I haven’t yet installed Certbot because I have concerns about how it would run in my infrastructure and need some advice.
I’m currently running LXC containers. Each container runs an instance of Nginx for a specific domain. Haproxy, running in a separate container, terminates SSL and proxies the request to the correct container.
In looking at the instructions for Certbot, it seems that setup and renewal will never work for me since Haproxy is in one container and the Server nodes are in another. Is there a way around this? Or is it a case where once I copy the validation files into /.well-known on the correct server, it won’t be necessary again? If so, where does Certbot run? I assume in the container with Haproxy?