- name: setup new-new data.coop website using unipi
  docker_container:
    name: new-new.data.coop_website
    image: docker.data.coop/unipi:latest
    restart_policy: unless-stopped
    purge_networks: yes
    networks:
      - name: external_services
    env:
      VIRTUAL_HOST: "new-new.{{ services.data_coop_website.domains|join(',') }}"
      LETSENCRYPT_HOST: "new-new.{{ services.data_coop_website.domains|join(',') }}"
      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
    # The ssh-key is for read-only only
    command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
    capabilities:
      - NET_ADMIN
    devices:
      - "/dev/net/tun"
    labels:
      com.centurylinklabs.watchtower.enable: "true"