[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: certbot options

Thanks folks, all great answers!  Not sure if there’s a best or correct answer.


I did not know about certbot *.conf despite combing through the docs many times and I did not know about the systemctl override dir or the fact that you could copy that system file to the other dir and it would replace it, I figured that would make it run twice, good to know! 


The renewal/*.conf files seem to be created automatically, I certainly didn’t create those by hand, so modifying them looks like a bad idea.  Maybe using a pre/post arg to the original certbot command will cause that to be added to these files on creation?  I need to try that.


Michael Grant


From: Jim Popovitch
Sent: 28 November 2018 14:56
To: debian-user@lists.debian.org
Subject: Re: certbot options


On Wed, 2018-11-28 at 13:29 +0000, Michael Grant wrote:

> In /lib/systemd/system/certbot.service


> The line to start certbot is:

> ExecStart=/usr/bin/certbot -q renew


> If I modify this file by hand:


> ExecStart=/usr/bin/certbot -q --pre-hook /usr/local/bin/certbot-

> prehook.sh renew


> The next time certbot is updated by apt, this file gets overwritten

> and my change goes away.


> Could someone please tell me the proper place to modify certbot’s

> default arg list or is there some systemctl command I should be doing

> instead of modifying this file directly?  Or.... is this a bug and

> apt-get should warn me before overwriting this file on update?



Is there a reason why you don't put 

    "pre-hook /usr/local/bin/certbot-prehook.sh"

in /etc/letsencrypt/renewal/*.conf ?


-Jim P.






Reply to: