Сertbot сertificate renewal

[vasilyevmn]

Hi!
To renew certificates I use this script:
https://github.com/mattermost/docker/blob/main/contrib/systemd/certbot.service
It works well, I get a new certificate.
But it doesn't apply in a container without a restart.
How do I properly load the certificate without restarting the container?

[perplexityjeff]

I would love to know as well what the correct method is as well.

I tried the following command as well docker exec -it nginx_mattermost /usr/sbin/nginx -s reload but this does not seem to properly activate it. Restarting the whole thing does work however but I'd like to know what the more elegant solution is.

[txtsd]

Is this not being worked on?
What's the recommended way to get my cert renewed?

[Tudorhc5]

https://github.com/mattermost/docker/blob/main/docs/issuing-letsencrypt-certificate.md

[txtsd]

I did find that, however, there needs to be a way for the docker container to do it by itself.

[Tudorhc5]

I did find that, however, there needs to be a way for the docker container to do it by itself.

If you also want to store the certificates outside the container, that's where you should add it to the systemd timer.
If you add it inside the container, it will only renew the certificates locally, not updating in ${PWD}/certs/lib/letsencrypt:/var/lib/letsencrypt, thus when restarting the container, it may load a older, maybe expired certificate.
Checkout the scripts folder you get, you may find the issue-certificate script useful.