Make SSL renewal time configurable and nginx-proxy reload time adequate
The matrix-nginx-proxy was reloaded on the 3rd day of the month (`15 4 3 * *`), which makes no sense - it's too infrequently. It's in line with the renewal time now (+5 minutes).
This commit is contained in:
parent
57e4f12ad3
commit
f476e49e64
@ -73,6 +73,9 @@ matrix_riot_web_enabled: true
|
|||||||
# and take care of proxying by yourself.
|
# and take care of proxying by yourself.
|
||||||
matrix_nginx_proxy_enabled: true
|
matrix_nginx_proxy_enabled: true
|
||||||
|
|
||||||
|
# Specifies when to attempt to retrieve new SSL certificates from Let's Encrypt.
|
||||||
|
matrix_ssl_renew_cron_time_definition: "15 4 */5 * *"
|
||||||
|
|
||||||
# Specifies when to reload the matrix-nginx-proxy service so that
|
# Specifies when to reload the matrix-nginx-proxy service so that
|
||||||
# a new SSL certificate could go into effect (UTC time).
|
# a new SSL certificate could go into effect.
|
||||||
matrix_nginx_proxy_reload_cron_time_definition: "15 4 3 * *"
|
matrix_nginx_proxy_reload_cron_time_definition: "20 4 */5 * *"
|
@ -21,4 +21,4 @@ MAILTO="{{ matrix_ssl_support_email }}"
|
|||||||
# When a custom proxy server (not matrix-nginx-proxy provided by this playbook),
|
# When a custom proxy server (not matrix-nginx-proxy provided by this playbook),
|
||||||
# you'd need to make sure you alias these files correctly or SSL renewal would not work.
|
# you'd need to make sure you alias these files correctly or SSL renewal would not work.
|
||||||
|
|
||||||
15 4 */5 * * root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug
|
{{ matrix_ssl_renew_cron_time_definition }} root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug
|
||||||
|
Loading…
Reference in New Issue
Block a user