Add the ability to control the certbot HTTP bind port

Fixes #330 (Github Issue).

roles/matrix-nginx-proxy/defaults/main.yml

@@ -198,6 +198,13 @@ matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_enc
 matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
 matrix_ssl_lets_encrypt_support_email: ~
 
+# Tells which interface and port the Let's Encrypt (certbot) container should try to bind to
+# when it tries to obtain initial certificates in standalone mode.
+#
+# This should normally be a public interface and port.
+# If you'd like to not bind on all IP addresses, specify one explicitly (e.g. `a.b.c.d:80`)
+matrix_ssl_lets_encrypt_container_standalone_http_host_bind_port: '80'
+
 matrix_ssl_base_path: "{{ matrix_base_data_path }}/ssl"
 matrix_ssl_config_dir_path: "{{ matrix_ssl_base_path }}/config"
 matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log"

roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml

@@ -21,7 +21,7 @@
     --name=matrix-certbot
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
     --cap-drop=ALL
-    -p 80:8080
+    -p {{ matrix_ssl_lets_encrypt_container_standalone_http_host_bind_port }}:8080
     -v {{ matrix_ssl_config_dir_path }}:/etc/letsencrypt
     -v {{ matrix_ssl_log_dir_path }}:/var/log/letsencrypt
     {{ matrix_ssl_lets_encrypt_certbot_docker_image }}