Automating LetsEncrypt certificate renewal

LetEncrypt wants everyone to convert their old cleartext web servers over to HTTPS, so they give away free basic domain validation trusted certificates just to get everyone on the bandwagon (30M active certs so far!) and it’s supposed to be easy to renew, but my Apache instance was giving me trouble.

Turns out the way I have things configured with my cert and mail domain cert, the new key that’s created every 90 days has to be specified in the Apache configuration file. To help cert-bot accomplish this rotation, and provide some XML-formatted logging so I can neatly ingest things into MarkLogic, I wrote this script:


# XML output - start
echo "<report>"
startTime=`date +%Y-%m-%dT%H:%M:%S.%N%:z`
startTimeSeconds=`date -d $startTime +%s`
echo "  <dateTimeInitiated>$startTime</dateTimeInitiated>"
echo "  <jobOutput>"

apache2ctl stop

# Renew the certs
/root/certbot/certbot-auto renew

# Replace the Apache cert file with the most recent
KEYFILE=`ls -arth1 /etc/letsencrypt/keys/ | grep -v '^\..*' | tail -1`
rm /etc/letsencrypt/live/key-certbot.pem
ln -s "/etc/letsencrypt/keys/$KEYFILE" /etc/letsencrypt/live/key-certbot.pem

apache2ctl start

# XML output - end
echo "  </jobOutput>"
endTimeSeconds=`date +%s`
echo "  <jobDurationSeconds>`expr $endTimeSeconds - $startTimeSeconds`</jobDurationSeconds>"
echo "</report>"

Then, I have the system call this script at the start of every month. Or whatever interval makes sense. I used Crontab Generator to help, since my CRON-fu was rusty.

# m   h   dom mon dow   command
  4   21  1   *   *     /root/certbot/ >> /root/certbot/autorenew.txt 2>&1
crontab -e

Looks pretty in MarkLogic’s Query Console… ready for doing stuff with. Once I get a pile of them, I’ll make some bar charts.

Autorenewal logs as XML in MarkLogic Query Console

That’s all!


Reading Challenges

While I’m a lifetime member of LibraryThing, I hardly ever make it over there, even to add new books to my library list, which I use to find the Dewey call number for each volume. No, I don’t have my library organized by call number — yet — I attach a post-it note with the call number to the front of the book in preparation for the manic Saturday when I have nothing else to do, and can stand the disorder no longer.

Goodreads is my site of choice for books. Managing my reading queue seems easier with them, and I genuinely trust the star ratings and reviews that people leave, after being bitten hard by Amazon and “best sellers” reviews.

Matthew’s read book montage

Hillbilly Elegy: A Memoir of a Family and Culture in Crisis
Leviathan Wakes
The Atlantis Gene
The Handmaid's Tale
Anatomy of the State
The Fountains of Paradise
The Line
I Shall Wear Midnight
The Man in the High Castle
Walden and On the Duty of Civil Disobedience
What If?: Serious Scientific Answers to Absurd Hypothetical Questions
The Paris Review Issue 218
Teaching My Mother How to Give Birth
The Secrets of the Little Blue Box
Machine Man
American Caesar: Douglas MacArthur 1880-1964
Crippled America: How to Make America Great Again

Matthew Royal’s favorite books »

Each year, Goodreads hosts a reading challenge, where you set a goal for yourself, then track your progress over the year. It’s amazing how little I actually read. The past few years, I’ve increased my goal by 5 books each January, and this year at 40 books, is the first year that feels like a lot. I love the reminder to read things on my list, I love seeing how much or how little my friends are reading (thanks, Facebook integration), and I love the meaningless statistics accumulated at the end of the year.

My Goodreads Reading Challenge results from 2016

  • Are the books I’m reading too short?
  • What is the knowledge density in these books, and how much am I really learning?
  • How can I read more books? (Many were read on cross-country flights, which decreased for me in 2017.)
  • Do audiobooks count?
  • Are these even good metrics? “Some books are to be tasted, others to be swallowed, and some few to be chewed and digested,” but this seems to be fixated on page count in a world where no page size is standard.

For me, I’d hate to be held to it by a parent or school, but The Challenge encourages me to stall out in fewer books, and it scratches my list-making itch. I sort of wish there were Reading Challenges for other things in my life: writing little programs I’ve thought of, weeding my garden, perhaps.

Not quite gamification, but JUST ENOUGH social accountability in a fun way.