Function "exists" not working for symlink

[pvlg]

I use symlink for certificate letsencrypt

ln -s /etc/letsencrypt/live/example.com/fullchain.pem /etc/nginx/certs/example.com.crt
ln -s /etc/letsencrypt/live/example.com/privkey.pem /etc/nginx/certs/example.com.key

Function "exists" can not find a certificate.

[jekewa]

This won't work because inside the container, your host's /etc/letsencrypt/archive folder is not available.

While /etc/letsencrypt/live/example.com is a real folder, /etc/letsencrypt/live/example.com/fullchain.pem is a symlink to /etc/letsencrypt/archive/example.com/fullchain??.pem (where the ?? is whatever version of cert is your current one). Same with the privkey.pem file. That symlink cannot be followed from within the container.

You could make a hard-link (ln without the -s) to the cert file, but you would have to recreate that every time your certificate is updated.

What would be great would be if this container would use the /etc/letsencrypt structure to find the certificates. The /etc/letsencrypt folder from the host (or shared volume with one of the many letsencrypt maintenance containers) could be mounted in this container, and the certificates could be indicated and found within that folder, using the /etc/letsencrypt/live/$LETSENCRYPT_HOST path, and the symlink to the right ../../archive/ folder could be followed.

Even with this, the container (or at least nginx within) needs to be restarted when the certificates are renewed, but at least the path doesn't need to be re-linked to keep it whole. Perhaps some other trigger to drop and reload that domain's config could be added.