# ssl_nginx hosting

## Preparation

1. Copy and edit (if needed) [nginx/nginx.conf.j2](nginx/nginx.conf.j2.example) file.
2. Add your certified domains to nginx/domains.txt file ([example](nginx/domains.txt.example)).

    These domains will be used by _certbot_ to monitor and update (if possible) certificates. _Nginx_ will also setup
    http server for the given entries.

    However if the domain is set both in domains.txt and servers.yaml (next step), _nginx_ will
    use https with certificates at the given path. That will fail nginx startup if the certificate
    to at least one domain is missing (--http-only option will skip domains.txt check).

3. Add your servers section configuration to nginx/servers.yaml ([example](nginx/servers.yaml.example)).

User email used for certbot can be set as environment variable at build process or in .env file.

## Usage

For the first time you should run (run_once.d-c.yml)[run_once.d-c.yml] docker-compose file to get certificates.

You can use (run_once.sh)[run_once.sh] script for this.

After it, `docker compose up` should do the trick. Certificates update attempt will be performed automatically at 02:15
  on each seventh day of month. (set in Dockerfile of _certbot_ and _nginx_).

## certbot_manual.sh

This sceipt is available to perform manual certificates obtaining. One can use it to get a
  wildcard certificate for example (not available for automatic generation without an appropriate plugin).