These are chat archives for xenolf/lego

1st
Dec 2016
Alexander
@alexs77
Dec 01 2016 09:04
@xenolf It runs once per day. Reason: It's not for a personal server of mine, but for work/production and for customers. While we know, when a cert was created, given enough numbers of vhosts, one could expire every day. And thus we need to run it every day. To ease that, I made a script → https://gist.github.com/alexs77/ac8ae2c0293327e8355eabd68ad902bd
Would be nice, if there were an easy way to call renew more easily with lego for all the domains or certificates, that are on the server.
xenolf
@xenolf
Dec 01 2016 12:57
@alexs77 If you are using the --days x switch the certificate should only get renewed x days before the expiration date, not every day.
Running it daily should be fine in this case
Alexander
@alexs77
Dec 01 2016 12:59
@xenolf Yep, didn't find the --days switch, though. Would be nice, if the default weren't 0, but, hm, 14?
and it would be cool, if there were a "command" like "renew all", which would renew all the certificates that exist on the system.
xenolf
@xenolf
Dec 01 2016 13:03
@alexs77 Well I created the command under the assumption that when a person runs it, he means to actually renew. The --days switch was added later for automation
Alexander
@alexs77
Dec 01 2016 13:05
Yes, understood, but I actually don't know when or if a certificate is to be renewed at all. But the "--days" switch is fine (if the default weren't 0 G).
xenolf
@xenolf
Dec 01 2016 13:06
I might need to document the --days switch better if it is not easy to discover
Alexander
@alexs77
Dec 01 2016 13:06
But more importantly, actually, it would be great, if a "renew all" (or something like that) could be added and thus avoid the need of scripts like mine.
you know, it's kind of hard figure out which certificates exist on a server.
xenolf
@xenolf
Dec 01 2016 13:11
The lego CLI client is not really intended to be used for bulk certificate management.
It certainly can be used as such though ;)
Alexander
@alexs77
Dec 01 2016 13:12
I like it, because it's in Go and only 1 file. And it exists on FreeBSD and Linux (and others)
xenolf
@xenolf
Dec 01 2016 13:12
The expectation was that people will build their integrations on top of the library.
I'm glad you are liking it :)
Alexander
@alexs77
Dec 01 2016 13:13
I'm not much of a library guy G
CLI and scripting, that's my thing ;)
xenolf
@xenolf
Dec 01 2016 13:14
:D
Well, if it works out for you all the better :D