Make SSL renewal time configurable and nginx-proxy reload time adequate

The matrix-nginx-proxy was reloaded on the 3rd day of the month (`15 4 3 * *`),
which makes no sense - it's too infrequently.

It's in line with the renewal time now (+5 minutes).
This commit is contained in:
Slavi Pantaleev 2017-11-11 10:38:38 +02:00
parent 57e4f12ad3
commit f476e49e64
2 changed files with 6 additions and 3 deletions

View File

@ -73,6 +73,9 @@ matrix_riot_web_enabled: true
# and take care of proxying by yourself. # and take care of proxying by yourself.
matrix_nginx_proxy_enabled: true matrix_nginx_proxy_enabled: true
# Specifies when to attempt to retrieve new SSL certificates from Let's Encrypt.
matrix_ssl_renew_cron_time_definition: "15 4 */5 * *"
# Specifies when to reload the matrix-nginx-proxy service so that # Specifies when to reload the matrix-nginx-proxy service so that
# a new SSL certificate could go into effect (UTC time). # a new SSL certificate could go into effect.
matrix_nginx_proxy_reload_cron_time_definition: "15 4 3 * *" matrix_nginx_proxy_reload_cron_time_definition: "20 4 */5 * *"

View File

@ -21,4 +21,4 @@ MAILTO="{{ matrix_ssl_support_email }}"
# When a custom proxy server (not matrix-nginx-proxy provided by this playbook), # When a custom proxy server (not matrix-nginx-proxy provided by this playbook),
# you'd need to make sure you alias these files correctly or SSL renewal would not work. # you'd need to make sure you alias these files correctly or SSL renewal would not work.
15 4 */5 * * root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug {{ matrix_ssl_renew_cron_time_definition }} root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug