Docker Container options-ssl-nginx.conf

My domain is: etniapagana.com

My web server is (include version): Ubuntu20

The operating system my web server runs on is (include version): docker nginx-alpine

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): docker certbot/certbot

Hello.
I would like to know if there is any certbot image that include the options-ssl-nginx.conf file?
If not I figured out that I must manually configure ssl parameters in nginx.conf.
Can you confirm that? Why not to include this file into the image (like in any common installation)?
Thanks, Mateo.

Hi @Mateo, and welcome to the LE community forum :slight_smile:

Please do not install certbot on Ubuntu using apt.
Follow the recommended instructions [using snap]:
Certbot Instructions | Certbot (eff.org)

2 Likes

If you use the certbot --nginx plug-in as installer it will create that file and configure your https server block.

If you used another option (like certonly) then certbot only gets a cert and you must configure your https server block. The mozilla configurator can be helpful although I recommend avoiding HSTS and Stapling until you are certain you know what those are.

You didn't show the command you used otherwise we could be more specific.

3 Likes

Unfortunately, as far as I know, that's not possible with Docker, as Certbot and nginx would be running in separate containers.

3 Likes

Perhaps look at a guide like this: Nginx and Let’s Encrypt with Docker in Less Than 5 Minutes | by Philipp | Medium

Or use a dedicated nginx image with certbot combined, then use that the reverse proxy any other services you have (so only the one container is juggling certificates): https://hub.docker.com/r/jonasal/nginx-certbot

You could also consider using Caddy or similar as an ACME aware reverse proxy for your services.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.