version: '3.7'
services:
  minio-getkeys:
    container_name: minio-getkeys
    hostname: minio-getkeys
    image: alpine
    user: 0:0  # we need root to read the key/cert
    restart: on-failure:3
    # ToDo: Replace with variable
    volumes:
      - ${CERT_PATH}:/mnt/src:ro
      - ./data/home/.minio/certs:/mnt/dst:rw
    command: >
              sh -c 'apk add --no-cache inotify-tools
              && while true;
              do inotifywait /mnt/src/fullchain.pem --event modify 
              && date +%x_%r 
              && cp /mnt/src/fullchain.pem  /mnt/dst/public.crt
              && cp /mnt/src/key.pem        /mnt/dst/private.key
              && chown 1000:1000            /mnt/dst/*.*
              && chmod 600                  /mnt/dst/*.*; done'
  minio:
    networks:
      - docker-dmz
#            - /opt/docker/reverse-proxy/data/certs/${HOSTNAME}:/home/data/.minio/certs
networks:
  docker-dmz:
    external:
      name: docker-dmz