version: '3.7'
services:
#  minio-getkeys:
#    container_name: minio-getkeys
#    hostname: minio-getkeys
#    image: alpine
#    user: 0:0  # we need root to read the key/cert
#    restart: on-failure:3
#    # ToDo: Replace with variable
#    volumes:
#      - ${CERT_PATH}:/mnt/src:ro
#      - ./data/home/.minio/certs:/mnt/dst:rw
#    command: >
#              sh -c 'apk add --no-cache inotify-tools
#              && while true;
#              do inotifywait /mnt/src/fullchain.pem --event modify 
#              && date +%x_%r 
#              && cp /mnt/src/fullchain.pem  /mnt/dst/public.crt
#              && cp /mnt/src/key.pem        /mnt/dst/private.key
#              && chown 1000:1000            /mnt/dst/*.*
#              && chmod 600                  /mnt/dst/*.*; done'
  minio:
    networks:
      - docker-dmz
    volumes:
      - ${CERT_PATH}${HOSTNAME}:/home/data/.minio/certs
    expose:
      - "9001"
    environment:
      VIRTUAL_HOST: ${HOSTNAME}
      LETSENCRYPT_HOST: ${HOSTNAME}
      LETSENCRYPT_EMAIL: webmaster@${HOSTNAME}
      
networks:
  docker-dmz:
    external:
      name: reverse-proxy