Trouble creating post-hook script for Letsencrypt container

Hi, I am wanting to monitor /home/me/letsencrypt/etc/letsencrypt/live on my docker host, so that when a new certificate is issued I can propagate it as needed to another virtual machine hosting another server.

I have installed incron which is supposed to be able to act like cron but for changes in files/folders as a trigger rather than times as with cron.

The problem is that it doesn’t detect changes in that folder that are made by the letsencrypt container despite it being a local folder. If I manually create a file in the folder incron picks it up and triggers my script. So I am guessing it has something to do with inotify not detecting changes made by docker containers?

If anybody could provide any advice about this I would be most grateful.

Easiest way to accomplish that would be to have a cron script check the target of the symlink under /config/keys/letsencrypt/privkey.pem and if it changed, copy the certs over

I tried the target of the symlink and it doesn’t make a difference. Another thing I’ve noticed is that if I’m in the directory in question after letsencrypt creates new files, when I issue an ‘ls’ command I get nothing showing in the directory. I have to back out one level and then re-enter the folder before any files are showing in it.

What do you mean by it doesn’t make a difference?

I’m telling you to use a cron script, not inotify/incron.

touch textfile.txt
RESULT=$(readlink -f /config/keys/letsencrypt/privkey.pem)
[[ "$RESULT" != "$(cat textfile.txt)" ]] && \
echo "$RESULT" > textfile.txt && \
cp blah blah

Run that script every 5 minutes or whenever

Thank you, that gave me enough to get it sorted. I used the following:

LIVECERT=$(cat //letsencrypt/etc/letsencrypt/live//fullchain.pem )
COMPARECERT=$(cat /home/*****/sslcompare.pem)

if [[ “$LIVECERT” != “$COMPARECERT” ]]; then
echo “Files not the same, copying certs to server”
scp …
scp …
echo “Restarting services…”
ssh commands…
echo “Duplicating cert to track changes”
cp //letsencrypt/etc/letsencrypt/live//fullchain.pem /home/****/sslcompare.pem
echo “… Done.”
elif [[ “$LIVECERT” = “$COMPARECERT” ]]; then
echo “Files the same, nothing to do here”