diff --git a/nginx/certbot-renew b/nginx/certbot-renew
index 4d3bfd6..71921b7 100755
--- a/nginx/certbot-renew
+++ b/nginx/certbot-renew
@@ -1,4 +1,6 @@
 #!/bin/bash
+die() { echo >&2 "$@" ; exit 1 ; }
+
 source ../env.production
 source ./env.production
 
@@ -7,12 +9,17 @@ rsa_key_size=2048
 
 set -x
 
+# move the old live directory away
+rm -rf data/certbot/conf/live.old
+mv data/certbot/conf/live data/certbot/conf/live.old
+
 docker-compose run --rm certbot \
   certonly --webroot -w /var/www/certbot \
     $staging_arg \
     --email "admin@$DOMAIN_NAME" \
     --rsa-key-size $rsa_key_size \
     --agree-tos \
+    --no-eff-email \
     --force-renewal \
     $domain_args \
 || die "unable to renew!"
diff --git a/nginx/docker-compose.yaml b/nginx/docker-compose.yaml
index 7a71b60..2f5c93f 100644
--- a/nginx/docker-compose.yaml
+++ b/nginx/docker-compose.yaml
@@ -6,11 +6,11 @@ services:
       - "80:80"
       - "443:443"
     volumes:
-      - ./data/nginx/nginx.conf:/etc/nginx/nginx.conf
-        #- ./data/nginx/sites-enabled:/etc/nginx/sites-enabled
-      - ./data/nginx/templates:/etc/nginx/templates
-      - ./data/certbot/conf:/etc/letsencrypt
+      - ./nginx/nginx.conf:/etc/nginx/nginx.conf
+      - ./nginx/templates:/etc/nginx/templates
+      - ./nginx/includes:/etc/nginx/includes
       - ./data/certbot/www:/var/www/certbot
+      - ./data/certbot/conf:/etc/letsencrypt
     env_file:
       -  ../env.production
       -  env.production
diff --git a/nginx/data/certbot/conf/challenge.conf b/nginx/nginx/includes/challenge.conf
similarity index 100%
rename from nginx/data/certbot/conf/challenge.conf
rename to nginx/nginx/includes/challenge.conf
diff --git a/nginx/data/certbot/conf/options-ssl-nginx.conf b/nginx/nginx/includes/options-ssl-nginx.conf
similarity index 100%
rename from nginx/data/certbot/conf/options-ssl-nginx.conf
rename to nginx/nginx/includes/options-ssl-nginx.conf
diff --git a/nginx/data/certbot/conf/ssl-dhparams.pem b/nginx/nginx/includes/ssl-dhparams.pem
similarity index 100%
rename from nginx/data/certbot/conf/ssl-dhparams.pem
rename to nginx/nginx/includes/ssl-dhparams.pem
diff --git a/nginx/data/nginx/nginx.conf b/nginx/nginx/nginx.conf
similarity index 100%
rename from nginx/data/nginx/nginx.conf
rename to nginx/nginx/nginx.conf
diff --git a/nginx/data/nginx/templates/000-default.conf.template b/nginx/nginx/templates/000-default.conf.template
similarity index 82%
rename from nginx/data/nginx/templates/000-default.conf.template
rename to nginx/nginx/templates/000-default.conf.template
index 31c286a..47b26a6 100644
--- a/nginx/data/nginx/templates/000-default.conf.template
+++ b/nginx/nginx/templates/000-default.conf.template
@@ -32,9 +32,9 @@ server {
 	listen 443 ssl;
 	ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	include /etc/letsencrypt/challenge.conf;
-	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+	include /etc/nginx/includes/options-ssl-nginx.conf;
+	include /etc/nginx/includes/challenge.conf;
+	ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
 
 }
 
diff --git a/nginx/data/nginx/templates/cloud.conf.template b/nginx/nginx/templates/cloud.conf.template
similarity index 88%
rename from nginx/data/nginx/templates/cloud.conf.template
rename to nginx/nginx/templates/cloud.conf.template
index 646aa0e..ccf30fe 100644
--- a/nginx/data/nginx/templates/cloud.conf.template
+++ b/nginx/nginx/templates/cloud.conf.template
@@ -45,9 +45,9 @@ server {
 	listen 443 ssl;
 	ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	include /etc/letsencrypt/challenge.conf;
-	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+	include /etc/nginx/includes/options-ssl-nginx.conf;
+	include /etc/nginx/includes/challenge.conf;
+	ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
 
 }
 
diff --git a/nginx/data/nginx/templates/docs.conf.template b/nginx/nginx/templates/docs.conf.template
similarity index 91%
rename from nginx/data/nginx/templates/docs.conf.template
rename to nginx/nginx/templates/docs.conf.template
index c04c458..ef4244a 100644
--- a/nginx/data/nginx/templates/docs.conf.template
+++ b/nginx/nginx/templates/docs.conf.template
@@ -52,9 +52,9 @@ server {
 	listen 443 ssl;
 	ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	include /etc/letsencrypt/challenge.conf;
-	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+	include /etc/nginx/includes/options-ssl-nginx.conf;
+	include /etc/nginx/includes/challenge.conf;
+	ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
 }
 
 
diff --git a/nginx/data/nginx/templates/login.conf.template b/nginx/nginx/templates/login.conf.template
similarity index 79%
rename from nginx/data/nginx/templates/login.conf.template
rename to nginx/nginx/templates/login.conf.template
index 8a0272b..d51c0ab 100644
--- a/nginx/data/nginx/templates/login.conf.template
+++ b/nginx/nginx/templates/login.conf.template
@@ -21,9 +21,9 @@ server {
 	listen 443 ssl;
 	ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	include /etc/letsencrypt/challenge.conf;
-	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+	include /etc/nginx/includes/options-ssl-nginx.conf;
+	include /etc/nginx/includes/challenge.conf;
+	ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
 }
 
 
diff --git a/nginx/data/nginx/templates/social.conf.template b/nginx/nginx/templates/social.conf.template
similarity index 78%
rename from nginx/data/nginx/templates/social.conf.template
rename to nginx/nginx/templates/social.conf.template
index dc16471..c56e066 100644
--- a/nginx/data/nginx/templates/social.conf.template
+++ b/nginx/nginx/templates/social.conf.template
@@ -20,9 +20,9 @@ server {
 	listen 443 ssl;
 	ssl_certificate /etc/letsencrypt/live/${DOMAIN_NAME}/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/${DOMAIN_NAME}/privkey.pem;
-	include /etc/letsencrypt/options-ssl-nginx.conf;
-	include /etc/letsencrypt/challenge.conf;
-	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+	include /etc/nginx/includes/options-ssl-nginx.conf;
+	include /etc/nginx/includes/challenge.conf;
+	ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
 }