Cron refuses to reload nginx after certbot certificates renewal

Question

OS : Debian GNU/Linux 10 (buster)
Certbot : certbot 1.11.0

I'm trying to use this cronjob:

{ certbot renew; nginx -t && service nginx reload; } &>/dev/null

certbot renew works OK - I see that the certificate is fresh. But nginx doesn't being reloaded.

If I enter certbot renew; nginx -t && service nginx reload certbot renew; nginx -t && service nginx reload in command line, everything works perfectly.

I have read that I can use certbot hooks. I wrote one in /etc/letsencrypt/renewal-hooks/deploy/001-restart-nginx.sh , and here are the permissions:

drwxr-xr-x 88 root root 4096 Jan 31  2021 /etc/
drwxr-xr-x 9  root root 4096 Sep 20 19:37 /etc/letsencrypt/
drwxr-xr-x 5  root root 4096 Jan 29  2021 /etc/letsencrypt/renewal-hooks/
drwxr-xr-x 2  root root 4096 May 17 06:10 /etc/letsencrypt/renewal-hooks/deploy/
-rwxr-xr-x 1  root root 21   May 17 06:10 /etc/letsencrypt/renewal-hooks/deploy/001-restart-nginx.sh

The content of 001-restart-nginx.sh is:

service nginx reload

Even with the hook nginx still doesn't reload.

Answer 1

CRON does not populate the PATH environment variable - so you have to always provide the full path for every command. In your case these are:

1. the path to CertBot binary
2. the path to nginX binary
3. the path to the "service" BASH script