From 49664dbc8d7ec2aedafe2e8d2ac829798b21e4fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Fri, 22 Sep 2017 11:53:01 +0200
Subject: [PATCH] The renew hook now needs to be an executable in the path

An absolute path doesn't work anymore.

Also send an email containing STDERR when the renewal command fails
---
 site-cookbooks/kosmos-base/recipes/letsencrypt.rb | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/site-cookbooks/kosmos-base/recipes/letsencrypt.rb b/site-cookbooks/kosmos-base/recipes/letsencrypt.rb
index 716c3a2..40794d9 100644
--- a/site-cookbooks/kosmos-base/recipes/letsencrypt.rb
+++ b/site-cookbooks/kosmos-base/recipes/letsencrypt.rb
@@ -10,7 +10,7 @@
 git "/usr/local/certbot" do
   repository "https://github.com/certbot/certbot"
   action     :sync
-  revision   "v0.13.0"
+  revision   "v0.18.2"
   user       "root"
   group      "root"
 end
@@ -36,7 +36,7 @@ EOF
 
 file "/usr/local/bin/letsencrypt_renew_hook" do
   content letsencrypt_renew_hook
-  mode 0700
+  mode 0755
   owner "root"
   group "root"
 end
@@ -44,6 +44,7 @@ end
 cron "renew Let's Encrypt certificates" do
   minute "0"
   hour "4"
+  mailto "logs@5apps.com"
   # The post hook is only executed if a cert has been renewed
-  command "/usr/local/certbot/certbot-auto renew --renew-hook \"/usr/local/bin/letsencrypt_renew_hook\" -n"
+  command "/usr/local/certbot/certbot-auto renew --renew-hook letsencrypt_renew_hook -n 1> /dev/null"
 end