---
lego_host_certificates: "{{ host_services | services_get_attr('certificates') | flatten }}"

lego_env:
  ACME_DNS_API_BASE: https://{{ acme_dns.host }}
  ACME_DNS_STORAGE_PATH: /config/acme-dns-accounts.json

  LEGO_EMAIL: "{{ admin_email }}"
  LEGO_PATH: /data

  CERTIFICATES_PATH: "{{ certificates_path }}"

lego_compose:
  watchtower: false
  network: false
  image: goacme/lego
  volumes:
    - ./config:/config:ro
    - "{{ certificates_path }}:/certificates"
    - data:/data
  file:
    services:
      app:
        restart: never
        network_mode: "host"
        entrypoint:
          - /lego
          - --accept-tos
          - --email={{ admin_email }}
          - --dns=acme-dns
    volumes:
      data: