## nginx service for getting letsencrypt certificates

Get real letsencrypt certificates in IPv6 based clusters.

### Architecture

* nginx/port 80 serves only the root for letsencrypt
* nginx/port 443 crashes until the cert is there
* A job (certbot) gets the cert

## Missing bits

* cronjob for renewal
* Automatic restart of nginx
* Fixing the service <-> pod mapping problem (goes to both http/https
  pods)

## Brain storming

### certbot --standalone / init container

* Could in theory be used as an init container
* nginx / port 80+443 could take over afterwards

Conclusion: does not work, as initcontainers are not targetted by
services


### certbot --standalone / job

Similar pattern as before -> works, because ports of jobs are caught
by the service!