OK it seems I got to my endgoal. Which was to get cert bot working with nginx. I ended up doing everything inside the docker container just because it turned out to be much easier.

I roughly followed this tutorial

Basically create a dockercompose yaml file. with 3 services in my case because I aldo had the next js frontend. The key seems to be setting up the volumes correctly.

services:
  webserver:
    image: nginx:latest
    ports:
      - 80:80
      - 443:443
    restart: always
    volumes:
      - ./nginx/conf/:/etc/nginx/conf.d/:ro
      - ./certbot/www:/var/www/certbot/:ro
      - ./certbot/conf/:/etc/nginx/ssl/:ro (For me etc/letencrypt is what worked for me here after the :'s)
  certbot:
    image: certbot/certbot:latest
    volumes:
      - ./certbot/www/:/var/www/certbot/:rw
      - ./certbot/conf/:/etc/letsencrypt/:rw

Using this I just added the frontend container. I also had a nginx.conf file.

I didnt follow the tutorial exactly here so I had to have 2 diffrent configs. One only port 80 and acme challange. And the other one was port 80 and 443 and the acme challange in 443. (I am not sure if the acme should be in 443 I think if I had it in port 80s server block it would have worked with one file) Anyway I used the first config then created the keys using docker exec to control the certbot config. Then switched to the second config. One thing I had in my docker file was a entrypoint that the tutorial doesnt mention. Namely /bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" this script in the entrypoint field under certbot. This should run renew every 12 hours to try and renew the cert but you can only renew when you have 30 days left on the 90 day cert so its not as wasteful as you might think. Still is wasteful but it was the easiest way IMO.

Also if someone else knows better please let me know if I should move the acme to port 80 instead of 443 even with this entrypoint because technically the cert should never run out.