Clarification regarding cron activity


#1

Hi friends,
I’ve seen this activity on Cron:

Dec 20 00:00:01 server CRON[2130]: (root) CMD ([2131] test -x /usr/bin/certbot && perl -e 'sleep int(rand(3600))' && certbot -q renew)

But on root cron scheduled activity (regarding letsencrypt) I’ve only:

/bin/certbotrenew.sh

That contain:

/usr/bin/certbot renew --renew-hook "/usr/sbin/service apache2 reload" >> /var/log/certbot-renew.log
mail -s "CERTBOT Renewals" tail@sio4.org < /var/log/certbot-renew.log
exit 0

What does this cron log?

many thanks!


#2

If it helps this is how I run my cron for renewals and it works flawlessly.

make your own bash script in /bin/ or just replace the contents of /bin/certbotrenew.sh with the following

#!/bin/bash
cd /opt/certbot
sudo ./certbot-auto renew >> /var/log/certbot-renew.log
sudo service apache2 reload
mail -s "CERTBOT Renewals" youremail@wherever.com < /var/log/certbot-renew.log
exit 0

Then just run your cron every monday at 8pm like this

00 20 * * 1 /bin/certbotrenew.sh

or daily like this

00 20 * * * /bin/certbotrenew.sh


#3

Did you install certbot via your operating system’s package manager? If so, the package probably provided its own cron job in addition to the one you (I guess) created yourself. That’s likely what you’re seeing in the log.


#4

Yes!
And trying here the cron installed by apt on /etc/cron.d/certbot:

# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc.  Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root test -x /usr/bin/certbot && perl -e 'sleep int(rand(3600))' && certbot -q renew

Now the question is: is it safe to remove the above cron scheduling, considering I use a custom renew action?

many thanks again!


#5

I wouldn’t remove the file, but I’d imagine it should be safe to comment it out. Worst that can happen is it complains when you upgrade the package.


#6

in fact you’re right: “comment it out”

Perfect!

Very very thanks, to all!
:slight_smile:


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.