1 0 1 * *  /home/certbot/certbot-auto certonly --nginx --renew-by-default --email dinglei@126.com -d li5jun.com -d www.li5jun.com


这是letsencrypt的执行脚本,但不知道每个月一号自动续费,并不执行,在cat /var/log/cron.log和 cat /var/log/cron.log.1以及各种

/var/log/cron.log.2.gz

发现任务是执行了,但是并不奏效。

而这个脚本是一段python代码,我们打开看看:

#!/bin/sh

#

# Download and run the latest release version of the Certbot client.

#

# NOTE: THIS SCRIPT IS AUTO-GENERATED AND SELF-UPDATING

#

# IF YOU WANT TO EDIT IT LOCALLY, *ALWAYS* RUN YOUR COPY WITH THE

# "--no-self-upgrade" FLAG

#

# IF YOU WANT TO SEND PULL REQUESTS, THE REAL SOURCE FOR THIS FILE IS

# letsencrypt-auto-source/letsencrypt-auto.template AND

# letsencrypt-auto-source/pieces/bootstrappers/*


set -e  # Work even if somebody does "sh thisscript.sh".


# Note: you can set XDG_DATA_HOME or VENV_PATH before running this script,

# if you want to change where the virtual environment will be installed


# HOME might not be defined when being run through something like systemd

if [ -z "$HOME" ]; then

  HOME=~root

fi

if [ -z "$XDG_DATA_HOME" ]; then

  XDG_DATA_HOME=~/.local/share

fi

if [ -z "$VENV_PATH" ]; then

  # We export these values so they are preserved properly if this script is

  # rerun with sudo/su where $HOME/$XDG_DATA_HOME may have a different value.

  export OLD_VENV_PATH="$XDG_DATA_HOME/letsencrypt"

  export VENV_PATH="/opt/eff.org/certbot/venv"

fi

VENV_BIN="$VENV_PATH/bin"

BOOTSTRAP_VERSION_PATH="$VENV_PATH/certbot-auto-bootstrap-version.txt"

LE_AUTO_VERSION="0.38.0"

BASENAME=$(basename $0)

USAGE="Usage: $BASENAME [OPTIONS]

A self-updating wrapper script for the Certbot ACME client. When run, updates

to both this script and certbot will be downloaded and installed. After

ensuring you have the latest versions installed, certbot will be invoked with

all arguments you have provided.


最后就是手动执行可以实现,但是只要定时任务,执行,就没有更新,所有大胆尝试加入环境变量:

1 0 1 * * . /etc/profile;/bin/sh /home/certbot/certbot-auto certonly --nginx --renew-by-default --email dinglei@126.com -d li5jun.com -d

www.li5jun.com

当然不要忘了,一定要重启nginx

10 0 1 * * nginx -s reload