* Router routes 80 and 443 to docker host
* Docker host has LetsEncrypt + nginx running with 80 + 443 exposed to the container
* Nginx config is routing everything from 80 to 443
* LetsEncrypt obtains certs that nginx uses to encapsulate the traffic that it proxies
* The apps (dockers) that are serving content on 80 (rerouted through docker ports)
So, in this config, the apps are hosting unencrypted content. But, that doesnt matter as nginx is handling the encryption. And while many dockers that support you providing them an ssl cert so they can do the encryption, it's not necessary as nginx is handling it.
Yes? No? Maybe?