Renew on discourse docker

I installed discourse with docker, and set up lets encrypt as part of the process. Now it’s time to renew, but I’m unsure how, as I thought it would be automatic. On another server I set up using certbot and renewed manually without a glitch. But with the discourse docker install I do not appear to have certbot available. Any help appreciated.

Can you describe how you set up Let’s Encrypt?

If you followed this guide, you already have a daily cronjob that’s responsible for renewing your certificate if needed. This setup does not use certbot, but a different client called

I used this guide (same as your link) so it is
But, I think that it is not running a cron job, as I checked the ./launcher logs <container name> and there is no mention of letsencrypt or anything similar, also crontab -l does not list any crontabs. I also check etc/cron... dirs, but did not find anything that appears to be relevant. My certificate is due to expire in less than a week, so I thought that it might have done so automatically by now, but I still get reminder emails.

The guide above says to manually renew:

./launcher enter app
sv stop nginx
/usr/sbin/nginx -c /etc/nginx/letsencrypt.conf
LE_WORKING_DIR=/shared/letsencrypt DEBUG=1 /shared/letsencrypt/ --issue -d -k 4096 -w /var/www/discourse/public
LE_WORKING_DIR=/shared/letsencrypt /shared/letsencrypt/ --installcert -d --fullchainpath /shared/ssl/ --keypath /shared/ssl/ --reloadcmd "sv reload nginx"
/usr/sbin/nginx -c /etc/nginx/letsencrypt.conf -s stop

Although I’d prefer it to be automated.

This post mentions that the cronjob is in /var/spool/crontab/root. Does that file exist for you, and what’s the result when you run that command manually?

I get -bash: /var/spool/crontab/root: No such file or directory

Seems like something went wrong with that setup. You’re probably better off asking for help on - this is a Discourse-specific issue and in all likelihood there are more people with knowledge about that process on there.


I’m not familiar with discourse too. but I have a few suggestions.

  1. you can list your current cronjob by:
crontab  -l 
  1. has a command --installcronjob :

/shared/letsencrypt/  --installcronjob

It will check if the cronjob for renewal is already installed, if not, it will install it.

  1. You can also manually run the cronjob by command line:

/shared/letsencrypt/  --cron

It will check all the certs and renew them if needed.


I started a new discussion at

But, I discovered that if I enter the docker container and run a shell, then I can get to the crontabs:

docker exec -it app sh

then crontab -l gives me:

0 0 * * * "/shared/letsencrypt"/ --cron --home "/shared/letsencrypt" > /dev/null

I also notice that I don’t have


but I do have


Which implies that I have the acme script running in web mode???

From inside the shell in the container:

# /shared/letsencrypt/ --cron
ls: cannot access '/root/': No such file or directory

So I tried from outside the container:

/var/discourse# ./launcher /shared/letsencrypt/ --cron
Config file was not found, ensure containers/--cron.yml exists

Available configs ( app )

I also tried:

# /shared/letsencrypt/ --installcronjob
[Sun Sep 18 04:04:43 UTC 2016] Installing cron job
0 0 * * * "/shared/letsencrypt"/ --cron --home "/shared/letsencrypt" > /dev/null
# crontab -l
0 0 * * * "/shared/letsencrypt"/ --cron --home "/shared/letsencrypt" > /dev/null
# /shared/letsencrypt/ --cron
ls: cannot access '/root/': No such file or directory

Anyway, I’m not sure what best way is now to renew cert.

Any suggestions?

1 Like

Neil’s suggestion (thank you) on the other forum appears to have revealed that my auto renewal was working just fine:

(from within the docker container shell)

/shared/letsencrypt/ --cron --home "/shared/letsencrypt"

gave me:

# /shared/letsencrypt/ --cron  --home "/shared/letsencrypt"
[Sun Sep 18 04:09:37 UTC 2016] Renew:
[Sun Sep 18 04:09:37 UTC 2016] Skip, Next renewal time is: Tue Dec  6 00:00:21 UTC 2016

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.