I need to have certbot restart one of my container on certificate renewal. I wasn't aware NGINX read the certificate into memory once off and never hooked for a change.
Discussion
Containerisation ftw! I'm using nginx-proxy + acme-companion. It handles restarting Nginx automatically after renewing certificates. Check it out: https://github.com/nginx-proxy/acme-companion
Thanks Anthony, I'm going to give this a look
There is no need to restart nginx to update certificates, you can ask nginx to reload TLS certificates (`-s reload`, it actually reloads entire configuration): https://nginx.org/en/docs/switches.html
You can even reload nginx binary on-the-fly and revert this change if necessary: https://nginx.org/en/docs/control.html
Thanks!