The certificate renewed but nginx didn't get reloaded by the post-hook for some reason

Post-mortem: The certbot package defined a systemd timer and a /etc/cron.d/ entry for renewal, so my own crontab entry that defined a post-hook never got to do the renewing

@gargron I had exactly the same problem when I started using certbot, super annoying!

Follow

@benofbrown
I write a script call by cron to check if the NGinx was still alive, after 3 try (10 minutes total) it try to restart the service.
@Gargron

@C_Chell @gargron Restart or reload? Restart's probably overkill.

It works fine now with my actual hook in place. I noticed it before the cert expired as my hook emails a notification and that notification wasn't being sent.

@benofbrown
On my configuration, I notice NGinx was reload but at the same time, certbot didn't release the ports so NGinx won't load the ports and I need to do a "service restart" to force NGinx to relisten on 80 and 443.
@Gargron

@C_Chell You might want to look at running certbot in certonly/webroot mode, it's a lot less intrusive.

@benofbrown I change it recently, but I have to recheck the configuraiton soon to be sure.

Sign in to participate in the conversation
Equestria Social Network

⚠️ Due to some spam, the instance is currently on approval admission mode, I will work to accept account as soon as I can. ⚠️
Be clear in your register message, or you will be considered as spam account (one word message or non sense messages will be rejected directly)
If you not receive the mail, try looking in the spam folder or another address, some mail provider block the confirmation mail.
Also if you don't receive your confirmation soon after your registration, this can because the mail serveur is ban from your mail provider, try to change address.

⚠️ En raison de spam, l'instance est en mode approbation manuelle des comptes, J'essaye d'autoriser les comptes le plus rapidement possible. ⚠️
Soyez clair dans votre message, sinon vous serez considéré comme compte spam (Messages en 1 mot ou sans sens seront rejetés directement)
Si vous ne recevez pas le mail de confirmation, essayez de regarder dans le dossier spam ou essayez une autre adresse, certains fournisseurs de mail bloquent le mail de confirmation.
Si vous ne recevez pas rapidement votre mail de confirmation, cela peut être dû au fait que le serveur mail est banni par votre fournisseur de mail, essayez de changer l'adresse.

Equestria.Social (EQS) is a Mastodon instance for all pony fans, created to federate Bronies and Pegasisters wanting to join the fediverse, and those already present ! But we are opened to everyone !

Equestria.Social (EQS) est une instance Mastodon pour tous les fans de poneys, créée pour fédérer les Bronies et Pegasisters voulant rejoindre le "fediverse", et ceux déjà présents ! Mais nous sommes ouverts à tous !

Equestria.Social (EQS) is a Mastodon instance for all pony fans, created to federate Bronies and Pegasisters wanting to join the fediverse, and those already present ! But we are opened to everyone !


Nos copains ! (Aussi fans de poneys)

Our friends ! (Also pony fans)

Radio Brony

Webradio Brony

Brony Webradio

Canterlot Comics

Bibliothèque de comics

Comics library

Le Poney Blanc

Magazine autour de MLP

Magazine about MLP

Bronies .fr

Calendrier de meet-ups Bronies

Bronies meet-ups calendar

New Lunar Republic

Streaming MLP

MLP streaming

MLP France

Streaming MLP

MLP streaming

Need for Ponies

Streaming MLP

MLP streaming


Si vous le souhaitez, vous pouvez aider financièrement l'instance sur LiberaPay (C'est un peu comme Patreon ou Tipeee, mais en libre).

If you wish, you can financially help the instance on LiberaPay (It's a bit like Patreon or Tipeee, but free).