Make SSL renewal time configurable and nginx-proxy reload time adequate

The matrix-nginx-proxy was reloaded on the 3rd day of the month (`15 4 3 * *`),
which makes no sense - it's too infrequently.

It's in line with the renewal time now (+5 minutes).
development
Slavi Pantaleev 7 years ago
parent 57e4f12ad3
commit f476e49e64

@ -73,6 +73,9 @@ matrix_riot_web_enabled: true
# and take care of proxying by yourself.
matrix_nginx_proxy_enabled: true
# Specifies when to attempt to retrieve new SSL certificates from Let's Encrypt.
matrix_ssl_renew_cron_time_definition: "15 4 */5 * *"
# Specifies when to reload the matrix-nginx-proxy service so that
# a new SSL certificate could go into effect (UTC time).
matrix_nginx_proxy_reload_cron_time_definition: "15 4 3 * *"
# a new SSL certificate could go into effect.
matrix_nginx_proxy_reload_cron_time_definition: "20 4 */5 * *"

@ -21,4 +21,4 @@ MAILTO="{{ matrix_ssl_support_email }}"
# When a custom proxy server (not matrix-nginx-proxy provided by this playbook),
# you'd need to make sure you alias these files correctly or SSL renewal would not work.
15 4 */5 * * root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug
{{ matrix_ssl_renew_cron_time_definition }} root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug

Loading…
Cancel
Save