Using acme.sh and hosting multiple domains

There are several websites I am running off this domain. One of the best utility applications I am running is called ntfy.sh, which I’ve written about here before. My setup is I have the ntfy application running as a standalone application listening on its own port, and using the reverse proxy feature on nginx any traffic coming into notifications.notlocalhost.dev gets redirected to that local port.

One of the problems with this approach is that it redirects everything, including the verification request my certificate provider (through acme.sh) sends through.

I used something like the below snippet

        location / {
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_pass https://127.0.0.1:8787;
                }

The problem here is that when acme.sh runs, the provider looks for the the well-known secret at http://notifications.notlocalhost/.well-known/ and because all traffic is redirected as above the cronjob I was using the update the certificate would always fail on this subdomain because of its unconventional setup.

So the problem I needed to fix was for requests going to notifications.notlocalhost.dev, send them to the ntfy.sh instance at port 8787 and when nginx sees a request for notifications.notlocalhost.dev/.well-known/ it should use the document root instead.

I needed something like

location /.well-known/{
                root /var/www/notifications.notlocalhost.dev;
}

which I pasted above the snippet shown above.