1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CertBot 'eepy

Discussion in 'Feedback & Suggestions' started by Gareth Halfacree, 27 Nov 2023.

  1. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,035
    Likes Received:
    6,569
    @MLyons Looks like CertBot's sleeping on the job: the certificate's expired.

    upload_2023-11-27_9-58-0.png
     
  2. MLyons

    MLyons 70% Dev, 30% Doge. DevDoge. Software Dev @ Corsair Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    3 Mar 2017
    Posts:
    4,171
    Likes Received:
    2,726
    Fixed. Automating this was one of the things I planned to do but then we went to Corsair. For some reason it won't automate.
     
    adidan and Gareth Halfacree like this.
  3. yuusou

    yuusou Multimodder

    Joined:
    5 Nov 2006
    Posts:
    2,840
    Likes Received:
    897
    /etc/cron.daily/certbot-renew
    Code:
    certbot renew --rsa-key-size 4096 --webroot -w /var/www/letsencrypt --post-hook "systemctl restart nginx" 2>&1
    Set the permissions to the same as your files being served
    Code:
    sudo mkdir -p /var/www/letsencrypt/.well-known && sudo chown -Rf nginx: /var/www/letsencrypt
    nginx config (I keep this in a snippet file that I then import into every domain)
    Code:
    location ^~ /.well-known/acme-challenge/ {
        default_type "text/plain";
        root /var/www/letsencrypt;
    }
    
    You can then test with a dry-run
    Code:
    sudo certbot renew --dry-run --rsa-key-size 4096 --webroot -w /var/www/letsencrypt --post-hook "systemctl restart nginx" 2>&1
     
    adidan likes this.

Share This Page