On Mon, Jul 24, 2023 at 03:27:34PM +0200, Bernardo Reino via Postfix-users wrote:
> > Systems crash. What are the reliability guarantees from the certbot > > client: will it run once, or will it somehow maintain state and > > recover when a run was interrupted by a system crash? > > In such cases, and/or just "on top" of the certbot renewal hooks, one could > have > a cron job doing "postmap" and/or "postfix reload" or whatever, as Viktor > wrote. > (but again, then your cron job must make sure that certbot is not > (con)currently > running). > > I honestly don't think that it's certbot's [*] job to do that. The hooks are > IMHO a "courtesy", which is nice to have, but if you need 100% reliability, > you > need to implement it using another method. I disagree. The certbot documentation has no disclaimers telling users that their hooks are started at most once, might not succeed or might not run at all. Subsequent runs of certbot don't retry the hooks until the certificate changes again, which will be too late. In [danebot](https://github.com/tlsaware/danebot), while I don't yet have user-specified hooks, two important properties are implemented: - Updates of the certificate + key file "combo.pem" are atomic. - Once a new certificate is obtained, the above atomic installation is retried on each run until it succeeds. I am looking for volunteers to contribute implementations of: - Hook execution with at least-once semantics - Support for changing the list of domains to request from the CA, while retaining the previous public key. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
