This is probably a very basic question, but i would love if someone more experienced can comment.
I am scratching my head what would be the best way to install cerbot user right managment wise am a bit lost here and want to have my Cron renew working reliable and tested.
I just installed Certbot on Ubuntu 16.04 with Nginx by using certbot —nginx command
by using the root user on a root serverr, it works like a charm to register the domains and get https.
certbot renew --dry-run
gave me
1 Congratulations, all renewals succeeded
so afterwards i entered
crontab -e (using the root user)
and added this line in it
0 0 * * * /usr/bin/certbot renew -q --post-hook “/usr/sbin/service nginx restart”
Ubuntu was noting that it dont allow Cron on root user, but was fixing that automatically, just dont know which user it took instead.
But finished sucessfull, cronjob added
Now i am a bit lost in the structure, have no direct problem, just dont thrust what idid there,
i want to have my user rights properly for auto renewal.
I have no idea if the renew will work in the future and it looks liket this isnt easy to test (for me).
Which Crontab to use? crontab -e command or editing the crontab file in /etc/ (looks like there are quite some options)?
Does it make sense to make a complete new user just for this certbot renew task, superuser with sudo rights (with or without password)?
Or was it ok using the root, may dont matter?
So i would may make a fresh install of certbot with this new superuser and do the crontab file editing also with this user.