I have certbot-auto installed on a pair of CentOS6 servers that host ruby apps which are proxied through nginx. These ruby apps rely on the rvm environment to run (necessary detail). The renewals are working fine. What I’m a bit confused about is when certbot will try to update itself & any dependencies. The reason this concerns me is because RVM sets up ruby environments based on libraries installed via yum. Updating these system libraries can break gems. So, I have some concern that certbot-auto will update itself & any necessary system dependencies will be installed/upgraded automatically via yum, which can, in turn, break RVM.
The thing is, I don’t understand how certbot-auto is updating itself. It’s been running fine via cron for 2 months. However, I ran a dry-run to test something today & all of a sudden it started to call yum to update dependencies, like it was bootstrapping itself all over again. This may be a total coincidence, but I’m wondering why certbot didn’t seem to try to update itself while running via cron, but did when I ran it manually? Is that use case accurate?