I have a docker image, which creates containers for my web app. The details of the web app don't matter at all. What matters is that each time, the container can use a different address ( server1., server2. etc.) and I want to create Let's encrypt keys for each of them.
In order to do that, I use the web service authorization, so certbot creates some files which are then accessed by the lets encrypt server to test if I am the owner of the domain. Once tested, it will generate the keys which can be used.
At the moment, I have the nginx configuration file with two server parts, one for http and one for https. I just comment out the https part, start the server, perform the certbot action, uncomment the https section and restart the container.
It is a bit cumbersome, difficult to automate, is there any way I could change the nginx configuration so that it will not crash when there are no SSL certificates available? And then after restart, it would work automatically?
Or maybe there is an even easier way to handle my scenario?
Step 1: Put the two server parts in different files and include them from nginx.conf using a wildcard. Eg. include config.d/*.conf.
Step 2: Rename the SSL server file to *.conf.disabled.
Step 3: In the entrypoint script, test if the certificate file exists. It it does, rename the .conf.disabled file to .conf.
Alternative: In most cases, you can also just use certbot to get the certificate in the entrypoint script.