From de2a06aec140a82f147f54d4929932e76ddd7f33 Mon Sep 17 00:00:00 2001
From: kaiyou <pierre@jaury.eu>
Date: Wed, 1 Nov 2017 15:24:22 +0100
Subject: [PATCH] Fix letsencrypt by using a separate port than the proxy

---
 nginx/conf/nginx.conf | 2 +-
 nginx/letsencrypt.py  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/nginx/conf/nginx.conf b/nginx/conf/nginx.conf
index b684bbec..5be5a77a 100644
--- a/nginx/conf/nginx.conf
+++ b/nginx/conf/nginx.conf
@@ -42,7 +42,7 @@ http {
       # In any case, enable the proxy for certbot if the flavor is letsencrypt
       {% if TLS_FLAVOR == 'letsencrypt' %}
       location ^~ /.well-known/acme-challenge/ {
-          proxy_pass http://localhost:8000;
+          proxy_pass http://localhost:8008;
       }
       {% endif %}
 
diff --git a/nginx/letsencrypt.py b/nginx/letsencrypt.py
index 18aea292..b6044eca 100755
--- a/nginx/letsencrypt.py
+++ b/nginx/letsencrypt.py
@@ -12,7 +12,7 @@ command = [
     "-m", "{}@{}".format(os.environ["POSTMASTER"], os.environ["DOMAIN"]),
     "certonly", "--standalone",
     "--cert-name", "mailu",
-    "--preferred-challenges", "http", "--http-01-port", "8000",
+    "--preferred-challenges", "http", "--http-01-port", "8008",
     "--keep-until-expiring",
     "--rsa-key-size", "4096",
     "--config-dir", "/certs/letsencrypt",