The thing is I need to touch a file when renew happend but not when it was provisioned for the first time.
But I’m getting this error Argument --renew-hook: conflicts with --deploy-hook value
Any ideas ?
I know I can do conditions inside my bash script, so just asking.
Ok, I guess my question is not really relevant, I just don’t need there the --deploy–hook argument.
The --renew–hook will only run if the renewal was successful right ? So if certbot doesn’t renew the certificate beacuse the certificate is not yet eligible for renewal the hook will not run. Is that correct ?
Yes, that is right, and that is right for --deploy-hook too.
Yes, that is correct, and the same for --deploy-hook.
Keep in mind, --renew-hook is a hidden option since certbot version 0.19 because they deployed a new param called --deploy-hook and this is the one you should use. Both params are doing the "same", but the main difference is that --renew-hook is only called on renewals and --deploy-hook is called not only on renwals but on new issued certs too.
An example, you want to get a certificate for your new domain superdomain.tld and execute this command /etc/init.d/httpd graceful automatically,
You will get your certificate AND /etc/init.d/httpd graceful command will be executed when issuing the cert and in the next renewal it will be executed too.
Edit: I forgot to say that you can use several commands on --deploy-hook if you want: