search for: renewed_lineage

On Tue, 12 Sep 2017, dovecot-request at dovecot.org wrote: > What's wrong with using a certbot "post-hook" script such as: > > #!/bin/bash > echo "Letsencrypt renewal hook running..." > echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" > echo "RENEWED_LINEAGE=$RENEWED_LINEAGE" > > if grep --quiet "your.email.domain" <<< "$RENEWED_DOMAINS"; then > ??? /usr/local/sbin/dovecot reload > ?? /usr/sbin/postfix reload > fi Nothing, if you let your certbot run as root. (I'm assuming that's how these hook...

<master at remort.net> writes: > "writing a script to check the certs" - there is no need to write any > scripts. As one mentioned, it's done by a hook to certbot. Please read > the manuals for LE or certbot. The issue you have is quite common and > of course certbot designed to do it for you. Won't work, of course, if you employ the least-privilege security

> I have to say I'm totally baffled since I do nothing when LetsEncrypt renews the certificate. > > I know the cert has been updated because the mail clients asks me if I trust the certificate. > > If it makes a difference I use the bash LetsEncrypt not the Python code. I don't like all those dependencies certbot (python) installs, but it works flawlessly on CentOS. On

...automagically. Daniel On 9/12/2017 9:26 AM, Daniel Miller wrote: > What's wrong with using a certbot "post-hook" script such as: > > #!/bin/bash > echo "Letsencrypt renewal hook running..." > echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" > echo "RENEWED_LINEAGE=$RENEWED_LINEAGE" > > if grep --quiet "your.email.domain" <<< "$RENEWED_DOMAINS"; then > ??? /usr/local/sbin/dovecot reload > ?? /usr/sbin/postfix reload > fi > > Daniel > > On 9/11/2017 1:57 PM, Joseph Tam wrote: >> <master at r...

On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote: > The general answere here is try and see, as you could totally test it > on your own. The certificate is read at startup and put in memory for > the rest of the execution time. Dovecot won't monitor the file for > changes on disk, as this would waste CPU cycles and make dovecot only > slower for no reason. The process

...l#renewing-certificates Certbot also looks for these scripts under /etc/letsencrypt/renewal-hooks/pre post deploy FWIW here is my script restart.sh located in /etc/letsencrypt/renewal-hooks/deploy ------------- #!/bin/sh systemctl restart nginx postfix dovecot echo "Certbot renewal\n\n$RENEWED_LINEAGE\n\n$RENEWED_DOMAINS" | mail -s "Certbot renewal" foo at bar.com ------------- -- K