Let's encrypt crontab with nginx service

Crontab for renewal

# m h  dom mon dow   command
15  3   *   *   *    certbot renew --quiet --no-self-upgrade --pre-hook "systemctl stop nginx.service" --post-hook "systemctl start nginx.service"

Docker alternative

Note that if you run certbot in docker, you cannot use the –pre-hook and –post-hook as the other services cannot be changed through the docker container. Instead, you should create a script file, where you run the –pre-hook before the command and –post-hook afterwards

systemctl stop nginx.service

docker run --rm --name certbot -v "/etc/letsencrypt:/etc/letsencrypt:Z" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt:Z" \
    -p80:80 \
    -p443:443 \
    certbot/certbot renew \
    --quiet \
    --no-self-upgrade 

systemctl start nginx.service

Crontab for renewal#

Docker alternative#

Crontab for renewal

Docker alternative