Join the community today
Register Now

Letsencrypt Auto renew cron job?

Discussion in 'Domains, DNS, Email & SSL Certificates' started by RB1, Nov 28, 2016.

  1. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    I finally got LetsEncrypt setup on my domain by way of this tool (manual, vhost was already setup):
    Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS

    Everything is setup properly and I'm not receiving any SSL warnings.

    There is no cron file located in /usr/local/nginx/conf/ssl/example.com/example.com-cron

    What option do I have to auto-renew?
    Currently running Centminmod 123.09beta01 on CentOS 7.


    Thanks!
     
  2. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Letsencrypt integration was rewritten from ground up as addons/acmetool.sh so there is no example.com-cron file anymore, just a simple cronjob for acme.sh
    Code (Text):
    0 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
     
  3. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x

    So when I went to addons/acmetool.sh acmeinstall I received:
    Code (Text):
    -----------------------------------------------------
    check acme auto renew cronjob setup:
    -----------------------------------------------------
    0 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    -----------------------------------------------------
    acme.sh installed
    -----------------------------------------------------

    Does this mean that the cron job is already setup and working correctly to auto-renew before expiration? Sorry I am really lost with LetsEncrypt :)
     
  4. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x

    Code (Text):
    0 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null

    Ahh cool, I have that cron job as well as some other Wordpress and Centmin jobs. Perhaps this is why my daily Yum updates aren't working...I don't see it on that list!

    Thanks again for the help. I wish I had LetsEncrypt somewhat figured out before I purchased a Comodo SSL Cert, although it was only $0.88 for Black Friday :) Good learning experience I guess
     
  6. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yum-cron outlined at Automatic nightly YUM updates with yum-cron | Centmin Mod Community has it's old cronjob location elsewhere in /etc/cron.* daily, hourly, monthly and weekly directories
    Code (Text):
    ls -lah /etc/| grep cron
    -rw-------.  1 root root   541 Mar 31  2016 anacrontab
    drwxr-xr-x.  2 root root  4.0K Nov 27 01:08 cron.d
    drwxr-xr-x.  2 root root  4.0K Nov 27 01:08 cron.daily
    -rw-------.  1 root root     0 Mar 31  2016 cron.deny
    drwxr-xr-x.  2 root root  4.0K Nov 27 01:08 cron.hourly
    drwxr-xr-x.  2 root root  4.0K Jun  9  2014 cron.monthly
    -rw-r--r--.  1 root root   533 Nov 25 08:17 crontab
    drwxr-xr-x.  2 root root  4.0K Jun  9  2014 cron.weekly

    i.e.
    Code (Text):
     ls -lah /etc/cron.daily/
    total 36K
    drwxr-xr-x.  2 root root 4.0K Nov 27 01:08 .
    drwxr-xr-x. 93 root root  12K Nov 27 04:50 ..
    -rwxr-xr-x.  1 root root  979 Mar 26  2015 cyrus-imapd
    -rwxr-xr-x.  1 root root 1.4K Nov 25 08:17 diskalert
    -rwx------.  1 root root  219 Nov  5 22:55 logrotate
    -rwxr-xr-x.  1 root root  618 Mar 17  2014 man-db.cron
    -rwx------.  1 root root  208 Nov  4 17:47 mlocate


    Verifying yum-cron is working



    You can check your cron log at /var/log/cron to see if it ran
    Code (Text):
    grep yum.cron /var/log/cron | tail -10
    Sep 29 03:24:01 vultr run-parts(/etc/cron.daily)[21165]: starting 0yum.cron
    Sep 29 03:28:39 vultr run-parts(/etc/cron.daily)[21235]: finished 0yum.cron
    Sep 30 04:45:01 vultr run-parts(/etc/cron.daily)[26324]: starting 0yum.cron
    Sep 30 04:54:00 vultr run-parts(/etc/cron.daily)[26403]: finished 0yum.cron
    Oct  1 03:39:01 vultr run-parts(/etc/cron.daily)[31068]: starting 0yum.cron
    Oct  1 04:29:19 vultr run-parts(/etc/cron.daily)[31314]: finished 0yum.cron
     
  7. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    Looks like it's only running the 0yum-hourly.cron, and if it was working correctly I also would have received an email after the cron job.
    The yum-cron service is definitely running; I can't help but feel I left something important out.
     
  8. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  9. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    Well, it looks like my (relatively new) server isn't sending emails. I'll have to contact Linode about that.
    I believe that wouldn't be the problem since I'm still not seeing the daily cron logs.
     
  10. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    so nothing in /var/log/cron ?

    what bout status to check if cron is running ?
    Code (Text):
    service crond status
     
  11. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Also

    test email via SSH command with youremail@address.com being your email you want to test receipt for
    Code (Text):
    echo "test" | mail -s "test subject" youremail@address.com

    then check postfix logs
    Code (Text):
    tail -10 /var/log/maillog 
     
  12. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    Only the hourly crons:
    Code (Text):
    Nov 28 01:01:01 atlas run-parts(/etc/cron.hourly)[2179]: starting 0yum-hourly.cron
    Nov 28 01:01:01 atlas run-parts(/etc/cron.hourly)[2196]: finished 0yum-hourly.cron

    Code (Text):
    service crond status
    Active: active (running) since Sat 2016-11-12 21:00:26 UTC; 2 weeks 1 days ago[/CODEB[

    Edit: My maillog is empty
     
  13. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what's output for this command, might want to mask actual email addresses
    Code (Text):
    postfixlog
     
  14. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    Not much to reply with, everything under
    Code (Text):
    received  delivered   deferred    bounced     rejected
    has a value of 0.

    I was under the assumption that you don't need the mail server fully setup to send mail (although it may be marked as spam).
     
  15. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    did you test email via SSH command with youremail@address.com being your email you want to test receipt for
    Code (Text):
    echo "test" | mail -s "test subject" youremail@address.com

    postfixlog command and /var/log/maillog should have entries after the test email
     
  16. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    also is postfix running ?
    Code (Text):
    service postfix status
    
     
  17. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    DUH! It wasn't running...call me stupid. I thought it was enabled by default.
    I just started it and now I'm being spammed with a ton of queued messages.
    Still this Yum issue though :(
     
  18. eva2000

    eva2000 Administrator Staff Member

    55,811
    12,273
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,859
    Local Time:
    3:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    it should be enabled by default !
    start and make sure reboot starts postfix with SSH commands
    Code (Text):
    service postfix start
    chkconfig postfix on
     
  19. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    10:41 PM
    Nginx 1.21.x
    MariaDB 10.1.x
    OK, looks like postfix is working correctly now!
    Now to wrap my head around Yum daily cron...
     
    Last edited: Nov 28, 2016