scalelite letencrypt certificate renewal

[Dimitrios Michail]

Hi, 

I have setup a couple of BBB servers together with the scalelite load balancer and everything seems to work fine. 

I am, however, having trouble renewing the letencrypt certificate.  I used the following settings inside the `/etc/default/scalelite`:

```

NGINX_SSL=true

SCALELITE_NGINX_EXTRA_OPTS=--mount type=bind,source=/etc/letsencrypt,target=/etc/nginx/ssl,readonly

```

which mounts the /etc/letsencrypt folder inside the docker container. Any ideas how to use certbot in order to renew the certificate? My problem is that nginx runs inside a docker container and certbot running on the host has no idea about that.

Regards, 

Dimitrios

[TeachReo]

Hello,

you can do like this :

sudo systemctl stop scalelite-nginx.service

sudo certbot renew --standalone --preferred-challenges http

sudo systemctl start scalelite-nginx.service

Regards

Fabrice

[Dimitrios Michail]

Hi Fabrice, 

thank you for your reply.  

This is exactly how I currently do it, but I was hoping for a solution without downtime, which could also be triggered by letsencrypt as a post renewal job. 

Best, 

Dimitrios

--
You received this message because you are subscribed to a topic in the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/bigbluebutton-setup/J8sSfL6Tpqg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to bigbluebutton-s...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/a05355a9-9a18-482c-9618-7381fbdf6b2an%40googlegroups.com.

[Mohamed Ali Ahmed]

Hello Dimitrios,

I would love it if someone can provide a way to automate the renewal of letsencrypt certs in scalelite-nginx container.

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-s...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/1f14b6c9-2a61-45e5-ad35-6861ab73b4edn%40googlegroups.com.

--

Mohamed Ali Ahmed (Bile)

Head of Systems

Somali Research & Education Network (SomaliREN)

+252 615 567671

Skype: bilesuper

Web:   http://www.somaliren.org

[mnk]

Hi guys,

Our ssl cert on our scalelite server has expired and thus our BBB set up is not working!

I have tried to use the below commands to renew but I’m getting the following issues:

root@:~# sudo systemctl stop scalelite-nginx.service

Failed to stop scalelite-nginx.service: Unit scalelite-nginx.service not loaded.

root@:~# sudo certbot renew --standalone --preferred-challenges http

sudo: certbot: command not found

root@:~#

root@:~# sudo systemctl start scalelite-nginx.service

Failed to start scalelite-nginx.service: Unit scalelite-nginx.service not found.

Any idea what I am doing wrong please?

Thanks and regards

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-s...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-setup/a05355a9-9a18-482c-9618-7381fbdf6b2an%40googlegroups.com.

[Jean Pluzo]

Hi,

@mnk: please open another thread to avoid confusion. Even though your problem is similar, opening another thread will help others focus on your specific problem

@Dimitrios: you don't need to have downtime. Just renew your certificate before anything else. After you certificate has been renewed restart scalelite (systemctl restart...).

Btw, certbot has a --webroot option specifically to avoid downtime. See https://eff-certbot.readthedocs.io/en/stable/using.html#webroot

Regards,

J.