Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: docker run --rm certbot/certbot renew
It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
No renewals were attempted.
My web server is (include version): nginx 1.21.4 (via docker)
The operating system my web server runs on is (include version): 6.1.97-104.177.amzn2023.x86_64
My hosting provider, if applicable, is: amazon ec2
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): docker run --rm certbot/certbot --version
well, i think my config is conforming to the requirements.
I'm running certbot inside docker and "mapping" the certbot required paths to a local persistent path. The local paths are supporting the nginx access happily but I had created the certs outside the docker environment. I've verified changing privkey.pem breaks the nginx config. I'm trying/forced to use systemd to invoke a script which then "docker run"'s certbot while supposedly mapping things properly. My debug problem is determining what certbot is doing inside this mapping. Maybe I need to ask docker in this case what it's thinking. All of this is part of my attempt to push most everything from GitHub to AWS.
Yes, you need to look inside the container. Your www subdomain is currently returning a cert issued May17 which just expired. You have a more recent cert issued Jun13. So that seems to be missing. Not the primary issue here just a piece of the puzzle.
Your first post shows a Certbot renew that says no renewals were attempted. I will guess that Certbot does not see any cert profiles. What does this show
docker run -rm certbot/certbot certificates
Certbot has to run once successfully to create a /etc/letsencrypt/renewal/(domain).conf renewal profile. Only then will the renew do anything. Of course, if your container is mapped to your host which has such a file that should work too. But, if the above certificates command is empty something is wrong with your mapping to your persistent store.