alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Revert "roles/nginx: Only run Let's Encrypt checks once a day"

Browse Source 
This reverts commit a38d822fad.

The docs definitely recommend twice a day. From a note on certbot's
installation page:

> if you're setting up a cron or systemd job, we recommend running
> it twice per day (it won't do anything until your certificates
> are due for renewal or revoked, but running it regularly would
> give your site a chance of staying online in case a Let's
> Encrypt-initiated revocation happened for some reason). Please
> select a random minute within the hour for your renewal tasks.

See: https://certbot.eff.org/#ubuntuxenial-nginx
This commit is contained in:
Alan Orth 2016-08-17 11:30:10 +03:00
parent 437dbf470e
commit 8bee2d7a72
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/nginx/files/renew-letsencrypt.timer
View File

@ -2,8 +2,8 @@
Description=Renew Let's Encrypt certificates Description=Renew Let's Encrypt certificates
[Timer] [Timer]
# once a day, at 2AM # twice a day, at midnight and noon
OnCalendar=*-*-* 02:00:00 OnCalendar=*-*-* 00,12:00:00
# Add a random delay of 03600 seconds # Add a random delay of 03600 seconds
RandomizedDelaySec=3600 RandomizedDelaySec=3600
Persistent=true Persistent=true