home · contact · privacy
projects / config / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improve certificate renewal mechanism.
[config] / all_new_2018 / linkable_etc_files / web / etc / systemd / system / certbot.service
diff --git a/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service b/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service
index 122e7c19969af3f5f5b4cdd03e860a725dab9f0b..0d20d1fa56104f71f22479b48b50bcc09f80d135 100644 (file)
--- a/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service
+++ b/all_new_2018/linkable_etc_files/web/etc/systemd/system/certbot.service
@@ -3,6 +3,9 @@ Description=Certbot
 Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html
 Documentation=https://letsencrypt.readthedocs.io/en/latest/
 [Service]
+# plomlompom added the --webroot -w /var/www/html/ so that renewal
+# works with nginx running, and the nginx reload post-hook so that
+# the new certificates are linked to by nginx.
 Type=oneshot
-ExecStart=/usr/bin/certbot -q renew --webroot -w /var/www/html/
-PrivateTmp=true
+ExecStart=/usr/bin/certbot -q renew --webroot -w /var/www/html/ --post-hook "service nginx reload"
+PrivateTmp=true
\ No newline at end of file
Unnamed repository; edit this file 'description' to name the repository.