From d4676647cba2d897fa66d43542d2c78de408754f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mika=C3=ABl=20Capelle?= <capelle.mikael@gmail.com>
Date: Tue, 27 May 2025 12:38:26 +0000
Subject: [PATCH] Fix renew certificates issue with authenticated hosts.

---
 docker-compose.yml      | 1 +
 nginx.tmpl              | 2 ++
 vhost.d/aoc.typename.fr | 1 +
 3 files changed, 4 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 114b4ed..f44ad0b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,6 +4,7 @@ services:
     container_name: nginx_proxy
     restart: always
     ports:
+      # port 80 is needed for ACME challenge with certbot
       - "80:80"
       - "443:443"
     volumes:
diff --git a/nginx.tmpl b/nginx.tmpl
index 406add0..f824eb3 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -205,6 +205,8 @@ server {
 
         location /.well-known/acme-challenge {
                  root /var/www/certbot;
+                 auth_request off;
+                 auth_basic off;
         }
 
         location / {
diff --git a/vhost.d/aoc.typename.fr b/vhost.d/aoc.typename.fr
index 88ad496..7b39499 100644
--- a/vhost.d/aoc.typename.fr
+++ b/vhost.d/aoc.typename.fr
@@ -4,3 +4,4 @@ auth_basic_user_file /etc/nginx/vhost.d/aoc_auth.htpasswd;
 proxy_read_timeout 300;
 proxy_connect_timeout 300;
 proxy_send_timeout 300;
+