# Select your image
FROM ubi9:latest

# Install epel, wget and certbot. Download the acme-dns validator
RUN yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
RUN yum install wget certbot -y
RUN wget https://github.com/joohoi/acme-dns-certbot-joohoi/raw/master/acme-dns-auth.py

# Amend the python script, make it executable and place it in /etc/letsencrypt
RUN sed -i 's/python/python3/g' acme-dns-auth.py 
RUN chmod +x acme-dns-auth.py 
RUN mv acme-dns-auth.py /etc/letsencrypt/

# Make the output dir for the SSL certificates and create the startup script
RUN mkdir /letsencrypt
## change example.com and domain.com with your actual web and mail servers.
RUN echo -e 'certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges --email mailbox@domain.com --agree-tos --no-eff-email -d example.com -d www.example.com && cp -aL /etc/letsencrypt/live/example.com/* /letsencrypt' > /.startup.sh

# Make your startup script executable and run it
RUN chmod +x /.startup.sh
CMD ["/bin/bash","/.startup.sh"]