Differences

This shows you the differences between two versions of the page.

--- rpi_nimbus [2019/08/01 09:56] – [Let's Encrypt] Júne Park
+++ rpi_nimbus [2019/08/03 04:39] – [Let's Encrypt via repository] Júne Park
@@ Line 185: / Line 185: @@
 ----
+=== Renew certificate(s) using systemd ===
+Check renewal executes without error,
+<code bash>
+ sudo certbot renew --dry-run
+</code>
+== Service unit file ==
+If no error, edit **service unit file** typically stored in ''/etc/systemd/system/''. Edit ''/etc/systemd/system/certbot-renewal.service''
+<code ini>
+[Unit]
+Description=Certbot Renewal
+[Service]
+ExecStart=/usr/bin/certbot renew --post-hook "systemctl restart nginx.service"
+</code>
+Which restarts web service after renewing certificate(s).
+== Timer unit file ==
+Modify ''/etc/systemd/system/certbot-renewal.timer'' to adjust timer for certbot renewal.
+<code ini>
+[Unit]
+Description=Timer for Certbot Renewal
+[Timer]
+OnBootSec=300
+OnUnitActiveSec=2w
+[Install]
+WantedBy=multi-user.target
+</code>
+The configuration below will activate the service biweekly, and 300 seconds after boot-up.
+== Using systemctl and journalctl ==
+To start the timer
+<code bash>
+  sudo systemctl start certbot-renewal.timer
+</code>
+To enable the timer to be started on boot-up
+<code bash>
+  sudo systemctl enable certbot-renewal.timer
+</code>
+To show status information for the timer
+<code bash>
+  systemctl status certbot-renewal.timer
+</code>
+To show journal entries for the timer
+  journalctl -u certbot-renewal.service
+----
 ==== SSL Configuration on Nginx ====