From 05778f34f2762c33692109e3ac37673686ac46f3 Mon Sep 17 00:00:00 2001
From: Rescla <rescla@xz1.nl>
Date: Sat, 13 Jun 2026 21:48:46 +0200
Subject: [PATCH] Add tls for ionos Add ipv6 connectivity Enable meshmesh.nl

---
 ionos/.docker/ca.pem           | 33 +++++++++++++++++++++
 ionos/.docker/cert.pem         | 32 +++++++++++++++++++++
 ionos/.docker/key.pem          | 52 ++++++++++++++++++++++++++++++++++
 ionos/meshmesh.tf              |  8 +++++-
 ionos/nginx-lb.tf              | 27 ++++++++++++++++++
 ionos/terraform.tfstate        |  2 +-
 ionos/terraform.tfstate.backup |  2 +-
 7 files changed, 153 insertions(+), 3 deletions(-)
 create mode 100644 ionos/.docker/ca.pem
 create mode 100644 ionos/.docker/cert.pem
 create mode 100644 ionos/.docker/key.pem

diff --git a/ionos/.docker/ca.pem b/ionos/.docker/ca.pem
new file mode 100644
index 0000000..85105a4
--- /dev/null
+++ b/ionos/.docker/ca.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFnTCCA4WgAwIBAgIUebzSr5nekKmBuSsHnFbUeDwTjaYwDQYJKoZIhvcNAQEL
+BQAwXjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5
+MQ4wDAYDVQQKDAVNeU9yZzEMMAoGA1UECwwDRGV2MRIwEAYDVQQDDAlQb2RtYW4g
+Q0EwHhcNMjYwNjEzMTgzNjExWhcNMzYwNjEwMTgzNjExWjBeMQswCQYDVQQGEwJV
+UzEOMAwGA1UECAwFU3RhdGUxDTALBgNVBAcMBENpdHkxDjAMBgNVBAoMBU15T3Jn
+MQwwCgYDVQQLDANEZXYxEjAQBgNVBAMMCVBvZG1hbiBDQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAJLQgNzxizq7QA1k2B6y0Ri2HcutUi0fS/o88GJq
+EEa938ZDleAy9XXybrVZJob33bc5TNHjIuL+6jlq/DjiX5/9nUB8JCNPuHjk5YFy
+X7oWp0SJR7BeQ4GobDGo4Qx7Y6hwlmzF/KSNL3jZpP2F2MLzYaUAn9lh6pLrC2qm
+pb5VCGTlVkFIUsUm3e177OSb3nEF2zERS5UNMMNIRavhXH3iZ8z+GlHYIO3V7aap
+u5dT1LAjDd5hMR2eOZAoGCsu/RwX32Birhi61nHmYtXY9lSAjB+US0fupeSkwOga
+xJteRCJ0QUxePRhTNLZs1XhTgtb3F0jnGeDGmeuAfykv0LaCgyP0XgQ42tz2vn89
+bjxdIKF2xFGlS129C0XcLEs8pzrG/pQDgggqsjUVr1UM0uZq46W1lRYTy8vrvFFQ
+98dYX8E9FkksPPsF6moYOszK7h0YgZjdnZPeJyKeTJQGjIOvDyjVE4TAv6dCZKTE
+CTrK0rBBh7xIAJUVHqZkVnQVy9ZoUZyApr8p7sqHTfI7tpks6Guo4QrrXvlKLIdR
+UMqhp+nsJf8skPou9ziunPPC1fFLQHYwxcxuE9kms0TOPn8Bf3P/Ct4wUBkLlnlJ
+6gw7u0LlN0fwUGVO5wBTtVSIyiWl4ygrTuii2y5D8/FY3unTPac5KOj8ILrDTZ+8
+umovAgMBAAGjUzBRMB0GA1UdDgQWBBSIxwCEYgnjEmO8ekyBpLPLLkRsMTAfBgNV
+HSMEGDAWgBSIxwCEYgnjEmO8ekyBpLPLLkRsMTAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBCwUAA4ICAQAdyObSLUEh3dC7oKWnVtPwaFoWbTM+nWAihYFSu/7j
+2+q83gPUUq2tWPNa0GJmUjio8nbBEFnSd/uvMTjKxtor1MdQ56LcrxY+XE5FuVVV
+MdkVv1sbXxPEA2aFxxvskRrsAJDMHIhA39gm6MEYQqSFj76cCYoAxctEwCuMfAjN
+XHOvKKadz+F2a6yWoxn1FikQx8FPCDe4MXisIhcCEnYK2UzPSyN4j5Euomm8ngBF
+ur2i3iAsb92Lks5CXuCJCaSlkZwu8F0PbZ3ArtgABdtfI24LgmO8PUKq7a+1sal3
+N2XFWLcU1qpneZVQPl555bgsr8YZH4e1ck+P02PL2eN2czzzPRfy/sssgZZw7AuV
+nFgo59JzTwvmiGryktjvpJTasfONwtNwFCmGKQmEwpGRLaERF+eATWmCj1t8K5js
+/P3F7tLGA18i6KkGVsPVkKHvnrhIsObQ16B9d3mODjGfKoGxWeeyb/FzWmLngHzJ
+1i5teyyZ3cNK9z6fPearjj+ue607aj5WEiV+BMmQ8za2oUVOEuowXzKpzTmSWRJH
+weuGJV1XUcf8kuA3MlTMtgeopyMl/PooJE/miXq3cnoJlf/UlvsvJjHk7m70zbAt
+Lh4Hku88QbLYT10VfKzhQIrmIorTvj8lp+7zDe2vJYb4/zTDEc0++IeKWZutG8ja
+YQ==
+-----END CERTIFICATE-----
diff --git a/ionos/.docker/cert.pem b/ionos/.docker/cert.pem
new file mode 100644
index 0000000..11e5116
--- /dev/null
+++ b/ionos/.docker/cert.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFkDCCA3igAwIBAgIUMQYyYblhBohpMTkXrhPNM9TMANYwDQYJKoZIhvcNAQEL
+BQAwXjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5
+MQ4wDAYDVQQKDAVNeU9yZzEMMAoGA1UECwwDRGV2MRIwEAYDVQQDDAlQb2RtYW4g
+Q0EwHhcNMjYwNjEzMTgzNjEyWhcNMjcwNjEzMTgzNjEyWjBiMQswCQYDVQQGEwJV
+UzEOMAwGA1UECAwFU3RhdGUxDTALBgNVBAcMBENpdHkxDjAMBgNVBAoMBU15T3Jn
+MQwwCgYDVQQLDANEZXYxFjAUBgNVBAMMDVBvZG1hbiBDbGllbnQwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDqWhZ6UgaZtS60hmqntE21rg1eod47VfzJ
+zryhhjtAPrqU2KEp5aHyPR+5kZq8Nr5qvVcnclp4k2IqcNXbTUil4pU3LKfvbTGG
+eYxWFQSIpOw5x3QTAC1Kp0ISOLNYLWOZMJJVBpU8GzD6JTaxp6rdqAkJWKCFX5au
+OoIxNeroBxE38ZO5h89x8/FHiniMwzygFDONe6x/nf1fGLzJTPaGAFzylqKTrK9g
+xIQK69OmfPFiRbJcCSz0hnY/AmXT/4fp+BJfa0NsCxn7wZAIIQYSvfuGCOpGK0Zv
+JL3tGtoWBxskt/OpMvkRgBhBDJPHvK4qunzTHzj7vAsCbAW18rbHDekImh3/5kFM
+AihgbJBkcN0ImB+llyyrerzfWx4g4GmAWWlB48+9Er6klEE4KIAhui68f/Sw7t7F
+08AbkpOnAOseQ/30Crm7Ftw+/rUOfA14kDuGUlxW0CT9pKeoaga7iyGfJLQ4v/4l
+6N3Hl2eTUJkNnhAsf8bOHsySxXGdSJX2ipBPd8aeckG9ecvezVTu28NyCKuYAulv
+HhjZh4DIlx88pbT0kyux0h7Tt99lY2USHsp3n7ks40r97U53Mx/onh5Vqich/jJ5
+r1EoJ6VjZit7/nmRwDyZ0PAEMr7Wc1whGaEKxRb5f7IUIsu1Ezfp/2VxWA3l/KQV
+/gNCZkXgOQIDAQABo0IwQDAdBgNVHQ4EFgQUuXj8gKqaS8d4GNuyHOXJatdBzy4w
+HwYDVR0jBBgwFoAUiMcAhGIJ4xJjvHpMgaSzyy5EbDEwDQYJKoZIhvcNAQELBQAD
+ggIBACi8auAYKI4EqFKajw1tju5NBX1VdcK1SVUDJIiqxZcmYGZyXtBYz62cena0
+cmk6gV3mMdCrEju0kxCcK1Wn166f9sohKMsBNZKj+Ka8JBjMHIsRGY87ig8BppvR
+F8mgw8eXQ5q8Dqisz93S5FgpkAjaxA4ayUR9Z043W066k/zI6RVbyq1MJUucrvD+
+Wl4j/9Nsfc1jI+OSYd4aQI6vHVxs79gBri37xfKJzqcmg8eqBoEK3S3QAhOi+bek
+yk7c13espW5Hiq38Xu8BeT3x5EHmHxo25FvWwAlcxINTQ4CWvt1CqQREwdXZpCu5
+0Q69chRr5jRhqLGWFYhTNyW15knbhpXe9RoeuaXnx4SQ55brZ3t38WVTi2vSsKpR
+fSRdXiDmtQxvYmB/sv2URfyo8SxrqHHmGZsr1IvtYsk75h7+yrQrk5VDREWuesZt
+kcfZjYLOJuZ/mAxpZ5MYR0ISYpl++t8Hac6Yv8hZTf/Fgfvu3xNrnLFgQ61nnVL3
+OQPKq3XrZfSZUEb9006Qvw1ubIhHxNZyS/yrudzEEGpXLCkc2Nx1a8LxUjeBSfee
+BsrVzdB9MLBe7/E1L5RcHVf3ZJnbdikJxe+HUpRrckOZE8LlPA6nNUDC8XYObXBH
+lMUkjpi2tvakIaGKQ40wQ6efWuOrAEdwKXhYgFWVunzvj1k5
+-----END CERTIFICATE-----
diff --git a/ionos/.docker/key.pem b/ionos/.docker/key.pem
new file mode 100644
index 0000000..32b9476
--- /dev/null
+++ b/ionos/.docker/key.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDqWhZ6UgaZtS60
+hmqntE21rg1eod47VfzJzryhhjtAPrqU2KEp5aHyPR+5kZq8Nr5qvVcnclp4k2Iq
+cNXbTUil4pU3LKfvbTGGeYxWFQSIpOw5x3QTAC1Kp0ISOLNYLWOZMJJVBpU8GzD6
+JTaxp6rdqAkJWKCFX5auOoIxNeroBxE38ZO5h89x8/FHiniMwzygFDONe6x/nf1f
+GLzJTPaGAFzylqKTrK9gxIQK69OmfPFiRbJcCSz0hnY/AmXT/4fp+BJfa0NsCxn7
+wZAIIQYSvfuGCOpGK0ZvJL3tGtoWBxskt/OpMvkRgBhBDJPHvK4qunzTHzj7vAsC
+bAW18rbHDekImh3/5kFMAihgbJBkcN0ImB+llyyrerzfWx4g4GmAWWlB48+9Er6k
+lEE4KIAhui68f/Sw7t7F08AbkpOnAOseQ/30Crm7Ftw+/rUOfA14kDuGUlxW0CT9
+pKeoaga7iyGfJLQ4v/4l6N3Hl2eTUJkNnhAsf8bOHsySxXGdSJX2ipBPd8aeckG9
+ecvezVTu28NyCKuYAulvHhjZh4DIlx88pbT0kyux0h7Tt99lY2USHsp3n7ks40r9
+7U53Mx/onh5Vqich/jJ5r1EoJ6VjZit7/nmRwDyZ0PAEMr7Wc1whGaEKxRb5f7IU
+Isu1Ezfp/2VxWA3l/KQV/gNCZkXgOQIDAQABAoICAFb1Qq30zdovLrtxvRWpg8RM
+Z02cBphB2eEQQ1I0OrwmCpm8oGCpgqQeJi13Z9E7BwEYbMSIXCWtmplg8RnE3ZYg
+M3obqdzfyaa6Z2ZxuhLyD22JIvsB78xpr8yPGY04mmJ3cXT3UlzRQiUvtdHKA07o
+USIUrsuOopzXvQOBnD6okK0PiN8pE8KW4ArJyN2CfHZxyIdRQrq/5wpoZXTUiA1F
+CThCyOS/CPyBLvXWd9ypM/BhKEOabAH3+tx6iUpW4RniIP8jEAuBOwz9z/IUPuqp
+cDFWEYgj+qi3G3plolLWJC5Fy7YW4fCqdVV900AkNQRJ2pOEXGKcbgFiD+RpwYP5
+Sg7qwA3QQDW3arDasP0fPUWsobJP18JgzLw+Gg2rAvSbRJEswfT87o6+XRcFf3l8
+7I+qyNhyqTIv5N97FdJ/slTTWAlfNTmqQTh4tPo9EExFfehY/1l+Dx+zfh2UErtt
+6ECMrhi8iwWSxM1DbjVihPSs/HE32pfmS52YNJ3+5OtUVA++13oxSGXqZrpddjzE
+t4wfFdCQaJgiXgELvuIG5Ta7N1BxE06ZRAYXKhl3QOEB4iX7TlmAWSd5hlJ2AZoC
+giMd2NvNL6S1nu7BoFMCrjsv2+7Rx3hyX2u3DLWblGudL+0ZHUm24gMhel6S9IwF
+ty39KSnlaGpMVrD0cYo5AoIBAQD5RNm31BAFra3wrIGlUjc3pql2e5bzKx/lqfHl
+ZKIY+LkS+Zf5DqKVhpo8aa5r2+JaT5lmXfY+ieXCsSUBhQPVRWFSNKemmqO+GriK
+nb5dj6laBjcGiXJw6Srm7d3rg1u9sHogd37/AF6fkTgr45HNUKQEAfAvy48xXh/e
+EH5P+c7SGSXypxBOk6nueMjqdeqTi5o+A/mGeQcn2k3FVMw2J2iJ6WnSSyjjcoPC
+18G4bBGuvTPEOn+taDUIgM/y8M+5NigV2LrKrYVNsE2V3hMdl7iwuLPIM8IrldMx
++9cQeMq/wiO73IT1d6QCcLHRfcO5xr1DDFfMxia1zGFW/NXLAoIBAQDwrh5eakVF
+QiMti4glZk7odvpS+lP6PnQEQBQFy+Yv17I36tkgxJSCyDP6nW85JuEm60d9IOAA
+mDK8UxSh+J5wNnXThaoMggmaiqD7lOnQxi4l6QgPS7JlKh53mHjCWNmC1CMszVqq
+ZwyOsLcrDYDc7cLJ5oD9F6aW/MGmJpZ1tJNr6xDQUQsMAjfP/0KPw2QXKHxIXvw3
+v2AT0wGk/cC77lDfSMxKo3BFiW6Zi/A1EImpedgFz4RQyVT2F1Kb1TyveCw7ZNnM
+t3x2pPSWNayDGGK/WddG0SFRGBnRMggJXVWz10G6L6qrPpCDa+s4Qw5EaD0p1neR
+jk9oiyAFeAGLAoIBAQDjBrMoe0sQcOuv/N2jXasO04sab1u/I3LMsKiw3aPJDJc7
+Ufn5CzxG5S4KgdIrSDvzNvYmxsNkmCGb3c0vgh9ImgUWYwCie8tQdHPJQ/xCqHp8
+lJZ/LKX/ck3xv4lUW/ItZNMGSO9wfryvpgq75ms/zQdk4wMH9OT4+JobnXf9jS6y
+KddnFoOCnXiyym1rJXQ9Z3NWsjYMJKTAxlH4vM+1LtVGbkFEF9IovX6F8g3s0viT
+5pyERydMH1HV6cP7pxn5vPprU1ZlC/8SD9XJ/lX4qNu8kKylVYauPan5pz5sMSev
+2LjE/AZYrtvAoTVC8MFXrUtpCo/Y4EwXXgr1uBdbAoIBACAI3OvuMygjxHDkeIuZ
+0XjplSoEPbc6JtEGAmQ/HnVRvVvp+1p8L9Q0d46s88fkn+VBPbOu84HAwEgGuuFQ
+KS6AYTB1QwwFJugV+ZVi3bg3GJ9dJAB9L9J9R67dcX1UvCbIu6HT93Rk4OwBI3As
+jPFbCCk9b/+/7SF9pPzLeA1UqqablBJWJyVDClC6Bg8Cj8jxT5GGawW0iEI7PKXM
+TKH293awxthMZr4qq7juQludxuTy3cjwNQlXsuJKemlZeYlVcnW5V7AC4CMek5uG
+q16LmWEkwR2g6lFT5uPMR/uPG8AjL5FrlMjUPAHyFE3ZxwVd5n4yGJocGf+tPObd
+cT8CggEANUA8yGf/4QRXzdjP91zg6STCIxCUshAMKJeCEqKFQstuTn8wjWn6yoxP
++upk0kiwU6UWKQkuPviQjsXNfqu/hYk2oQAv5lJN8FKklz38nnNIPACfvwKB14oM
+UsedU4U/a8AXCWbMylbUvMUryiXL2bS+V3LgrRSU0ohkYqmW3ZvQ+efzU08L2dYe
+05icn05M6sBUDymwf0jpJHwScMrMvSrOuf8fQ9zKWdCHIs0gbHBbjWLMA+lKpDFg
+xo+qnrUhGpvIQMap+FvGEz4p6GA8EoOObmT5w6yf2TT/E3F6klL1yeGLm7FsFyPB
+nsCWP9s/XqW9PKafXpFfM/OSiBGC7A==
+-----END PRIVATE KEY-----
diff --git a/ionos/meshmesh.tf b/ionos/meshmesh.tf
index c1e9871..29fbc93 100644
--- a/ionos/meshmesh.tf
+++ b/ionos/meshmesh.tf
@@ -9,11 +9,17 @@ terraform {
 
 provider "docker" {
   host      = "tcp://127.0.0.1:2376"
-  #cert_path = pathexpand(".docker")
+  cert_path = pathexpand(".docker")
 
   registry_auth {
     address = "gitea.rescla.me"
     username = "rescla"
     password = "9c84612c4b053e2ec663cde03da730b6a01304e8"
   }
+}
+
+resource "docker_network" "bridge-v6" {
+  name = "bridge-v6"
+  ipv6 = true
+  driver = "bridge"
 }
\ No newline at end of file
diff --git a/ionos/nginx-lb.tf b/ionos/nginx-lb.tf
index 40160cb..d2da7f9 100644
--- a/ionos/nginx-lb.tf
+++ b/ionos/nginx-lb.tf
@@ -7,10 +7,14 @@ resource "docker_image" "nginx-lb" {
   pull_triggers = [data.docker_registry_image.nginx-lb.sha256_digest]
 }
 
+
+
 resource "docker_container" "nginx-lb" {
   image = docker_image.nginx-lb.image_id
   name = "nginx-lb"
 
+  #user = "1001:1001"
+
   env = [
     "CERTBOT_EMAIL=letsencrypt@meshmesh.nl"
   ]
@@ -45,18 +49,41 @@ resource "docker_container" "nginx-lb" {
     type = "bind"
   }
 
+  mounts {
+    target = "/var/www/meshmesh.nl/current"
+    source = "/var/www/meshmesh.nl/current"
+    type = "bind"
+  }
+
   restart = "always"
 
+  networks_advanced {
+    name = docker_network.bridge-v6.name
+  }
+
   ports {
     internal = 80
     external = 80
   }
 
+  ports {
+    internal = 80
+    external = 80
+    ip = "2a02:2479:e7:3900::1"
+  }
+
   ports {
     internal = 443
     external = 443
   }
 
+  ports {
+    internal = 443
+    external = 443
+    ip = "2a02:2479:e7:3900::1"
+  }
+
+
   lifecycle {
     ignore_changes = [
       ulimit,
diff --git a/ionos/terraform.tfstate b/ionos/terraform.tfstate
index 332aa53..1476dec 100644
--- a/ionos/terraform.tfstate
+++ b/ionos/terraform.tfstate
@@ -1 +1 @@
-{"version":4,"terraform_version":"1.11.1","serial":4,"lineage":"b6201ac6-dfc0-c9be-7968-176095446bfb","outputs":{},"resources":[{"mode":"data","type":"docker_registry_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"id":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","insecure_skip_verify":false,"name":"jonasal/nginx-certbot:latest","sha256_digest":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"},"sensitive_attributes":[]}]},{"mode":"managed","type":"docker_container","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":2,"attributes":{"attach":false,"bridge":"","capabilities":[],"cgroup_parent":null,"cgroupns_mode":null,"command":["/scripts/start_nginx_certbot.sh"],"container_logs":null,"container_read_refresh_timeout_milliseconds":15000,"cpu_period":null,"cpu_quota":null,"cpu_set":"","cpu_shares":0,"cpus":null,"destroy_grace_seconds":null,"device_read_bps":[],"device_read_iops":[],"device_requests":[],"device_write_bps":[],"device_write_iops":[],"devices":[],"dns":null,"dns_opts":null,"dns_search":null,"domainname":"","entrypoint":["/docker-entrypoint.sh"],"env":["CERTBOT_EMAIL=letsencrypt@meshmesh.nl"],"exit_code":null,"gpus":null,"group_add":null,"healthcheck":null,"host":[],"hostname":"5927b0ef55e0","id":"5927b0ef55e0aa3a58299f4e78a795c2583481d3b0c16f563cc00dc3fa052487","image":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","init":false,"ipc_mode":"shareable","labels":[],"log_driver":"journald","log_opts":null,"logs":false,"max_retry_count":0,"memory":0,"memory_reservation":0,"memory_swap":0,"mounts":[{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/conf","target":"/etc/nginx/config","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/log","target":"/var/log/nginx","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/nginx.conf","target":"/etc/nginx/nginx.conf","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/secrets","target":"/etc/letsencrypt","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/user_conf.d","target":"/etc/nginx/user_conf.d","tmpfs_options":[],"type":"bind","volume_options":[]}],"must_run":true,"name":"nginx-lb","network_data":[{"gateway":"10.88.0.1","global_ipv6_address":"","global_ipv6_prefix_length":0,"ip_address":"10.88.0.77","ip_prefix_length":16,"ipv6_gateway":"","mac_address":"3e:16:94:4c:1d:57","network_name":"podman"}],"network_mode":"bridge","networks_advanced":[],"pid_mode":"private","platform":"linux","ports":[{"external":80,"internal":80,"ip":"0.0.0.0","protocol":"tcp"},{"external":443,"internal":443,"ip":"0.0.0.0","protocol":"tcp"}],"privileged":false,"publish_all_ports":false,"read_only":false,"remove_volumes":true,"restart":"always","rm":false,"runtime":"oci","security_opts":[],"shm_size":62,"start":true,"stdin_open":false,"stop_signal":"3","stop_timeout":10,"storage_opts":null,"sysctls":null,"timeouts":null,"tmpfs":null,"tty":false,"ulimit":[],"upload":[],"user":"","userns_mode":"","volumes":[],"wait":false,"wait_timeout":60,"working_dir":"/"},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9","dependencies":["data.docker_registry_image.nginx-lb","docker_image.nginx-lb"]}]},{"mode":"managed","type":"docker_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"build":[],"force_remove":null,"id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaajonasal/nginx-certbot:latest","image_id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","keep_locally":null,"name":"jonasal/nginx-certbot:latest","platform":null,"pull_triggers":["sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"],"repo_digest":"docker.io/jonasal/nginx-certbot@sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","timeouts":null,"triggers":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19","dependencies":["data.docker_registry_image.nginx-lb"]}]}],"check_results":null}
+{"version":4,"terraform_version":"1.11.1","serial":14,"lineage":"b6201ac6-dfc0-c9be-7968-176095446bfb","outputs":{},"resources":[{"mode":"data","type":"docker_registry_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"id":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","insecure_skip_verify":false,"name":"jonasal/nginx-certbot:latest","sha256_digest":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"},"sensitive_attributes":[]}]},{"mode":"managed","type":"docker_container","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":2,"attributes":{"attach":false,"bridge":"","capabilities":[],"cgroup_parent":null,"cgroupns_mode":null,"command":["/scripts/start_nginx_certbot.sh"],"container_logs":null,"container_read_refresh_timeout_milliseconds":15000,"cpu_period":null,"cpu_quota":null,"cpu_set":"","cpu_shares":0,"cpus":null,"destroy_grace_seconds":null,"device_read_bps":[],"device_read_iops":[],"device_requests":[],"device_write_bps":[],"device_write_iops":[],"devices":[],"dns":null,"dns_opts":null,"dns_search":null,"domainname":"","entrypoint":["/docker-entrypoint.sh"],"env":["CERTBOT_EMAIL=letsencrypt@meshmesh.nl"],"exit_code":null,"gpus":null,"group_add":null,"healthcheck":null,"host":[],"hostname":"9de775695c73","id":"9de775695c7347635fc92ee3a105353c2400eb9f27bb8bb157b3456b658c45c9","image":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","init":false,"ipc_mode":"shareable","labels":[],"log_driver":"journald","log_opts":null,"logs":false,"max_retry_count":0,"memory":0,"memory_reservation":0,"memory_swap":0,"mounts":[{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/conf","target":"/etc/nginx/config","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/log","target":"/var/log/nginx","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/nginx.conf","target":"/etc/nginx/nginx.conf","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/secrets","target":"/etc/letsencrypt","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/user_conf.d","target":"/etc/nginx/user_conf.d","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/www/meshmesh.nl/current","target":"/var/www/meshmesh.nl/current","tmpfs_options":[],"type":"bind","volume_options":[]}],"must_run":true,"name":"nginx-lb","network_data":[{"gateway":"10.89.0.1","global_ipv6_address":"fd48:c0d3:5c77:e03::2","global_ipv6_prefix_length":64,"ip_address":"10.89.0.2","ip_prefix_length":24,"ipv6_gateway":"fd48:c0d3:5c77:e03::1","mac_address":"b2:8d:c1:1a:54:a1","network_name":"bridge-v6"}],"network_mode":"bridge","networks_advanced":[{"aliases":[],"driver_opts":[],"gw_priority":null,"ipv4_address":"","ipv6_address":"","link_local_ips":[],"mac_address":"","name":"bridge-v6"}],"pid_mode":"private","platform":"linux","ports":[{"external":80,"internal":80,"ip":"0.0.0.0","protocol":"tcp"},{"external":80,"internal":80,"ip":"2a02:2479:e7:3900::1","protocol":"tcp"},{"external":443,"internal":443,"ip":"0.0.0.0","protocol":"tcp"},{"external":443,"internal":443,"ip":"2a02:2479:e7:3900::1","protocol":"tcp"}],"privileged":false,"publish_all_ports":false,"read_only":false,"remove_volumes":true,"restart":"always","rm":false,"runtime":"oci","security_opts":[],"shm_size":62,"start":true,"stdin_open":false,"stop_signal":"3","stop_timeout":10,"storage_opts":null,"sysctls":null,"timeouts":null,"tmpfs":null,"tty":false,"ulimit":[],"upload":[],"user":"","userns_mode":"","volumes":[],"wait":false,"wait_timeout":60,"working_dir":"/"},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9","dependencies":["data.docker_registry_image.nginx-lb","docker_image.nginx-lb","docker_network.bridge-v6"]}]},{"mode":"managed","type":"docker_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"build":[],"force_remove":null,"id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaajonasal/nginx-certbot:latest","image_id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","keep_locally":null,"name":"jonasal/nginx-certbot:latest","platform":null,"pull_triggers":["sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"],"repo_digest":"docker.io/jonasal/nginx-certbot@sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","timeouts":null,"triggers":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19","dependencies":["data.docker_registry_image.nginx-lb"]}]},{"mode":"managed","type":"docker_network","name":"bridge-v6","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":1,"attributes":{"attachable":false,"driver":"bridge","id":"3ae56da54d17ccde59640036f62f79b14ad68d1e93c7926887759d9c3bb37498","ingress":false,"internal":false,"ipam_config":[{"aux_address":{},"gateway":"10.89.0.1","ip_range":"","subnet":"10.89.0.0/24"},{"aux_address":{},"gateway":"fd48:c0d3:5c77:e03::1","ip_range":"","subnet":"fd48:c0d3:5c77:e03::/64"}],"ipam_driver":"default","ipam_options":{"driver":"host-local"},"ipv6":true,"labels":[],"name":"bridge-v6","options":{},"scope":"local"},"sensitive_attributes":[],"private":"eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="}]}],"check_results":null}
diff --git a/ionos/terraform.tfstate.backup b/ionos/terraform.tfstate.backup
index 24def26..4a9bd72 100644
--- a/ionos/terraform.tfstate.backup
+++ b/ionos/terraform.tfstate.backup
@@ -1 +1 @@
-{"version":4,"terraform_version":"1.11.1","serial":3,"lineage":"b6201ac6-dfc0-c9be-7968-176095446bfb","outputs":{},"resources":[{"mode":"data","type":"docker_registry_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"id":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","insecure_skip_verify":false,"name":"jonasal/nginx-certbot:latest","sha256_digest":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"},"sensitive_attributes":[]}]},{"mode":"managed","type":"docker_container","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":2,"attributes":{"attach":false,"bridge":"","capabilities":[],"cgroup_parent":null,"cgroupns_mode":null,"command":["/scripts/start_nginx_certbot.sh"],"container_logs":null,"container_read_refresh_timeout_milliseconds":15000,"cpu_period":null,"cpu_quota":null,"cpu_set":"","cpu_shares":0,"cpus":null,"destroy_grace_seconds":null,"device_read_bps":[],"device_read_iops":[],"device_requests":[],"device_write_bps":[],"device_write_iops":[],"devices":[],"dns":null,"dns_opts":null,"dns_search":null,"domainname":"","entrypoint":["/docker-entrypoint.sh"],"env":["CERTBOT_EMAIL=letsencrypt@meshmesh.nl"],"exit_code":null,"gpus":null,"group_add":null,"healthcheck":null,"host":[],"hostname":"207adcba40d4","id":"207adcba40d4b2296d2fc4ccc1c0bec1d95cd42231789444f7aaabbe24e11377","image":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","init":false,"ipc_mode":"shareable","labels":[],"log_driver":"journald","log_opts":null,"logs":false,"max_retry_count":0,"memory":0,"memory_reservation":0,"memory_swap":0,"mounts":[{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/conf","target":"/etc/nginx/config","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/log","target":"/var/log/nginx","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/nginx.conf","target":"/etc/nginx/nginx.conf","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/secrets","target":"/etc/letsencrypt","tmpfs_options":[],"type":"bind","volume_options":[]},{"bind_options":[],"read_only":null,"source":"/var/lib/containers/nginx-lb/user_conf.d","target":"/etc/nginx/user_conf.d","tmpfs_options":[],"type":"bind","volume_options":[]}],"must_run":true,"name":"nginx-lb","network_data":[{"gateway":"10.88.0.1","global_ipv6_address":"","global_ipv6_prefix_length":0,"ip_address":"10.88.0.2","ip_prefix_length":16,"ipv6_gateway":"","mac_address":"ae:72:4b:de:79:9f","network_name":"podman"}],"network_mode":"bridge","networks_advanced":[],"pid_mode":"private","platform":"linux","ports":[{"external":33739,"internal":80,"ip":"0.0.0.0","protocol":"tcp"},{"external":33215,"internal":443,"ip":"0.0.0.0","protocol":"tcp"}],"privileged":false,"publish_all_ports":false,"read_only":false,"remove_volumes":true,"restart":"always","rm":false,"runtime":"oci","security_opts":[],"shm_size":62,"start":true,"stdin_open":false,"stop_signal":"3","stop_timeout":10,"storage_opts":null,"sysctls":null,"timeouts":null,"tmpfs":null,"tty":false,"ulimit":[],"upload":[],"user":"","userns_mode":"","volumes":[],"wait":false,"wait_timeout":60,"working_dir":"/"},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9","dependencies":["data.docker_registry_image.nginx-lb","docker_image.nginx-lb"]}]},{"mode":"managed","type":"docker_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"build":[],"force_remove":null,"id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaajonasal/nginx-certbot:latest","image_id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","keep_locally":null,"name":"jonasal/nginx-certbot:latest","platform":null,"pull_triggers":["sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"],"repo_digest":"docker.io/jonasal/nginx-certbot@sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","timeouts":null,"triggers":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19","dependencies":["data.docker_registry_image.nginx-lb"]}]}],"check_results":null}
+{"version":4,"terraform_version":"1.11.1","serial":13,"lineage":"b6201ac6-dfc0-c9be-7968-176095446bfb","outputs":{},"resources":[{"mode":"data","type":"docker_registry_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"id":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","insecure_skip_verify":false,"name":"jonasal/nginx-certbot:latest","sha256_digest":"sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"},"sensitive_attributes":[]}]},{"mode":"managed","type":"docker_image","name":"nginx-lb","provider":"provider[\"registry.opentofu.org/kreuzwerker/docker\"]","instances":[{"schema_version":0,"attributes":{"build":[],"force_remove":null,"id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaajonasal/nginx-certbot:latest","image_id":"sha256:8bda190bf853319e5c819e786f68dda4a1d1f5ef78fbde0ade790b5428c6acaa","keep_locally":null,"name":"jonasal/nginx-certbot:latest","platform":null,"pull_triggers":["sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb"],"repo_digest":"docker.io/jonasal/nginx-certbot@sha256:62f055fb3882dbf920a30ad470c15751d05e382b3213e3eaf2ec9ea8873151cb","timeouts":null,"triggers":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19","dependencies":["data.docker_registry_image.nginx-lb"]}]}],"check_results":null}