Hello @Maple12,
Do you understand cron and crontabs?
Try these from your Ubuntu shell
man cronman crontab
Also please see:
https://manpages.ubuntu.com/manpages/jammy/en/man5/crontab.5.html
1 Like
Why have it start and then sleep [count] for the exact amount of seconds each, and every, time?
These two settings are equal:
0 0,12 * * * root sleep 2466
41 0,12 * * * root sleep 6
[note: 41 min * 60 secs = 2460 secs]
Even though, 2466 seems like a random number, it uses that same exact "random" umber every time - not so random anymore...
So, neither is that random.
Albeit, both are an improvement over the original:
0 1 * * *
4 Likes
To save resources on the ACME server, it is enough the timing being random among multiple clients. It does not have to be random inside a given client, random only relative to other clients.
2 Likes
Yes it does not have to be; But it makes better sense to always be random.
Why?
Because, if for whatever reason, you happen land on a time that has an issue for you, then it will always have that same exact issue [every time you run it - 0% chance of success].
And that will do a good job of driving you crazy trying to figure out why!
If you do random all the time, then even if you do find a time that happens to be an issue for you, it will only happen once [99.99% chance of success (on next attempt)].
4 Likes
Thank you!
I have a couple of questions.
- How do I tell if Certbot has auto renewals set up . I Installed it a week ago.
This is the output of certbot renew ---dry-run
Processing /etc/letsencrypt/renewal/mydomain.com.conf
Simulating renewal of an existing certificate for mydomain.com and www.mydomain.com
Is it set to auto renew?
and
- If it is not set , how do I set it up so that I avoid the crontab method, which looks like is not working for me so far ?
Thank You
1 Like
See the Certbot topic below on how to check your automation and set it up if you don't.
I also provided this earlier in this thread
https://eff-certbot.readthedocs.io/en/latest/using.html#automated-renewals
Just running --dry-run manually does not prove if you have automated renewals setup. That only shows if you run a renew manually that it would work (well, very highly likely will work). Transient errors can always occur. Which is why renewals start when 30 days remain before cert expiry and why we recommend trying a renew multiple times / day.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.