otofune/README.md

## README.md

      
    Raw
  

              README.md
            
          
    これなに？

これね、Ubuntuでのapt install letsencryptしたcertbot (だと思う) で自動更新するやつ。nginxで常時httpリクエストでの.well-known/acme-challengeを/usr/share/nginx/letsencryptに通してると出来る
おきかた

全部を /etc/systemd/network においておもむろに systemctl start renewal.timer する、ついでに systemctl enable renewal.timer も

  
## renewal.service
[Unit]
Description=let's encrypt renewal

[Service]
Type=oneshot
ExecStart=/usr/local/bin/certbot renew --webroot -w /usr/share/nginx/letsencrypt --post-hook "systemctl reload nginx" --force-renew

## renewal.timer
[Unit]
Description=renew let's encrypt certifications weekly

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target
	[Unit]
	Description=let's encrypt renewal

	[Service]
	Type=oneshot
	ExecStart=/usr/local/bin/certbot renew --webroot -w /usr/share/nginx/letsencrypt --post-hook "systemctl reload nginx" --force-renew
	[Unit]
	Description=renew let's encrypt certifications weekly

	[Timer]
	OnCalendar=weekly
	Persistent=true

	[Install]
	WantedBy=timers.target