FROM python:3.12-slim

LABEL maintainer="Your Name <youremail@example.com>"
LABEL description="Certbot with dns-standalone plugin for wildcard certificate generation"

# Install certbot and the dns-standalone plugin
RUN pip install --no-cache-dir certbot certbot-dns-standalone

# Create directories for Let's Encrypt data
RUN mkdir -p /etc/letsencrypt /var/lib/letsencrypt /var/log/letsencrypt

# Copy the entrypoint script
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Expose DNS port (53) for both TCP and UDP
EXPOSE 53/tcp
EXPOSE 53/udp

# Expose HTTP port for potential HTTP challenges
EXPOSE 80

# Volume for certificate storage
VOLUME ["/etc/letsencrypt", "/var/lib/letsencrypt"]

ENTRYPOINT ["/entrypoint.sh"]