what’s the current state-of-the-art for auto-renewing HTTPS certs for nginx?
Are you on k8s?
Unfortunately no recent experience with self-NGINX with LE. Bet a lot has improved since I last checked it out.
I vaguely recall reading it’s got a lot better, but it’s hard to google
Are you running on AWS?
no wait, no
No prob… was going to suggest using ACM
Where are you hosted?
just vanilla droplets for now
Ensure your server is safe, no matter where it’s running: public cloud, private cloud, Kubernetes cluster, or even a Mac mini under your TV with Argo Secure Tunnel.
Argo is pretty sweet. Doesn’t require k8s
You don’t need to expose your webservers at all
It creates an encrypted reverse tunnel out to CloudFlare
CloudFlare handles all certs
that does look very cool
the “contact us” pricing looks a bit scary
context: this is for our staging environment
funnily enough, we use ACM for production
ah prices are at the bottom of the page, just $5/month?
Though I think it requires business class
Which is 200
FYI in case anyone is interested, this seems to work pretty well: https://certbot.eff.org
There is a sidecar container for doing auto letsencrypt
LetsEncrypt companion container for nginx-proxy. Contribute to JrCs/docker-letsencrypt-nginx-proxy-companion development by creating an account on GitHub.
My personal space.
lets encrypt down
looks like it was planned? https://letsencrypt.status.io/pages/history/55957a99e800baa4470002da