Re-structured nginx config

nginx/build/Dockerfile

@@ -0,0 +1,14 @@
+FROM nginx:stable-alpine
+
+RUN apk add --no-cache certbot
+
+COPY entrypoint.sh ./entrypoint.sh
+RUN chmod +x ./entrypoint.sh
+
+RUN mkdir /var/lib/certbot
+COPY renew /etc/periodic/weekly/renew
+RUN chmod +x /etc/periodic/weekly/renew
+
+RUN /usr/sbin/crond -f -d 8 &
+
+ENTRYPOINT [ "./entrypoint.sh" ]

nginx/build/entrypoint.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+
+certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand
+/usr/sbin/nginx -g "daemon off;"

nginx/build/renew

@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew --webroot --webroot-path /var/lib/certbot/ --post-hook "/usr/sbin/nginx -s reload"