Bip cert renewal failed silently
Certbot renewed the certificate properly and the hooks were run successfully too:
2021-04-11 08:09:47,622:INFO:certbot.auth_handler:dns-01 challenge for irc-bouncer.duckcorp.org 2021-04-11 08:09:47,741:INFO:certbot.plugins.dns_common:Waiting 15 seconds for DNS changes to propagate 2021-04-11 08:10:02,756:INFO:certbot.auth_handler:Waiting for verification... 2021-04-11 08:10:07,523:INFO:certbot.auth_handler:Cleaning up challenges 2021-04-11 08:10:09,509:INFO:certbot.hooks:Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/dc_cert_renewal_deploy 2021-04-11 08:10:09,544:INFO:certbot.hooks:Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/dc_cert_renewal_restart_services
Systemd tells me the service was restarted 3 days ago:
# systemctl status bip ● bip.service - Bip IRC Proxy Loaded: loaded (/lib/systemd/system/bip.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2021-05-02 06:09:20 CEST; 3 days ago
But this is not true:
# ps -fe | grep bip bip 22486 1 15 Feb03 ? 13-19:29:33 /usr/bin/bip -f /etc/bip/bip.conf -s /var/lib/bip
So I restarted manually with systemctl:
May 05 14:11:04 Thorfinn systemd: Starting Bip IRC Proxy... May 05 14:11:04 Thorfinn systemd: bip.service: Found left-over process 22486 (bip) in control group while starting unit. Ignoring. May 05 14:11:04 Thorfinn systemd: This usually indicates unclean termination of a previous run, or service implementation deficiencies. May 05 14:11:04 Thorfinn systemd: Started Bip IRC Proxy.
and the old process (22486) is still there…
I guess the solution would be to when the service file to avoid daemonizing with the -n option and switch to Type=simple.