FROM alpine:3.17

RUN apk --no-cache add -f \
  openssl \
  openssh-client \
  coreutils \
  bind-tools \
  curl \
  sed \
  socat \
  tzdata \
  oath-toolkit-oathtool \
  tar \
  libidn \
  jq

ENV LE_CONFIG_HOME /acme.sh

ARG AUTO_UPGRADE=1

ENV AUTO_UPGRADE $AUTO_UPGRADE

#Install with --no-cron (cron created at first run of 'daemon')
COPY ./ /install_acme.sh/
RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/acme.sh --install --no-cron || curl https://get.acme.sh | sh) && rm -rf /install_acme.sh/


RUN ln -s /root/.acme.sh/acme.sh /usr/local/bin/acme.sh && \
  # Install cronjob on first run.  This enables each instances crontab to be randomly timed instead of random per build
  # Remove > /dev/null so BusyBox's crond -f will output stdout/stderr from cronjobs
  echo '@reboot /usr/local/bin/--install-cronjob && crontab -l | grep acme.sh | sed "s#> /dev/null##" | crontab - && crontab -l | grep -v @reboot | crontab - || /usr/local/bin/--uninstall-cronjob && crontab -l' | crontab - && \
  # Output crontab during build process for verification/debugging
  crontab -l

RUN for verb in help \
  version \
  install \
  uninstall \
  upgrade \
  issue \
  signcsr \
  deploy \
  install-cert \
  renew \
  renew-all \
  revoke \
  remove \
  list \
  info \
  showcsr \
  install-cronjob \
  uninstall-cronjob \
  cron \
  toPkcs \
  toPkcs8 \
  update-account \
  register-account \
  create-account-key \
  create-domain-key \
  createCSR \
  deactivate \
  deactivate-account \
  set-notify \
  set-default-ca \
  set-default-chain \
  ; do \
    printf -- "%b" "#!/usr/bin/env sh\n/root/.acme.sh/acme.sh --${verb} --config-home /acme.sh \"\$@\"" >/usr/local/bin/--${verb} && chmod +x /usr/local/bin/--${verb} \
  ; done

RUN printf "%b" '#!'"/usr/bin/env sh\n \
if [ \"\$1\" = \"daemon\" ];  then \n \
 exec crond -f \n \
else \n \
 exec -- \"\$@\"\n \
fi\n" >/entry.sh && chmod +x /entry.sh

VOLUME /acme.sh

ENTRYPOINT ["/entry.sh"]
CMD ["--help"]