Differences

This shows you the differences between two versions of the page.

--- servers:linux:nginx:lets_encrypt [2025/04/25 00:51] – [Timer] Sean Rhone
+++ servers:linux:nginx:lets_encrypt [2025/07/16 13:48] (current) – [Timer] Sean Rhone
@@ Line 21: / Line 21: @@
 <code>
-# letsencrypt/cli-custom.ini
 verbose = true
 text = true
@@ Line 46: / Line 44: @@
 hsts = true
 uir = true
-staple-ocsp = true
+staple-ocsp = false
-pre-hook = systemctl stop 'nginx'
-post-hook = systemctl start 'nginx'
 domains = realmofespionage.xyz, blog.realmofespionage.xyz, files.realmofespionage.xyz, media.realmofespionage.xyz, wiki.realmofespionage.xyz
@@ Line 57: / Line 52: @@
 ====== Obtain Certs ======
-  * :!: If it passes the dry run, remove the dry-run argument and re-run ((the dry run will likely fail the nginx restart step since the certs don't actually exist yet))
+  * :!: If it passes the dry run, remove the dry-run argument and re-run
   sudo 'certbot' 'certonly' --config '/etc/letsencrypt/cli-custom.ini' --dry-run
@@ Line 68: / Line 63: @@
 <code>
-# certbot-renew-custom.service
 [Service]
 Type=oneshot
@@ Line 78: / Line 71: @@
 ===== Timer =====
+  * Weekly
   sudo -e '/etc/systemd/system/certbot-renew-custom.timer' && sudo systemctl daemon-reload && sudo systemctl enable 'certbot-renew-custom.timer' --now
 <code>
-# certbot-renew-custom.timer
 [Unit]
 Description=Let's Encrypt Certificate Renewal