Over the past few weeks I received the first batch of reminders regarding Let’s Encrypt certificates that are about to expire. I renewed the first few by hand, but surprisingly that get’s real boring real quick.
Let’s fix this. I wrote a simple bash script just to do this for me, here we go:
#!/bin/bash service nginx stop letsencrypt certonly --standalone -d machiel.me service nginx start
Now just add the following line in your crontab:
0 0 1 */2 * /path/to/renew/script.sh
And you’re done! Don’t forget to change the path in the crontab and the path to the letsencrypt binary in the shell script :).
YMMV, I simply assumed you’re running nginx and you’re able to restart nginx like this. Adjust to your own needs.
For a more intelligent solution, you could check out this ansible script.