Since this build is running nginx as a non-root user, I had problems accessing certs created by certbot (which runs as root). By setting a custom uid/gid at build corresponding to a user on the host system, I could then give nginx permission using Access Control list (ACL) to the cert volume, thus allowing it to read the files.
Added ARG variables to easily set a different uid, gid for the nginx user.
Example usage with a docker compose file:
Since this build is running nginx as a non-root user, I had problems accessing certs created by certbot (which runs as root). By setting a custom uid/gid at build corresponding to a user on the host system, I could then give nginx permission using Access Control list (ACL) to the cert volume, thus allowing it to read the files.
Based on this guide.