sS https://dl.eff.org/certbot-auto -o /srv/certbot-auto \
	&& chmod +x /srv/certbot-auto


FROM ${REPO_LOCATION}minideb

COPY --from=builder /srv/certbot-auto /srv/certbot-auto

RUN /srv/certbot-auto --debug --noninteractive --install-only && \
	install_packages python3-pip

WORKDIR /opt/eff.org/certbot/venv
RUN . bin/activate \
	&& pip install certbot-dns-cloudflare \
	&& deactivate \
	&& ln -s /opt/eff.org/certbot/venv/bin/certbot /usr/bin/certbot

# Only required if we use acme.sh instead of certbot: openssl openssh-client coreutils dnsutils curl socat tzdata tar oathtool

VOLUME /srv/configdir /srv/workdir /srv/logsdir

USER 999:994
ENTRYPOINT [ "/usr/bin/certbot", \
	"--config-dir", "/srv/configdir", \
	"--work-dir", "/srv/workdir", \
	"--logs-dir", "/srv/logsdir" ]