Use `ps | grep` instead of `jobs | grep`

It appears that `jobs` won't track the nginx processes started from a
config reload, so let's use `ps` instead.  Also, set `reuseport` on all
listen interfaces in order to dodge kernels that don't like `nginx`
restarting quickly.

src/Dockerfile

@@ -8,7 +8,7 @@ EXPOSE 443
 # Do this apt/pip stuff all in one RUN command to avoid creating large
 # intermediate layers on non-squashable docker installs
 RUN apt update && \
-    apt install -y python python-dev libffi6 libffi-dev libssl-dev curl build-essential && \
+    apt install -y python python-dev libffi6 libffi-dev libssl-dev curl build-essential procps && \
     curl -L 'https://bootstrap.pypa.io/get-pip.py' | python && \
     pip install -U cffi certbot && \
     apt remove --purge -y python-dev build-essential libffi-dev libssl-dev curl && \

src/nginx_conf.d/certbot.conf

@@ -1,7 +1,7 @@
 server {
     # Listen on plain old HTTP
-    listen 80 default_server;
+    listen 80 default_server reuseport;
-    listen [::]:80 default_server;
+    listen [::]:80 default_server reuseport;
 
     # Pass this particular URL off to certbot, to authenticate HTTPS certificates
     location '/.well-known/acme-challenge' {

src/scripts/entrypoint.sh

@@ -31,7 +31,7 @@ while [ true ]; do
     # Make sure we do not run container empty (without nginx process).
     # If nginx quit for whatever reason then stop the container.
     # Leave the restart decision to the container orchestration.
-    if ! jobs | grep --quiet nginx ; then
+    if ! ps aux | grep --quiet nginx ; then
         exit 1
     fi