[Question] Proper way to include LetsEncrypt certificates into the docker container

[RandomWolf]

Hello!
Firstly my apologies if it is not proper form to ask questions like these in an issues forum, but I wouldn't know where else to ask.
I am currently trying to run this docker container on my server, and was about to set it up with an NGINX Reverse Proxy on my Debian 10 server as described via the readme file.

Now my question lies in what the proper way would be to include the letsencrypt certificates in the docker-compose volume parameters:
The following code provides a "Permission denied" error, as to be expected since the certificate folder is not available to the current user:

    volumes:
      - /home/nico/metube/downloads:/downloads
      - /etc/letsencrypt/live/example.de/fullchain.pem:/ssl/crt.pem
      - /etc/letsencrypt/live/example.de/privkey.pem:/ssl/key.pem

My first thought would be to copy the folders into the metube project folder, but that would require intervention each time the certificate updates.
Is there a better way to link the key, without modifying the certificates folder permissions to much?

[PikuZheng]

I don't think it is necessary to deploy a certificate on metube. Nginx uses http to communicate with metube, and only uses https when communicating with nginx from outside. The certificate only needs to be deployed on nginx.

[RandomWolf]

I don't think it is necessary to deploy a certificate on metube. Nginx uses http to communicate with metube, and only uses https when communicating with nginx from outside. The certificate only needs to be deployed on nginx.

Thank you for the reply! You were correct, MeTube itself seems to work (were it not for Youtubes Bot-Check, but thats unrelated, and a known circumvention exists)

Still, as I am inexperienced in this field, what would the proper way for this be if there is one?

[PikuZheng]

https://github.com/alexta69/metube?tab=readme-ov-file#https-support-and-running-behind-a-reverse-proxy fyi