There is a deploy renewal-hook which runs after renewal (my scripts are in /etc/letsencrypt/renewal-hooks/deploy/). But it doesn’t run when initially obtaining the certificate via certonly --standalone.
Is there an equivalent hook that runs after the initial new-cert process?
My reason: some apps, e.g. portainer, need access to the non-symlinked files, so I want to run a script after obtaining/renewing certs, to make a static non-symlinked copy of the latest certs for those apps to access. I can get this to work for renewed certs, but not for new certs.
If you specify the --deploy-hook command line option when creating the certificate, it will run then, and when renewing it later. (The command will be saved in the /etc/letsencrypt/renewal/ configuration file.) E.g.: