Add cerbot www to nginx/frontend docker to allow cert renewal while s…

…ervices are running

docker-compose.yml

@@ -17,6 +17,7 @@ services:
     volumes:
       - ${PREDICTCR_SSL_CERT:-./cert.pem}:/predictcr_ssl_cert.pem
       - ${PREDICTCR_SSL_KEY:-./key.pem}:/predictcr_ssl_key.pem
+      - ${PREDICTCR_CERTBOT_WWW:-/var/www/certbot}:/var/www/certbot:ro
     networks:
       - predictcr-network
   email:

frontend/nginx.conf

@@ -1,3 +1,19 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name predictcr.com;
+    server_tokens off;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return 301 https://predictcr.com$request_uri;
+    }
+}
+
 server {
         server_name www.predictcr.com;
         return 301 $scheme://predictcr.com$request_uri;
@@ -7,7 +23,7 @@ server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;
-   server_name predictcr.com localhost;
+   server_name predictcr.com;
         ssl_certificate      /predictcr_ssl_cert.pem;
         ssl_certificate_key  /predictcr_ssl_key.pem;