{"id":"btcpayserver-letsencrypt-nginx-proxy-companion","name":"letsencrypt-nginx-proxy-companion","af_score":45.2,"security_score":42.8,"reliability_score":36.2,"what_it_does":"A Docker companion container that automates Let’s Encrypt certificate issuance/renewal for Nginx Proxy based setups (commonly with nginx-proxy/nginx-proxy-manager style), wiring certificate generation into the reverse-proxy workflow.","best_when":"You run Nginx behind a Docker-based dynamic proxy and want automatic Let’s Encrypt certificates with minimal ops overhead.","avoid_when":"You cannot run Docker (or equivalent container runtime) or cannot accommodate ACME HTTP/DNS reachability requirements for Let’s Encrypt validation.","last_evaluated":"2026-04-04T21:33:41.731945+00:00","has_mcp":false,"has_api":false,"auth_methods":["No user-facing auth for an API (primarily uses ACME/Let’s Encrypt account + validation)","ACME account registration handled by the companion","Optional use of DNS provider credentials if configured for DNS-01"],"has_free_tier":false,"known_gotchas":["ACME validation failures are commonly due to reachability (ports/DNS/HTTP routing) rather than code issues; automated retries may not help without fixing networking.","Rate limits from Let’s Encrypt can occur if misconfigured; ensure proper constraints before repeated issuance attempts.","Secret/config handling (DNS provider credentials, email/account settings) is critical; agents should avoid logging env/secret values.","Container wiring (volumes, nginx-proxy companion environment variables, and correct network/hostname) must match the expected layout; small deviations can break renewals."],"error_quality":0.0}