Hi I have Certbot installed as a snap. https://iatse118.com/ is on Ubuntu Bionic for a Laravel website on Vultr, using Nginx as the webserver.
I have things set up now but I want to report my issue anyway because I want to do better at this, or maybe someone else has the same problem.
I got an email about the certificate expiring in a couple of days, so I went and manually ran the certificate renewal from the shell and it crashed the site.
With a little help, I was able to learn that running certbot renew –quiet had added additional identical directive blocks in nginx.conf .
The problem was resolved by removing the clone blocks from nginx.conf and installing a root cron for Certbot renewal in /etc/cron.d/certbot instead of trying to execute the renewal as the regular user.
The cron looks like this:
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
This cron gets installed, I understand, when installing the apt-get Certbot package, but not the snap. Not sure what is going on here.
I realize the issue may be in part due to my knowledge. However I set up a Certbot cert on a DO server some time back and have had no problems with it, renewals run by cron for regular user.
It is hard to say for sure without seeing the original configuration (which might still be available in /var/lib/letsencrypt/backups by the way).
My suspicion is that the nginx confguration already had duplicate port 80 server blocks for server_name iatse118.com. It may well be the case that it was working fine before (by pure coincidence), and then when Certbot made its modifications, things flipped around and it was no longer working.
I am assuming that when you say that "it crashed the site" that nginx was still able to run but your website was broken, not that the nginx itself refused to start.
Hi _az,
The site was working fine before but I may have not got it completely right. Its not like I set up servers every day or anything.
Nginx was not displaying, just a firefox message about too many redirects or something, which I dont have now. Nginx was running, I believe, with a bad config, but it wasnt able to respond to the request properly.