Perhaps pkg install py37-certbot-nginx works.. Just guessing now here 
I'm not familair with TrueNAS and Google is failing me.
I really dislike the way Discourse hi-jacks the browsers Ctrl-F. Just load the whole #($*() thread and let my browser do the searching!
What port are you trying to secure?
Yep. It's awful. AJAX baby. Gotta hate it.
ok
root@nc-jail:~ # certbot certonly --nginx -d "cloud.lemovstudio.com" --dry-run --config-dir /usr/local/etc/letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Simulating a certificate request for cloud.lemovstudio.com
Performing the following challenges:
Waiting for verification....lemovstudio.com
Cleaning up challenges
IMPORTANT NOTES:
Oh hell yes! 
We're really in business now! 
I need clear archive and live folder ?
Aw crap, now I've got to edit my renewal config file above again..
You could try to use that one first too!
Dry run worked. Follow Osiris's lead here. He's got the details covered.
Please try the following again first, mainly to humor me:
cat > /usr/local/etc/letsencrypt/renewal/cloud.lemovstudio.com.conf <<EOF
# renew_before_expiry = 30 days
cert = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/cert.pem
privkey = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/privkey.pem
chain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/chain.pem
fullchain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/fullchain.pem
version = 1.13.0
archive_dir = /usr/local/etc/letsencrypt/cloud.lemovstudio.com
# Options and defaults used in the renewal process
[renewalparams]
installer = nginx
authenticator = nginx
rsa_key_size = 4096
account = 6136119b947f7ce7cdf61dd3e9da79c9
server = https://acme-v02.api.letsencrypt.org/directory
EOF
certbot certificates --config-dir /usr/local/etc/letsencrypt
sorry but I'm not sure how do this...
root@nc-jail:~ # cat > /usr/local/etc/letsencrypt/renewal/cloud.lemovstudio.com.conf <<EOF
?
I hope the nginx installer works. 
@giuseppe30 You've got to copy/paste the whole part from cat .. to the EOF on a single line. That's a feature of bash: between <<EOF and the EOF on a single line is seen as a single part.. And that will be the input for cat which is outputted to the renewal configuration file with >.
Perhaps a little bit too advanced Bash stuff for this Community without extra explanation, sorry about that.
Be careful that the line breaks are there though. Sometimes the backtick format in discourse screws up the copy.
Works for me here @griffin! 
Beautiful error that the directory /usr/local/etc/letsencrypt..` doesn't exist 
Maybe just use nano?
Hell no, I'm a vim guy! Although any text editor would work too I guess if the cat thingy is too difficult.
sorry @Osiris but I don't understand...
Then fire up your most favorite text editor and put the following content:
# renew_before_expiry = 30 days
cert = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/cert.pem
privkey = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/privkey.pem
chain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/chain.pem
fullchain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/fullchain.pem
version = 1.13.0
archive_dir = /usr/local/etc/letsencrypt/cloud.lemovstudio.com
# Options and defaults used in the renewal process
[renewalparams]
installer = nginx
authenticator = nginx
rsa_key_size = 4096
account = 6136119b947f7ce7cdf61dd3e9da79c9
server = https://acme-v02.api.letsencrypt.org/directory
in:
/usr/local/etc/letsencrypt/renewal/cloud.lemovstudio.com.conf
Afterwards, try certbot certificates --config-dir /usr/local/etc/letsencrypt again and see what it does 
Is that archive_dir correct, @Osiris?