certbot renewal issue

[cyberb]

1. Should use privkey.pem
2. Should use --force-renewal flag

Workaround is to edit this file, there should be one depending on the version of the platform (1325 in my case). Use the following commit to see what changes has to be done: https://github.com/syncloud/platform/commit/806aca4f94700052e92dd88e1b5090c62841bccb

/opt/app/platform/python/lib/python2.7/site-packages/syncloud_platform-1425-py2.7.egg/syncloud_platform/certbot/certbot_generator.py

Relink private key

rm  /opt/data/platform/syncloud.key
ln -s /opt/data/platform/certbot/live/borisrpi.syncloud.it/privkey.pem  /opt/data/platform/syncloud.key

Restart:

systemctl restart platform.uwsgi-public
systemctl restart platform.nginx

[cyberb]

Fixed by: https://github.com/syncloud/platform/commit/806aca4f94700052e92dd88e1b5090c62841bccb

[cyberb]

Simplest workaround right now is unfortunatley to reflash device.

[cyberb]

Renewal is not working also because we use webroot mode which requires device to be accessible by http. https://certbot.eff.org/docs/using.html#getting-certificates-and-choosing-plugins

We may need to switch to nginx plugin which can do renewal using https.

[cyberb]

closing in preparation for Release 17.08