@EmberHeartshine
Following the indications found here:
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep
int(rand(43200))' && certbot -q renew
to the crontab file
Based on the hints found here: https://serverfault.com/questions/790772/cron-job-for-lets-encrypt-renewal, I also systemctl enabled
certbot.timer
:
marco@pc01:/etc/cron.d$ systemctl enable certbot.timer
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files ===
Authentication is required to manage system service or unit files.
Authenticating as: marco
Password:
==== AUTHENTICATION COMPLETE ===
==== AUTHENTICATING FOR org.freedesktop.systemd1.reload-daemon ===
Authentication is required to reload the systemd state.
Authenticating as: marco
Password:
==== AUTHENTICATION COMPLETE ===
marco@pc01:/etc/cron.d$ systemctl start certbot.timer
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to start 'certbot.timer'.
Authenticating as: marco
Password:
==== AUTHENTICATION COMPLETE ===
marco@pc01:/etc/cron.d$ sudo systemctl list-timers
[sudo] password for marco:
NEXT LEFT LAST PASSED UNIT
ACTIVATES
Sat 2019-07-20 02:53:15 UTC 8h left Fri 2019-07-19 14:14:58 UTC 3h 40min
ago motd-news.timer motd-news.service
Sat 2019-07-20 05:30:07 UTC 11h left Fri 2019-07-19 13:26:36 UTC 4h 28min
ago certbot.timer certbot.service
Sat 2019-07-20 05:33:22 UTC 11h left Fri 2019-07-19 13:26:36 UTC 4h 28min
ago apt-daily.timer apt-daily.service
Sat 2019-07-20 06:34:30 UTC 12h left Fri 2019-07-19 13:26:36 UTC 4h 28min
ago apt-daily-upgrade.timer apt-daily-upgrade.service
Sat 2019-07-20 13:41:58 UTC 19h left Fri 2019-07-19 13:41:58 UTC 4h 13min
ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
Mon 2019-07-22 00:00:00 UTC 2 days left Mon 2019-07-15 06:23:55 UTC 4
days ago fstrim.timer fstrim.service
n/a n/a Fri 2019-07-19 13:28:50 UTC 4h 26min ago
ureadahead-stop.timer ureadahead-stop.service
7 timers listed.
Pass --all to see loaded but inactive timers, too.
As far as I understand the renewal process should now restart properly… am I right or is there something more to do and / or to fix?
And another thing I do not understand is that in this file
nano /lib/systemd/system/certbot.timer
[Unit]
Description=Run certbot twice daily
[Timer]
OnCalendar=*-*-* 00,12:00:00
RandomizedDelaySec=43200
Persistent=true
[Install]
WantedBy=timers.target
seems that it is already set to run certbot twice a day… why it didn’t happen then?
Thanks again for your kind help.
Marco