Usage of inbuild cronjob script

Hi friends,

I configured my server and domain to use Let’s Encrypt certificates. I want to use the certbot for automatic renewals. I want to set a crontab for automatic renewals. (dry-run option is working fine). Now I realized that there is a cronjob in /etc/cron.d with 0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew .

My question now is if this cronjob is triggered automatically so I don’t have to do anything at all?? Or do I have to specify a crontab still?? And also is this crontab executed with sudo priviledges?

I am using no server software at all on my server (EC2 instance) since my nginx is running within docker. I am using systemd. My question now is: Can I just set a new cronjob in sudo crontab -e and place this command in there? Is that supposed to work? Because if I run this command manually I get v*** DISPLAY not set, setting it to IPADDRESS.

Or is it enough to place a cronjob in sudo crontab -e with certbot renew?

Thanks in advance for any help!! And thanks for Let’s Encrypt!

My web server is (include version): ubuntu 16.04

I can login to a root shell on my machine (yes or no, or I don’t know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

1 Like

Yes, it is.

It’s running as the root user.

2 Likes

Thanks so much for the quick reply. Now just to make sure: In the file is written

Important Note!  This cronjob will NOT be executed if you are
running systemd as your init system.  If you are running systemd,
the cronjob.timer function takes precedence over this cronjob.

So I can ignore that even though systemd is on my operating system? And shouldn’t that command work as well when I put it manually? Or is the error I’m getting normal?

Sorry for my confusion

1 Like

Well, the cron job executes, assuming you have a working cron daemon.

The test\! -d /run/systemd/system && part causes it to exit without doing anything else when run under systemd.

Because you’re using systemd, it doesn’t do anything, but there’s no evidence that it’s failing to run and successfully do nothing.

Assuming you used one of the apt packages to install Certbot, the systemd certbot.service and certbot.timer were set up to automatically run certbot -q renew and renew your certificates.

You can examine systemd’s information and logs, and Certbot’s logs in /var/log/letsencrypt/, to see if it seems to be running.

You can run “sudo certbot renew --dry-run” to test if renewal is likely to work.

3 Likes

thank you so much for the explanation. Yes this command succeeds and it gives me the Congratulations … message. I used sudo add-apt-repository ppa:certbot/certbot to install certbot. So I assume it will be running fine.

Why is test … \! -d /run/systemd/system && needed? I mean why shouldn’t it run when using systemd?

Also is it correct that the cronjonb executes once every 12th hour??

2 Likes

It should be. :slightly_smiling_face:

Because the systemd timer also exists, and there’s no reason to have a cron job and a timer running the same thing.

Yes.

("certbot renew" only tries to renew certificates that need to be renewed.)

4 Likes

Fanstastic! Thanks so much

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.