Let's Encrypt post-hook

Hi guys,

Is there any way to add “post-hook” action on SSL renewal? I looked everywhere and seems like there is no such option. The reason I’m asking is that I am using few custom services and I need them to be restarted to apply the new ssl certificates.

In my other setups I am using certbot --post-hook feature, but in Virtualmin there is no such option.

Is there an easy way to achieve this?

Kind regards,
Dean

Hello, Dean!

Is there any way to add “post-hook” action on SSL renewal?

Yes, it is possible.

You should define a Command to run after making changes to a server in System Settings ⇾ Virtualmin Configuration / Actions upon server and user creation to point to a custom script, let’s say /usr/local/sbin/virtualmin-post-server.sh and there do something like this:

#!/bin/sh
if [ "$VIRTUALSERVER_ACTION" = "SSL_DOMAIN" ]; then
  # Update SSL certificates for Prosody
  /usr/bin/cp -f /home/$VIRTUALSERVER_DOM/ssl.key /etc/prosody/certs/$VIRTUALSERVER_DOM.key
  /usr/bin/cp -f /home/$VIRTUALSERVER_DOM/ssl.bundle /etc/prosody/certs/$VIRTUALSERVER_DOM.bundle
  /usr/bin/chmod 700 /etc/prosody/certs/$VIRTUALSERVER_DOM.bundle /etc/prosody/certs/$VIRTUALSERVER_DOM.key
  /usr/bin/chown prosody:prosody /etc/prosody/certs/$VIRTUALSERVER_DOM.key /etc/prosody/certs/$VIRTUALSERVER_DOM.bundle
  /usr/bin/systemctl restart prosody.service

  # Print all available env vars for a script
  /usr/bin/printenv > /root/virtualmin-all-envs
fi


1 Like

Hello, Ilia!

Thank you for this, I already have seen this, but I thought this is only done when you create new users/domains/etc.

I will try this and update this ticket if needed.