wait, how did I use to manage certs for this service?

oops, the certificates for this service are about to expire.

dashboard showing the expiration date of the certificates
dashboard showing the expiration date of the certificates

Let's Encrypt certification expiration notice
Let's Encrypt certification expiration notice

yeah, I probably should set up alerts for that, but I'll do that later. for now, let's just fix this quickly. if I remember correctly, I used certbot to manage the certs, so it should be a couple of commands [1] and we're done.

sudo su
certbot renew
success message from certbot
success message from certbot

alright, that was easy. now I just need to restart the nginx container and we're good to go.

firefox warning for invalid certificates
firefox warning for invalid certificates

wait, the certs aren't updated yet... oh, right, I need to copy the certs to the path mounted by the container so that it has the proper certs.

sudo su
cd /etc/letsencrypt/live/<domain>/
cp *.pem <container-certs-dir>/ # do not use mv
chown 1000:1000 <container-certs-dir>/*.pem
docker restart <container-name>

and that's it. the service should be up and running with the new certificates :D

certs are now fixed and the downtime is over!
certs are now fixed and the downtime is over!

more TILs

created:
source: /content/collections/til/certs-renewal
0.23.2