Documentation for use your own SSL certs conflicts with docs from nginx-proxy

[maco]

https://jippi.github.io/docker-pixelfed/customize/faq/#how-do-i-use-my-own-ssl-certificate says to name them ${APP_DOMAIN}.cert.pem and ${APP_DOMAIN}.key.pem plus some chain files. However, the docs for nginx-proxy say:

The contents of /path/to/certs should contain the certificates and private keys for any virtual hosts in use. The certificate and keys should be named after the virtual host with a .crt and .key extension. For example, a container with VIRTUAL_HOST=foo.bar.com should have a foo.bar.com.crt and foo.bar.com.key file in the certs directory.

I'm trying to use this for local development with a self-signed certificate. I had ERR_SSL_UNRECOGNIZED_NAME_ALERT with no option to accept the certificate anyway when I followed this project's docs. After switching my filenames to localhost.crt and localhost.key and ignoring the chain ones, the browser started receiving a certificate and just complaining about it being self-signed, giving me an option to bypass that.

I thought about sending a patch to change the docs, but I don't know how the LetsEncrypt part interacts and didn't want to break the docs related to those.

Relatedly, the healthchecks on this project fail if the certificate is self-signed. I had to add -k to the curl commands.

[jippi]

@maco did you figure out the right way this should work? If yes, I would love a docs PR update for it

It's entirely possible that it changed upstream and now our docs is just wrong

[maco]

For self-signed local dev, yes. But that doesn't involve the chain & full chain, so I don't know how those factor in for using this in production.

I could add a subsection to the docs, explaining the local dev use case.

[jippi]

love the idea of a section for using it for development - but lets make it a new page under Customization dedicated to it :) lets of stuff to expand on there in the future with dev containers, etc. :D