To use the docker arguments with LetsEncrypt, I do the following:

/usr/bin/certbot certonly --standalone --email [email protected] -d status.mydomain.com --agree-tos

This will generate the pem files in the directory

/etc/letsencrypt/live/status.mydomain.com/

docker volume create uptime-kuma

You should now have the uptime-kuma docker volume directory:

/var/lib/docker/volumes/uptime-kuma/_data/

mkdir -p /var/lib/docker/volumes/uptime-kuma/_data/ssl

cp /etc/letsencrypt/live/status.mydomain.com/*.pem /var/lib/docker/volumes/uptime-kuma/_data/ssl

You should be able to see all the pem files when you do:

ls /var/lib/docker/volumes/uptime-kuma/_data/ssl

0 0 1,15 * * /usr/bin/certbot renew --standalone --preferred-challenges http; cp /etc/letsencrypt/live/status.mydomain.com/*.pem /var/lib/docker/volumes/uptime-kuma/_data/ssl; /usr/bin/docker restart uptime-kuma

NOTE: This crontab will copy the pem files and restart the container whether the certs have expired or not. You can write a proper script to check if the certs are really expired before renewal, but the above is good enough for a start.

docker run -d --restart=always -p 3001:3001 -v uptime-kuma:/app/data --env SSL_KEY="/app/data/ssl/privkey.pem" --env SSL_CERT="/app/data/ssl/fullchain.pem" --name uptime-kuma louislam/uptime-kuma:1

When you start the container, do a:

docker logs -f uptime-kuma

to see the startup process and make sure HTTPS is being used. You should see something like this:

This method works well for me, no need to worry about the websockets.