We can’t use LetsEncrypt’s built in auto functionality because our server blocks are too complex, e.g. having regex based server names. But after a few weeks of adjustments we’ve come up with a simple configuration we’re really happy with and would like to share here
We’re running about 15 domains with LetsEncrypt certs under Nginx. We don’t need to change ANY configuration at all to add new domains (apart from add the new domain to the LetsEncrypt command itself). It doesn’t need root access and auto renews the certs each month. This method is really simple and the general idea works for any web-server regardless of its current level of support by LetsEncrypt.
It’s documented on our SSL page in the first section: