Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

Every man is as God made him, ay, and often worse. -- Miguel de Cervantes


rocksolid / Linux / auto reload nginx after letsencrypt cert update

SubjectAuthor
o auto reload nginx after letsencrypt cert updateRetro Guy

1
Subject: auto reload nginx after letsencrypt cert update
From: Retro Guy
Newsgroups: rocksolid.shared.linux
Organization: Rocksolid Light
Date: Wed, 7 Apr 2021 00:21 UTC
Path: i2pn2.org!.POSTED!not-for-mail
From: retro....@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.shared.linux
Subject: auto reload nginx after letsencrypt cert update
Date: Wed, 7 Apr 2021 00:21:50 +0000
Organization: Rocksolid Light
Message-ID: <e30533d3cc16b5d3b165f34b38645d86$1@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="26855"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$wdRdZuEsnhMfgYU2FYyJF.CTj0tXUk/.Y.iu1UoF8qIhBJajHsxQ.
View all headers
Getting tired of my sites saying the cert is expired even after it's auto-renewed. Every 90 days, each site does this until either I reload nginx or it happens automatically for some reason.

Note: This is for letsencrypt certs:

renew-hook has been deprecated in recent versions of certbot. Plus, debian moved from using cronjobs for automatic renewals to systemd timer if they are available. On the other hand, now certbot supports having hooks in configuration files. So, instead of what is described above, i would suggest creating a file /etc/letsencrypt/renewal-hooks/deploy/01-reload-nginx with the following content:

#! /bin/sh
set -e

/etc/init.d/nginx configtest
/etc/init.d/nginx reload

don’t forget to make the file executable.

Found the above here: https://www.guyrutenberg.com/2017/01/01/lets-encrypt-reload-nginx-after-renewing-certificates/

Let's see how it does on the next renewals.

Retro Guy
--
Posted on Rocksolid Light


1
rocksolid light 0.7.2
clearneti2ptor