Differences

This shows you the differences between two versions of the page.

--- servers:bsd:nginx:lets_encrypt [2025/05/16 19:20] – Sean Rhone
+++ servers:bsd:nginx:lets_encrypt [2025/05/17 17:13] (current) – Sean Rhone
@@ Line 48: / Line 48: @@
 hsts = true
 uir = true
-staple-ocsp = true
+staple-ocsp = false
 domains = realmofespionage.xyz, blog.realmofespionage.xyz, files.realmofespionage.xyz, media.realmofespionage.xyz, wiki.realmofespionage.xyz
@@ Line 62: / Line 62: @@
   certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini' --dry-run
-====== Automatic Cert Renewal ======
+===== Temp Commands =====
-  * :!: Everything below TODO
+  * TODO: service stop nginx, above no dry-run
-===== Disable Existing =====
+====== Automatic Cert Renewal ======
-****
+  * TODO
-  sudo systemctl disable --now 'certbot-renew' 'certbot-renew.timer'
-===== Service =====
-  sudo -e '/etc/systemd/system/certbot-renew-custom.service'
-<code>
-[Service]
-Type=oneshot
-ExecStart='/usr/bin/certbot' 'certonly' --config '/etc/letsencrypt/cli-custom.ini' --quiet
-ExecStartPost='/usr/bin/sync'
-# End</code>
-===== Timer =====
-  sudo -e '/etc/systemd/system/certbot-renew-custom.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'certbot-renew-custom.timer' --now
-<code>
-[Unit]
-Description=Let's Encrypt Certificate Renewal
-After=network-online.target
-Wants=network-online.target
-[Timer]
-OnCalendar=weekly
-Persistent=true
-[Install]
-WantedBy=multi-user.target
-# End</code>