1 linux ubuntu systemd letsencrypt certbot
我为 nginx 安装了 certbot,并且自动更新脚本自动设置,但这是我在运行时收到的电子邮件:
/home/foobar/certbot-renew.sh: 1: /home/foobar/certbot-renew.sh: /usr/bin/certbot: not found
certbot-renew.sh让我困惑的是,我的主目录中没有......?
更多信息来自systemctl:
# /lib/systemd/system/certbot.timer
[Unit]
Description=Run certbot twice daily
[Timer]
OnCalendar=*-*-* 00,12:00:00
RandomizedDelaySec=43200
Persistent=true
[Install]
WantedBy=timers.target
和
# /lib/systemd/system/certbot.service
[Unit]
Description=Certbot
Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html
Documentation=https://letsencrypt.readthedocs.io/en/latest/
[Service]
Type=oneshot
ExecStart=/usr/bin/certbot -q renew
PrivateTmp=true
我是 systemd 的新手,非常感谢您的帮助!
正如 @grawity 建议的那样,我检查了我的 crontabs 并发现了这个:
foo@bar:~$ cat /etc/crontab
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#
还有这个:
foo@bar:~$ cat /etc/cron.d/certbot
# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc. Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
澄清:
foo@bar:~$ which certbot
/usr/bin/certbot
foo@bar:~$ certbot --version
certbot 0.26.1
Certbot 有自己的更新服务,您不需要额外的 crontab 行。理论上。
\n\n实际上,我certbot.timer似乎无缘无故地停止了种子:
$ sudo systemctl status certbot.timer\n\xe2\x97\x8f certbot.timer - Run certbot twice daily\n Loaded: loaded (/lib/systemd/system/certbot.timer; enabled; vendor preset: enabled)\n Active: inactive (dead) since .....; 1 months 7 days ago\n在这种情况下,重新启动它会有所帮助:
\n\nsudo systemctl enable certbot.timer\nsudo systemctl start certbot.timer\n其停止运作的原因尚未找到。
\n| 归档时间: |
|
| 查看次数: |
11606 次 |
| 最近记录: |