diff --git a/certbotd.sh b/certbotd.sh
index db01da0..62f4a1e 100755
--- a/certbotd.sh
+++ b/certbotd.sh
@@ -1,5 +1,10 @@
 #!/bin/sh
 
+if test -z "${NODES}"; then
+  echo "The env var NODES is empty, if you don't want to synchronize to other servers, set SINGLE_NODE=true" >&2
+  exit 1
+fi
+
 lock=/tmp/certbot.lck
 
 ensure() {
@@ -12,6 +17,8 @@ ensure() {
   find /etc/letsencrypt -type f | xargs -r chmod 640
   chgrp -R ssl /etc/letsencrypt
 
+  ${SINGLE_NODE:-false} && exit 0
+
   # Push certificates to nodes, we use SSH as a secure transport
   # but this means we're synchronizing from container to host which is
   # awkward.  A restricted rsync treats / as the remote location for the