I'm trying to understand how the --nginx plugin works, in my case. I'm using nginx, and haven't modified anything to its configuration myself. There's no mention of an acme_challenges directory anywhere. It is just my plain old configuration, nothing more.
I'm using the certonly mode, because I don't want certbot to modify my nginx blocks. Please don't tell me that the --nginx plugin finds my blocks and adds the correct lines to them, because I do not use this functionality.
Everything works perfectly fine, but I don't understand how and it bugs me out.
The --standalone plugin doesn't work, which is understandable since it appears it tries to run its own web server on port 80, which is already in use. The --nginx plugin works. How? Does it modify nginx's central configuration on the fly, to create and serve a challenge directory, and then erase its tracks, making sure to reload nginx at the right times? How can I find precisely how the configuration is being modified, then? I'm not comfortable having changes to my web server configuration happen in an opaque way.
Thanks in advance