I know a bit of docker, but my current setup doesn't use it. You can generate the certs on the host and mount them into Docker with the "-v" volume switch. You would also renew them on the host itself.
This will work with the standalone version which tried to start a webserver, but you will need to stop nginx while doing this as you can only have 1 thing listening on port 80 at a time.
The documentation on mounting volumes on Docker:
BETTER
I better solution is to mount a common directory and a vhost on nginx to handle the incoming challenge request. An example vhost for me is:
server {
listen 80;
server_name heroesofthestorm.co.za www.heroesofthestorm.co.za img.heroesofthestorm.co.za;
location '/.well-known/acme-challenge' {
default_type "text/plain";
root /tmp/letsencrypt-auto;
}
# .... Rest of the locations
}
Give this article a read, this uses NGINX to manage the incomming request with the location mapping above: