Awsbackup.apoyar.eu SSL Renew

From Apoyar Wiki
Jump to navigation Jump to search

Karol's Comments -

First, you need to allow SSH in the AWS from Nagios.

Then, go to Nagios and use the keypair specified in the AWS console.

The user is cpmuser

This cannot be changed as with every update the whole machine gets replaced, only sustaining the data drive.

Please also run apt-get update and apt-get upgrade and apt-get dist-upgrade and apt-get autoclean there.

It's safe to reboot as many times you need, as the backups start at 20:00 CET.


STEPS -


- Allow SSH access from Nagios to backup_machine

- Connect to nagios.apoyar with neal user

su (ap0yar)

cd /root/.ssh/

ssh -i "zeb.pem" cpmuser@18.200.187.204 (this will connect to backup_machine server)

go to /etc/apache2/sites-available/

first run below command

certbot --dry-run renew

It should give message like - Congratulations, all simulated renewals succeeded

if giving any error need to resolve that first

If its related to port 80, we need to free up that port for renewal check what are running services with below command

netstat -tulpn | grep LISTEN

if we find any service running on port 80.. stop that and then try "certbot --dry-run renew" command again once its got succeeded then we have to run below command

certbot renew (this will automatically renew existing SSL certificate).

also we have to run below commands on by one

apt-get update

apt-get upgrade

apt-get dist-upgrade

apt-get autoclean


Note :- While running above commands it will ask either to upgrade or keep existing .conf files, so we have to keep existing with N or O

Also if machine need reboot, we can do it in day time.

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=Awsbackup.apoyar.eu_SSL_Renew&oldid=255