Ncp: Letsencrypt seems to always renew into -0001-files

Hey Forumists, esp. @OliverV and @nachoparker

Followup of NextCloudPi certbot doesn't work:

as the title says… nc-Letsenrypt-routine works… but even if I would move the sub.domain.tld into sub.domain.tld-old (as @OliverV) suggested in his linked posting the renewal ran by nc-config (from commandline) would end up making a whole new file called sub.domain.tld-0001 - which, of course, wouldn’t be recognized by apache at all. unless you’d tweak given apache-files to recognize them).

so right now everything is working again. but somehow this seems to be a misbehaviour of the renewal-procedure. I don’t know how to solve it.

I’m running NC 18.0.5 on a nc-VM hosted on my network at office/home.
image-file: NextCloudPi_12-21-19
ncp v 1.28.0

(if you’d need more info, jst let me know and I’m gonna provide that asap)

looking foward to any helpful comment
cheerio
JImmy

If your domains change (if you remove one), it’s expected for certbot to behave that way.

The issue arises because ncp does not handle the domain-0001 directories.

A solution can be to actually use the certbot deploy hook (1) feature with its variables, and let a dedicated script perform sed -i on apache’s config, of specify a --cert-name $DOMAIN_LOWERCASE on this line so that the old name gets reused.

(1):

  --deploy-hook DEPLOY_HOOK
                        Command to be run in a shell once for each
                        successfully issued certificate. For this command, the
                        shell variable $RENEWED_LINEAGE will point to the
                        config live subdirectory (for example,
                        "/etc/letsencrypt/live/example.com") containing the
                        new certificates and keys; the shell variable
                        $RENEWED_DOMAINS will contain a space-delimited list
                        of renewed certificate domains (for example,
                        "example.com www.example.com" (default: None)