Not 4 hours after standing up a website, I learned that some US ISPs inject content into plain HTTP webpages. I guess the time to set up HTTPS is now!
If you can pack your site into a docker container, there's a super simple way to use nginx + let's encrypt to do all the work for you!
That's the stack I had in mind. Is that a pre-built docker image with certbot or similar configured? I'm trying to do things relatively manually, in an effort to dispel some of the mystery around sysadmin work. That said, having a Dockerfile to validate against would be nice!