From a52fad997f9ed8fa55f534e3d9b773fe2703fbd1 Mon Sep 17 00:00:00 2001 From: Brad Warren Date: Thu, 28 Sep 2017 18:41:44 -0700 Subject: [PATCH] document renewal hook directories --- docs/using.rst | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/using.rst b/docs/using.rst index 4fa563955..6fb4ec18f 100644 --- a/docs/using.rst +++ b/docs/using.rst @@ -486,6 +486,22 @@ apply appropriate file permissions. esac done +You can also specify hooks by placing files in subdirectories of Certbot's +configuration directory. Assuming your configuration directory is +``/etc/letsencrypt``, any executable files found in +``/etc/letsencrypt/renewal-hooks/pre``, +``/etc/letsencrypt/renewal-hooks/deploy``, and +``/etc/letsencrypt/renewal-hooks/post`` will be run as pre, deploy, and post +hooks respectively when any certificate is renewed with the ``renew`` +subcommand. These hooks are run in alphabetical order and are not run for other +subcommands. Hooks specified in the command line, :ref:`configuration file +`, or :ref:`renewal configuration files ` are +run as usual after running all hooks in these directories. One minor exception +to this is if a hook specified elsewhere is simply the path to an executable +file in the hook directory of the same type (e.g. your pre-hook is the path to +an executable in ``/etc/letsencrypt/renewal-hooks/pre``), the file is not run a +second time. + More information about hooks can be found by running ``certbot --help renew``. @@ -542,6 +558,8 @@ commands into your individual environment. you will need to use the ``--post-hook`` since the exit status will be 0 both on successful renewal and when renewal is not necessary. +.. _renewal-config-file: + Modifying the Renewal Configuration File ----------------------------------------