Help needed with initial setup errors

Fantastic, thank you

sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Found the following certs:
Certificate Name: bobscloud.ddns.net
Domains: bobscloud.ddns.net
Expiry Date: 2019-01-29 10:22:24+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/bobscloud.ddns.net/fullchain.pem
Private Key Path: /etc/letsencrypt/live/bobscloud.ddns.net/privkey.pem


That is basically the only information that needs to be fed into nextcloud - I don't know how nextcloud works.

Now lets work on ensuring your system will auto-renew...

Please show:
sudo crontab -l

sudo crontab -l

no crontab for root

Hmmm…
It wasn’t automatically added - no worries.
Are you familiar with any editor? (VIM or VI)

yeah I tend to use nano

perfect!

issue:
sudo crontab -e

[[ which should start nano and edit the crontab file for root user ]]

insert a line something like this at the bottom:
03 30 * * * /usr/bin/certbot renew --nginx

That will attempt to renew your cert(s) using nginx each day at 3:30 AM.
Feel free to adjust the time as you see fit - but do not need to be run more than once a day.

Ok thanks, where should i save that.. it defaults to //tmp/crontab.RvhMup/crontab

just save and exit … CTRL-X ?
It will handle the location.

Once you have successfully added it to nextcloud (which seems to be using nginx), you can add:
-q --deploy-hook 'service nginx restart'
to the crontab entry line. So that it will restart nginx whenever a cert is actually renewed.
That presumes that the nginx/nextcloud config can “use” the cert right from its’ current location:
/etc/letsencrypt/live/bobscloud.ddns.net/fullchain.pem
/etc/letsencrypt/live/bobscloud.ddns.net/privkey.pem
If not, then you may have to take some additional nextcloud related step(s).

"/tmp/crontab.iinB0S/crontab":23: bad hour

errors in crontab file, can't install.

Do you want to retry the same edit? (y/n)

with more details
sudo crontab -e
no crontab for root - using an empty one

Select an editor. To change later, run ‘select-editor’.

  1. /bin/ed
  2. /bin/nano <---- easiest
  3. /usr/bin/vim.basic
  4. /usr/bin/vim.tiny

Choose 1-4 [2]: 2
crontab: installing new crontab
“/tmp/crontab.RvhMup/crontab”:23: bad hour
errors in crontab file, can’t install.
Do you want to retry the same edit? (y/n)

sorry I may have given the hours and minutes in reversed order...
Try:
30 03 * * * /usr/bin/certbot renew --nginx

DOH!
30 is a bad hour indeed!

If you don't care too much about possible nginx restarts (when cert renews - every 60 days), just use:
30 03 * * * /usr/bin/certbot renew --nginx -q --deploy-hook 'service nginx restart'

lol.. oops,
i changed it to 00 03 * * * /usr/bin/certbot renew --nginx

The i saw your message and changed it to 30 03 * * * /usr/bin/certbot renew --nginx -q --deploy-hook 'service nginx restart'

either will renew the cert.
The longer string also restarts nginx.

But to be crystal clear:
You have a cert and it should be set to automatically renew.
But you are NOT yet using it anywhere.
That is now a nextcloud question/answer/setup thing.

Unless…
You also intend on using that same cert for any other unrelated (to nextcloud) service.

Best of luck!
Cheers :slight_smile:

yes thank you very much for your help!

I’ll hop over to the nextcloud forum and see if anyone can help me there.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.