There should only be one .env file. It contains environment variables for the Mattermost application container, the nginx container (optional) and the PostgreSQL database container, so with the full-blown use, you will have three containers running, which is what we’re going to do now.
The scripts/issue-certificate.sh script should have created the certificates below the current working directory in a folder called “certs”, so let’s assume you’re docker base directory is /home/jpzone/mattermost, the .env file should be at the same level as the certs folder then.
You should then see a subfolder with the relevant *.pem files in certs/etc/letsencrypt/live/YOUR_MM_DOMAIN/ and the .env file already contains the configuration for that, you just need to make sure the correct lines are uncommented.
By default, it looks like this:
CERT_PATH=./volumes/web/cert/cert.pem
KEY_PATH=./volumes/web/cert/key-no-password.pem
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
#CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
#KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem
CERT_PATH and KEY_PATH need to be available from where you start the docker compose command, so in this example, you would have to change the lines in the .env file so that the second occurences are active:
#CERT_PATH=./volumes/web/cert/cert.pem
#KEY_PATH=./volumes/web/cert/key-no-password.pem
#GITLAB_PKI_CHAIN_PATH=<path_to_your_gitlab_pki>/pki_chain.pem
CERT_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/fullchain.pem
KEY_PATH=./certs/etc/letsencrypt/live/${DOMAIN}/privkey.pem