Ubuntu 20.04 snap install using cron not systemd?

Help
1

Problem:
Is it possible that the current snap-based certbot install is not correctly detecting systemd and correctly configuring the twice-daily run?

After upgrading from Ubuntu 20.04, using the snap-based install, the configuration of the twice-daily run of certbot is done via crontab not systemd, and that the cron job carefully checks for systemd, and since it is present, does no work.

(Additionally, the published documentation needs to be updated about the shift to snap. I have Ubuntu 20.04 instructions need update. ppa is deprecated. install.html says use ppa, not snap. · Issue #8832 · certbot/certbot · GitHub open about that.)

After doing the snap-based installed, I expected, that the twice-daily run of certbot would be done with configuration in /etc/systemd/system/
No certbot files are present in that directory.

Instead I find /etc/cron.d/certbot with the line:
0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew

This seems to test for systemd and if present does not run certbot.

I have confirmed that there is no apt-based certbot installed:

root@ubuntu-s-1vcpu-1gb-nyc1-01:~# apt-get remove certbot
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package 'certbot' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.

My domain is:
poetnerd.com
I ran this command:
sudo snap install certbot --classi

It produced this output:
2021-05-05T18:21:26Z INFO Waiting for automatic snapd restart...
certbot 1.15.0 from Certbot Project (certbot-eff✓) installed

My web server is (include version):
nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 20.04

My hosting provider, if applicable, is:
Digital Ocean

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.15.0

1 Like
2

Hi @poetnerd, and welcome to the LE community forum :slight_smile:

What is shown by:
sudo systemctl list-timers

1 Like
3

I do see a certbot in snap... Is this yet another periodic timer I'm heretofore unaware of?

wdc@ubuntu-s-1vcpu-1gb-nyc1-01:/lib/systemd/system$ sudo systemctl list-timers
NEXT                        LEFT          LAST                        PASSED      UNIT                         ACTIVATES                     
Fri 2021-05-07 19:55:34 UTC 16min left    Fri 2021-05-07 11:36:28 UTC 8h ago      motd-news.timer              motd-news.service             
Fri 2021-05-07 21:52:04 UTC 2h 13min left Fri 2021-05-07 06:08:58 UTC 13h ago     fwupd-refresh.timer          fwupd-refresh.service         
Sat 2021-05-08 00:00:00 UTC 4h 21min left Fri 2021-05-07 00:00:05 UTC 19h ago     logrotate.timer              logrotate.service             
Sat 2021-05-08 00:00:00 UTC 4h 21min left Fri 2021-05-07 00:00:05 UTC 19h ago     man-db.timer                 man-db.service                
Sat 2021-05-08 05:43:53 UTC 10h left      Fri 2021-05-07 12:41:28 UTC 6h ago      apt-daily.timer              apt-daily.service             
Sat 2021-05-08 06:21:22 UTC 10h left      Fri 2021-05-07 06:36:00 UTC 13h ago     apt-daily-upgrade.timer      apt-daily-upgrade.service     
Sat 2021-05-08 11:53:00 UTC 16h left      Fri 2021-05-07 12:22:00 UTC 7h ago      snap.certbot.renew.timer     snap.certbot.renew.service    
Sat 2021-05-08 18:30:16 UTC 22h left      Fri 2021-05-07 18:30:16 UTC 1h 8min ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
Sun 2021-05-09 03:10:31 UTC 1 day 7h left Sun 2021-05-02 03:10:29 UTC 5 days ago  e2scrub_all.timer            e2scrub_all.service           
Mon 2021-05-10 00:00:00 UTC 2 days left   Mon 2021-05-03 00:00:02 UTC 4 days ago  fstrim.timer                 fstrim.service                

10 timers listed.
Pass --all to see loaded but inactive timers, too.
1 Like
4

That is the systemd timer that the snapd version of certbot added.
You don't need the cron job.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.