🏒 Lucian Marin
Cron job for automatic renewal of SSL certificate: 0 0 1 */1 * certbot renew --renew-hook "systemctl reload nginx". We will see if it works in the coming months.
👨💻 Matthieu V.
I found Caddy server more reliable than me at renewing certificates since it is checking it at each request !
🧐 Nrmn
I actually thought about switching my web server from nginx to Caddy a couple of times already. Was too afraid of the complications for now though.
💎 Mā
This week I consolidated my personal web projects on to Caddy and agree fully! It's a very nice daemon so far, and it has good sane TLS configuration defaults. The number of servers shipping with antiquated TLS defaults in 2020 is tragic. I only have a couple gripes... 1) not all configuration parameters are exposed in the Caddyfile so you might ultimately need to configure it via JSON/yaml/toml, and 2) no process privsep (not such a big deal if run in a container/jail).