data "docker_registry_image" "nginx-lb" {
  name = "jonasal/nginx-certbot:latest"
}

resource "docker_image" "nginx-lb" {
  name = data.docker_registry_image.nginx-lb.name
  pull_triggers = [data.docker_registry_image.nginx-lb.sha256_digest]
}

resource "docker_network" "nginx-lb" {
  name = "nginx-lb"
}

resource "docker_container" "nginx-lb" {
  image = docker_image.nginx-lb.image_id
  name = "nginx-lb"

  env = [
    "CERTBOT_EMAIL=letsencrypt@xz1.nl"
  ]

  mounts {
    target = "/etc/nginx/nginx.conf"
    source = "/share/appdata/nginx-lb/nginx.conf"
    type = "bind"
  }

  mounts {
    target = "/etc/nginx/config"
    source = "/share/appdata/nginx-lb/conf"
    type = "bind"
  }

  mounts {
    target = "/etc/nginx/user_conf.d"
    source = "/share/appdata/nginx-lb/user_conf.d"
    type = "bind"
  }


  mounts {
    target = "/etc/letsencrypt"
    source = "/share/appdata/nginx-lb/secrets"
    type = "bind"
  }

  restart = "always"

  networks_advanced {
    name = docker_network.bridge.name
    ipv4_address = "192.168.2.115"
  }

  lifecycle {
    ignore_changes = [
      ulimit,
      log_opts
    ]
  }
}