version: '3.3'

services:
  ca:
    image: step-ca-test:latest
    ports:
      - "8443:443"
    restart: always

  renewer:
    depends_on:
      - ca
    image: step-renewer-test:latest
    volumes:
      - certificates:/var/local/step
    secrets:
      - password
    environment:
      STEPPATH: /home/step
      STEP_CA_URL: https://ca
      STEP_FINGERPRINT: 84a033e84196f73bd593fad7a63e509e57fd982f02084359c4e8c5c864efc27d
      STEP_ROOT: /var/local/step/root_ca.crt
      STEP_KID: DmAtZt2EhmZr_iTJJ387fr4Md2NbzMXGdXQNW1UWPXk
      STEP_PASSWORD_FILE: /run/secrets/password
      COMMON_NAME: nginx

  nginx:
    depends_on:
      - renewer
    image: nginx-test:latest
    ports:
      - "4443:443"
    volumes:
      - certificates:/var/local/step:ro
    restart: always

volumes:
  certificates:

secrets:
  password:
    file: ./password.txt