I configured my server and domain to use Let’s Encrypt certificates. I want to use the certbot for automatic renewals. I want to set a crontab for automatic renewals. (dry-run option is working fine). Now I realized that there is a cronjob in /etc/cron.d with 0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew .
My question now is if this cronjob is triggered automatically so I don’t have to do anything at all?? Or do I have to specify a crontab still?? And also is this crontab executed with sudo priviledges?
I am using no server software at all on my server (EC2 instance) since my nginx is running within docker. I am using systemd. My question now is: Can I just set a new cronjob in sudo crontab -e and place this command in there? Is that supposed to work? Because if I run this command manually I get v*** DISPLAY not set, setting it to IPADDRESS.
Or is it enough to place a cronjob in sudo crontab -e with certbot renew?
Thanks in advance for any help!! And thanks for Let’s Encrypt!
My web server is (include version): ubuntu 16.04
I can login to a root shell on my machine (yes or no, or I don’t know): yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0
Thanks so much for the quick reply. Now just to make sure: In the file is written
Important Note! This cronjob will NOT be executed if you are
running systemd as your init system. If you are running systemd,
the cronjob.timer function takes precedence over this cronjob.
So I can ignore that even though systemd is on my operating system? And shouldn't that command work as well when I put it manually? Or is the error I'm getting normal?
Well, the cron job executes, assuming you have a working cron daemon.
The test … \! -d /run/systemd/system && part causes it to exit without doing anything else when run under systemd.
Because you’re using systemd, it doesn’t do anything, but there’s no evidence that it’s failing to run and successfully do nothing.
Assuming you used one of the apt packages to install Certbot, the systemd certbot.service and certbot.timer were set up to automatically run certbot -q renew and renew your certificates.
You can examine systemd’s information and logs, and Certbot’s logs in /var/log/letsencrypt/, to see if it seems to be running.
You can run “sudo certbot renew --dry-run” to test if renewal is likely to work.
thank you so much for the explanation. Yes this command succeeds and it gives me the Congratulations ... message. I used sudo add-apt-repository ppa:certbot/certbot to install certbot. So I assume it will be running fine.
Why is test … \! -d /run/systemd/system && needed? I mean why shouldn't it run when using systemd?
Also is it correct that the cronjonb executes once every 12th hour??
