Browsers not picking up new SSL certificate

rg305 · February 23, 2021, 1:25am

You can't RUN that - it has to be added to CRON?
You aren't CRON are you?

griffin · February 23, 2021, 1:26am

Why can't he run it to test it? I lowered it to 40.

rg305 · February 23, 2021, 1:26am

He is not the CRON.
All hail the mighty CRON!

griffin · February 23, 2021, 1:27am

It's still commands though, right? Will it fail?

I just want to make sure nothing is broken in the cron task then silently failing

rg305 · February 23, 2021, 1:28am

Your input will fail you!
&& will split the commands and run the second part now.

hmm...

Perhaps encapsulating the whole string within single quotes - to force is as one command, then maybe.

But he is still NOT the CRON ! - LOL

griffin · February 23, 2021, 1:29am

How could we detect a failure then?

rg305 · February 23, 2021, 1:31am

Add it into CRON and wait.
[reduce the 43200 to 99 & the */12 (only every twelve hours) to * (every hour)]
You could do it more often like...
*/5 minutes, * hours
But you have to be sure to reduce the random wait time.

griffin · February 23, 2021, 1:33am

I figure it's probably the first part of that task (before the first &&) that was failing/filtering before. If that happens, certbot would never run, right?

rg305 · February 23, 2021, 1:34am

Yeah the whole (run as) "root" and "test" if this exists, and "this" doesn't exist part...
Seems to require a very specific syntax - which may have gotten lost in translation.

griffin · February 23, 2021, 1:35am

That's exactly my fear. I did find this:

rg305 · February 23, 2021, 1:36am

So it needs the "root" user definition.

griffin · February 23, 2021, 1:37am

That's part of the cron definition though, not the test command itself. Hence the sudo I added to run from the CL.

griffin · February 23, 2021, 1:39am

Gotta run for a bit. Back later.

rg305 · February 23, 2021, 1:39am

You still don't get it.
The way CRON interprets the rest of that line implies one single command is to be read (red).
The way the CLI interprets && can be different.

griffin · February 23, 2021, 1:40am

I agree there. I was just meaning the root was part of the cron syntax.

rg305 · February 23, 2021, 1:41am

Maybe like this:

sudo "test -x /usr/bin/certbot -a \! -d /run/systemd/system && sudo perl -e 'sleep int(rand(40))' && sudo certbot -q renew"

[YMMV]

griffin · February 23, 2021, 1:42am

I'd like to see it broken down into individual pieces executed. Just to see how it fits (or doesn't fit) together.

Personally, I don't see the value in repeatedly testing if certbot is executable by root.

rg305 · February 23, 2021, 1:43am

But that is not the test.
There is an "AND NOT" there.

It reads [in geEkNGLISH]...
If /usr/bin/certbot can be executed AND directory /run/systemd/system doesn't exist, then:
Sleep for a random amount of time (less than 12 hours) and then run:
certbot -q renew

griffin · February 23, 2021, 1:44am

Here's an example directly from the stackexchange topic I shared:

test -1 -gt -2 && echo yes would print yes

-1 is clearly greater than -2, so echo yes

I think if you run this in Linux straight from the CL you'll get yes.

griffin · February 23, 2021, 1:47am

Why do we care if that directory exists, I wonder?