Cron job for refreshing Let's Encrypt cert using acme.sh not working

Armitage

Cadet
Joined
Feb 2, 2020
Messages
5
Hi!
Running FreeNAS-11.3-U2. I have a cron job set up to refresh my certs when it needs to, the script runs every week but only actually refreshes the scripts then needed. I also have scripts that shares the certs with Nextcloud and qBittorrent (both running in jails) then removes the old certs and sets the newest as active.

The cron job runs the command "/root/.acme.sh/acme.sh --cron" as root, and i get this back this if i have "Hide standard output" unset:
[Sat Oct 24 03:09:54 CEST 2020] ===Starting cron===
[Sat Oct 24 03:09:54 CEST 2020] ===End cron===
It does not refresh the certificates, and every 2,5 months i instead get a reminder in the mail that my cert is about to run out. Same when i run "/root/.acme.sh/acme.sh --cron --force" which is supposed to force a renew no matter how recent the certificate is, i get the same kind of standard output back but no errors and neither actually refreshes the certs.

If i on the other hand ssh into my FreeNAS server and run that same commands from there, both work without problems. I have no idea why it refuses to work as a cron job. Am i missing something obvious here? The other scripts are working.
 

Armitage

Cadet
Joined
Feb 2, 2020
Messages
5
Thanks for your reply! I'm not sure if its the same problem. I used this guide to install acme: https://www.truenas.com/community/resources/lets-encrypt-with-freenas-11-1-and-later.82/

The script works if i trigger it manually (both "/root/.acme.sh/acme.sh --cron" and "/root/.acme.sh/acme.sh --cron --force" without quotation marks), just not if i trigger it via a cron job. I am not sure if i have formatted the command wrong, but it works when i send the exact same command if i ssh into the server.
 

Kelly Hays

Dabbler
Joined
Apr 25, 2017
Messages
16
Thanks for your reply! I'm not sure if its the same problem. I used this guide to install acme: https://www.truenas.com/community/resources/lets-encrypt-with-freenas-11-1-and-later.82/

The script works if i trigger it manually (both "/root/.acme.sh/acme.sh --cron" and "/root/.acme.sh/acme.sh --cron --force" without quotation marks), just not if i trigger it via a cron job. I am not sure if i have formatted the command wrong, but it works when i send the exact same command if i ssh into the server.

I had a similar problem that was caused by the HOME environment variable not being set properly when a script was run from cron. I don't know if the bug was ever fixed. I worked around it by changing my cron job to something like: export HOME=/root; /root/.acme.sh/acme.sh --cron

You might try that and see if it works. If it does someone should probably open a case so the bug can get fixed.
 

Armitage

Cadet
Joined
Feb 2, 2020
Messages
5
I had a similar problem that was caused by the HOME environment variable not being set properly when a script was run from cron. I don't know if the bug was ever fixed. I worked around it by changing my cron job to something like: export HOME=/root; /root/.acme.sh/acme.sh --cron

You might try that and see if it works. If it does someone should probably open a case so the bug can get fixed.
You solved it. I replaced my cron job with that one and now it works perfectly. This has been annoying me for over half a year but i never bothered to look into it since i only had to manually renew the certificates every few months. I really appreciate your help with this!
 
Top