Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Let's Encrypt cron auto-renew doesn't work #836
My Let's Encrypt cron auto-renew doesn't work by default. The command gets executed according to syslog.log but nothing in ee.log.
As suggested in many posts from the forum, I needed to add sudo in front of the crontab command to make it work:
0 0 * * * sudo ee site update --le=renew --all 2> /dev/null # Renew all letsencrypt SSL cert. Set by EasyEngine
If I run the command manually under root without sudo, it works.
Should sudo be added as standard in the crontab entry or is there a better fix?
ee doesnt do this. cron service needs to be restarted manually.
Also make sure it reads the following when running crontab -e in shell:
@rahul286 Fix or hint in shell after execution of ee site create/update domain.com --letsencrypt/--le=renew could help. Also pls add correct cron job (missing sudo).
This all sounds wrong to me. You can't run a cron job using sudo without also providing the sudo password... right? Otherwise a user without sudo permissions could execute anything at sudo level just by putting them in cron.
If the job needs enhanced permissions to run, then it should be in the root crontab, i.e.
But the current version of ee is creating the job in the correct crontab anyway. It's also scheduling as '0 0 * * 0' - which is midnight every Sunday (i.e. weekly).
It's also not necessary to restart the cron service - it will pick up any changed crontab files automatically.