Update: As of certbot
0.10.0, the information in this post is out of date.
I don’t think it’s possible to specify
--renew-hook in the
.conf files located in
/etc/letsencrypt/renewal, based on a quick test.
The idea behind
--renew-hook is that you get a shell variable called
$RENEWED_DOMAINS containing a list of renewed domains. If you need some kind of specificity (i.e.
a.example.com restarts service A,
b.example.com restarts service B), the recommended approach would probably to check that variable and act based on that.
Full description of
--renew-hook for your reference:
Command to be run in a shell once for each
successfully renewed certificate.For this command, the
shell variable $RENEWED_LINEAGE will point to
theconfig live subdirectory containing the new certs
and keys; the shell variable $RENEWED_DOMAINS will
contain a space-delimited list of renewed cert domains