Create script to get real certificates. Programs are functional but have not tried pointing the production router to the test box yet to see if the challenge will pass.

Config/ReverseProxy/config/nginx.conf

@@ -33,7 +33,7 @@ http {
     # Allow nginx to fulfill LetsEncrypt Certbot challenges.
     server {
         location /.well-known/acme-challenge/ {
-            root /etc/nginx/certs-letsencrypt;
+            root /etc/nginx/letsencrypt;
         }
     }
 

Config/ReverseProxy/create_letsencrypt_certs.sh

@@ -0,0 +1,73 @@
+#!/bin/bash
+# Create a real cert for each file in config/conf.d/.
+
+DIR=`dirname $0`
+if [[ $DIR == \.* ]]; then
+	DIR=`pwd`
+fi
+
+# Where the files need to live.
+CERT_DIR=$DIR/../../Volumes/ReverseProxy/letsencrypt-certs
+echo "CERT_DIR=$CERT_DIR"
+
+# Ensure that fake certs were created at some point, or that the system has been run at least once.
+if [[ ! -d $DIR/../../Volumes/ReverseProxy/letsencrypt-certs ]]; then
+	echo "ERROR: Certificate directory does not exist yet. Run the placeholder script first." >&2
+	exit 1
+fi
+
+# The container needs to be running in order to use the certbot command.
+certbot_running=`docker ps | grep -c reverseproxy-certbot-1`
+if [[ $certbot_running != 1 ]]; then
+	echo "ERROR: Certbot container does not appear to be running, cannot continue." >&2
+	exit 1
+fi
+
+# Gather information from the user.
+echo -n "Please provide the email address you would like the certs bound to: "
+read email
+if [[ -z $email ]]; then
+	echo "ERROR: Email address is mandatory. $email" >&2
+	exit 1
+fi
+
+echo -n "Please double check that '$email' looks correct and provide Yes if so: "
+typeset -u confirm
+read confirm
+if [[ $confirm != "Y"* ]]; then
+	echo "Email address was not confirmed, received '$confirm', aborting."
+	exit 0
+fi
+
+# Loop over the proxy configuration files and ensure they have certs.
+ls $DIR/config/conf.d/*.* | while read file; do
+	filename=`basename $file`
+
+	if [[ $filename == "example.com" ]]; then
+		echo "Skipping $filename since it is only for testing."
+		continue
+	fi
+
+	echo "*** Checking $filename ***"
+	if [[ -d $CERT_DIR/$filename ]]; then
+		echo "Getting the domains which need the cert."
+		domains=`grep server_name $file`
+
+		# Clean up the data by removing the directive and semi-colon, changing
+		#  spaces to commas, and making sure there are no gaps.
+		domains=${domains//server_name/}
+		domains=${domains//;/}
+		domains=`echo $domains`
+		domains=${domains// /,}
+		echo "Domains='$domains'"
+
+		echo "Attempting to create real certs at $CERT_DIR/$filename."
+		docker exec reverseproxy-certbot-1 certbot certonly -n --standalone \
+				--agree-tos -m $email -d $filename
+
+		ls -lh $CERT_DIR/$filename/*
+	else
+		echo "Website's certificate folder does not exist, skipping."
+		continue
+	fi
+done

Config/ReverseProxy/docker-compose.yml

@@ -15,11 +15,12 @@ services:
       - "80:80"
       - "443:443"
     volumes:
+      - ../../Volumes/ReverseProxy/letsencrypt:/etc/nginx/letsencrypt
       - ../../Volumes/ReverseProxy/letsencrypt-certs:/etc/nginx/certs
     command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
   certbot:
     image: certbot/certbot
     volumes:
-      - ../../Volumes/ReverseProxy/letsencrypt-etc:/etc/letsencrypt
+      - ../../Volumes/ReverseProxy/letsencrypt:/etc/letsencrypt
       - ../../Volumes/ReverseProxy/letsencrypt-certs:/var/www/certbot
     entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"