On Mon, Jul 24, 2023 at 09:49:58AM -0400, Wietse Venema via Postfix-users <postfix-users@postfix.org> wrote:
> Bernardo Reino via Postfix-users: > > >> I cannot imagine why/when the cerbot client would fail to run the > > >> post-hooks (in a sane environment). > > > > > > Systems crash. What are the reliability guarantees from the certbot > > > client: will it run once, or will it somehow maintain state and > > > recover when a run was interrupted by a system crash? > > > > In such cases, and/or just "on top" of the certbot renewal hooks, > > one could have a cron job doing "postmap" and/or "postfix reload" > > or whatever, as Viktor wrote. (but again, then your cron job must > > make sure that certbot is not (con)currently running). > > In other words, reliable execution requires a cron job, idempotent > actions, and a locking mechanism. > > Wietse I once wrote a nice little tool called "noexcuses" (https://github.com/raforg/noexcuses) that can be used in crontabs to ensure that a cronjob would run until it succeeded. It would run the cronjob, and if it failed, it would become a daemon retrying occasionally until someone fixed whatever the problem was so that the cronjob could succeed. If the cronhost was down when the cronjob was supposed to run (or crashed before success), it would detect that when the cronhost came back up. It could even migrate lost cronjobs to a new cronhost if the old cronhost couldn't be brought back up in time (if its state is stored on a remote fileserver). It's each cronjob's responsibility to indicate success/failure by its exit code, and to be idempotent. It was very handy when I had system administrators who were careless in the machine room. It could probably be used without cron, but it was really aimed at making cronjobs reliable. cheers, raf _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org