I installed certbot on ubuntu 16.04 from ppa. Version: 0.17.0.
I obtained a cert with
certbot --nginx so
/etc/letsencrypt/renewal/mydomain.com contains the following
authenticator = nginx
installer = nginx
account = ...
I wonder should I add
--deploy-hook /cmd/to/reload/nginx to
certbot renew or is it done automaticly?
From CertBot User Guide: https://certbot.eff.org/docs/using.html
If you want your hook to run only after a successful renewal, use --renew-hook in a command like this.
certbot renew --renew-hook /path/to/renew-hook-script
- I’ve already read into the docs (–renew-hook is replaced with --deploy-hook in the recent code)
- I’ve looked into the code
and I’m still not sure: if
installer.restart() happens on renewal automaticly or not.
My recollection is yes, but let me double-check.
Someone else confirmed my recollection, so evidently you won’t need to use the
--deploy-hook for this specific purpose with the nginx plugin. (Probably most nginx-related suggestions to use hooks were inspired by
--webroot, which used to be recommended for nginx users before the Certbot nginx plugin was working. Since the webroot plugin doesn’t include an installer, it doesn’t have a built-in mechanism to restart the web server upon deployment.)
If anyone has any contrary experience, please let us know and we can try to fix or document this.
Thanks for clarification. It should definitely be outlined in docs.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.