SSL Renewal Email Notifications

charlesworks · January 18, 2025, 2:48pm

SYSTEM INFORMATION
OS type and version	Debian 12
Virtualmin version	7.30.4

How to make a domain’s default send an email ONLY when the SSL renewal FAILS for a site seems straightforward:
Virtualmin > Choose Domain > Manage Virtual Server > Setup SSL Certificate > SSL Providers
Under “Send email on renewal?” select “Only on failure”
Click on “Only Update Renewal” to save the setting (unless you want to renew the certificate while there).

That said, I would like to do two things and hope someone can steer me in the right direction:

Make new virtual servers (domain names) being installed on the server automatically be set to only notify me on an SSL renewal FAILURE

Is it on a template someplace?

Use a script or some similar mechanism to change all websites on an existing Virtualmin managed box to NOT notify me except in the case of an SSL renewal FAILURE

Is this possible?

Would love to reduce the emails (LOL) and not have to go through boxes to manually change the settings!

Thanks for any guidance!

Stegan · January 18, 2025, 3:08pm

I am pretty sure this does exactly as you describe

probably some template as well but then that needs to be remembered to be applied on VS creation

charlesworks · January 18, 2025, 3:13pm

Thanks, but that only takes care of one domain and has to be done after every domain is created or added to the box.

shoulders · January 19, 2025, 10:24am

Maybe add it in to plans and features or server template.

Steini · January 19, 2025, 11:42am

This is a tricky one as you want to hook into the server creation process. You could configure a custom post-creation script that modifies the settings of the newly created server and bake this into Virtualmin > System Settings > Virtualmin Configuration > Actions upon server and user creation > Command to run after making changes to a server.

Something along the lines of (UNTESTED!!!):

#!/usr/bin/env bash

DOMAIN_CONFIG_FILE="/etc/webmin/virtual-server/domains/$1"
if [[ -f "$DOMAIN_CONFIG_FILE" ]]; then
echo "Updating settings for $1"
sed -i '/letsencrypt_email=/d' "$DOMAIN_CONFIG_FILE"
echo "letsencrypt_email=1" >> "$DOMAIN_CONFIG_FILE"
echo "Settings updated for $1"
else
echo "Configuration file $DOMAIN_CONFIG_FILE not found!"
exit 1
fi

You then want to pass the $ID (I assume this to be the name of the newly created file in /etc/webmin/virtual-server/domains/) to the script, e. g., ssl_notifications_change.sh $ID

I don’t have time right now to investigate what the correct variable ($ID) is, maybe someone else knows and can throw this info here.

UNTESTED:

#!/usr/bin/env bash

for config in /etc/webmin/virtual-server/domains/*
do
if grep -q "letsencrypt_email" "$config"; then
echo "Updating settings for $config"
sed -i '/letsencrypt_email=/d' "$config"
echo "letsencrypt_email=1" >> "$config"
fi
done
systemctl restart webmin
echo "Settings updated to failure-only."

Please, please, please, do create a backup before executing these scripts on your system. If possible, use a test or staging system.

Also, make sure that your domain config files reside in /etc/webmin/virtual-server/domains/. Amend the paths if otherwise.

Also, also, make the scripts executable (chmod +x).

Stegan · January 19, 2025, 11:59am

seems like a lot of extra work - was surprised not to find it already in the SSL website for domain option of template

Steini · January 19, 2025, 3:51pm

You mean copy, paste, and verify if the path is correct?