From 9806526732280a579397a01bebfa3bbb3dfb766e Mon Sep 17 00:00:00 2001
From: Cameron Hyde <chyde@neoformit.com>
Date: Mon, 9 Dec 2024 07:56:43 +1000
Subject: [PATCH] Fix certbot docker compose config to avoid nginx container
 name collision

---
 ansible/roles/galaxy_labs_engine/tasks/certbot.yml | 14 +++++++-------
 docker-compose.yml                                 | 13 ++++++++++++-
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/ansible/roles/galaxy_labs_engine/tasks/certbot.yml b/ansible/roles/galaxy_labs_engine/tasks/certbot.yml
index 6b91ba7..59d5364 100644
--- a/ansible/roles/galaxy_labs_engine/tasks/certbot.yml
+++ b/ansible/roles/galaxy_labs_engine/tasks/certbot.yml
@@ -31,12 +31,12 @@
 
     - name: Request SSL certificate with certbot
       shell: >
-        docker compose --profile certbot run --rm certbot certonly \
-          --webroot                                                \
-          --webroot-path /var/www/certbot/                         \
-          --agree-tos                                              \
-          --non-interactive                                        \
-          -d "{{ certbot_domain }}"                                \
+        docker compose --profile certbot run --rm certbot-init certonly \
+          --webroot                                                     \
+          --webroot-path /var/www/certbot/                              \
+          --agree-tos                                                   \
+          --non-interactive                                             \
+          -d "{{ certbot_domain }}"                                     \
           -m "{{ certbot_renew_email }}"
       args:
         chdir: "{{ config_root }}"
@@ -53,7 +53,7 @@
         name: "certbot-renew"
         minute: "0"
         hour: "0"
-        job: "docker compose --profile certbot run --rm certbot renew"
+        job: "cd {{ config_root }} && docker compose --profile certbot run --rm certbot renew"
       tags: certbot
 
   always:
diff --git a/docker-compose.yml b/docker-compose.yml
index b475dc8..6263d4c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -92,7 +92,7 @@ services:
       - /etc/letsencrypt:/etc/letsencrypt:ro
     restart: always
 
-  certbot:
+  certbot-init:
     profiles:
       - certbot
     depends_on:
@@ -103,6 +103,17 @@ services:
       - /var/www/certbot:/var/www/certbot:rw
       - /etc/letsencrypt:/etc/letsencrypt:rw
 
+  certbot:
+    profiles:
+      - certbot
+    # depends_on:  # N.B. certbot depends on nginx but it's usually running and
+    #   - nginx    # causes a container name collision
+    image: certbot/certbot:latest
+    container_name: certbot
+    volumes:
+      - /var/www/certbot:/var/www/certbot:rw
+      - /etc/letsencrypt:/etc/letsencrypt:rw
+
 networks:
   labs-engine-network:
     driver: bridge