From 94eba820ae1d0e575204511dc12e9d0095fd58ec Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Tue, 21 Nov 2017 16:43:01 +0100 Subject: [PATCH] letsencrypt: sleep for at most 1200 seconds before running the certificate renewal script. --- letsencrypt-acmetool-client/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt-acmetool-client/tasks/main.yml b/letsencrypt-acmetool-client/tasks/main.yml index 22887f42..100f1d33 100644 --- a/letsencrypt-acmetool-client/tasks/main.yml +++ b/letsencrypt-acmetool-client/tasks/main.yml @@ -125,7 +125,7 @@ - name: Install a daily cron job to renew the certificates when needed become: True become_user: '{{ letsencrypt_acme_user }}' - cron: name="Letsencrypt certificate renewal" special_time=daily job="/usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1" + cron: name="Letsencrypt certificate renewal" special_time=daily job="SLEEP_SECONDS=$(echo $[($RANDOM %1200)]) ; sleep ${SLEEP_SECONDS} ; /usr/local/bin/acme-cert-request > {{ letsencrypt_acme_log_dir }}/acme-cron.log 2>&1" when: letsencrypt_acme_install tags: letsencrypt