MAKE SURE to always keep backups of /etc/letsencrypt, on external media. Use of rsync is recommended, for backups, as it handles backups incrementally and it’s generally quite robust. Refer to the rsync manpage for info.[1]
I wrote the above rsync command based on information found on the web.
I would like to know whether that rsync command is appropriate to backup /etc/letsencrypt/. Is it?
I imagine that you'd like to know what the certificates are used for: there are two certificates in that folders, one is used for a static website, and another one used for an instance of Jitsi. Also, I am wondering whether it makes sense to backup the Jitsi-one at all. Any feedback is welcome.
You should use rsync options that preserve symlinks
I don't use rsync myself but a quick look at its docs say certain settings are required for that.
And, as for that Fedfree blog, I suppose in the end it gets you set up but it has some basic misunderstandings of how Certbot works. As one example it does not understand how standalone, webroot, and renew should work. Thus, the entire process is far more awkward than it needs to be.
I wouldn't use that documentation at all. While everybody is entitled to their own opinion, in my opinion stating that you can better get 2 separate certificates for example.com and www.example.com because otherwise they would, as "separate domains", share a single keypair and that "may prove to be a headache later on".. Well.. I don't know. I call it simply the manure of an adult male of the species Bos taurus.
That said, the use of --links (or the short form -l) is required to actually make rsync copy the symlinks as actual symlinks instead of ignoring them. This option is enabled with the --archive option (short form is -a), so you're good with that.
Thank you for the feedback on Fedfree; I will read more about Certbot then. And thanks for point out that symlinks should be preserved - -a equals -rlptgoD, thus includes -l which preserves symlinks.