On 10/1/19 1:18 PM, Viktor Dukhovni wrote: > Most users are very unlikely to see the race condition play out, > on their system but it probably happens to *someone* now and then, > (law of large numbers and all that...).
Aaaaaah, good point. Here's now I fix that for ejabberd, which REQUIRES a single file: 30 6,18 * * * [[ /etc/letsencrypt/live/www.caerllewys.net/privkey.pem -nt /etc/jabber/server.pem ]] && cat /etc/letsencrypt/live/www.caerllewys.net/privkey.pem /etc/letsencrypt/live/www.caerllewys.net/fullchain.pem > /etc/jabber/server.pem && ejabberdctl restart One could do something very similar for Postfix. This can in theory be set up as a certbot post-update hook, but in my experience the post-update hook does not always reliably fire. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958
