This is a quick and easy one.


  • An Alpine Linux container
  • An internet connection

Install nginx

apk add nginx
rc-update add nginx default
rc-service nginx start

Nginx Configuration

Config file is located at /etc/nginx/nginx.conf.

Use service nginx reload to reload the configuration after editing it.

Install Certbot

Currently certbot only lives in the community repository. You can find out which repo a package is in by looking at the Alpine Packages website. You’ll need to add the community repository by editing /etc/apk/repositories and adding the following line:


Note that this is for version 3.4. You may have to update the version number

After editing your repositories you need to update them and install certbot.

apk update && apk upgrade
apk add certbot@community

Adding a new cert

Certificates can be added with certbot using the wizard. Don’t forget to stop any instances of nginx first!

certbot certonly

Updating certs automatically

Let’s Encrypt certs only last 3 months. This is by design. One of the beautiful parts of Let’s Encrypt is that we can update the certs automatically. I have created a script in etc/periodic/weekly to update my scripts. It only has one line:

/usr/bin/certbot renew --standalone --pre-hook "service nginx stop" --post-hook "service nginx start"

Don’t forget to make this script executable!

This script is run by cron on a weekly basis. It automatically stops nginx before it starts and starts it back up when it’s finished.