Document a way to keep letsencrypt certificates while resetting rest of the config

[hannob]

I have found issues discussing similar things, but nothing yet in this direction.

I recently ran into the Let's Encrypt ratelimit while trying out various things in a Jitsi Meet Docker installation.

The key problem here seems to be that in order to update configurations one shall delete the configuration dir, but that will also remove existing certificates, causing a reissuance. And Let's Encrypt blocks after 5 reissuances.

What I'd like to have is an easy way to keep the certificate, but reset everything else. I'm not sure if that'd be possible by e.g. keeping the ~/.jitsi-meet-cfg/web/letsencrypt dir and removing anything else. Or maybe an option could be added that one can somehow pass a path to existing certs from an old config dir. In any case: I think this issue should be mentioned in the documentation somehow and solutions to it should be proposed.

[mmgutsche]

Additionally, it would be great to pass the dry-run flag to certbot via an environment variable.

[c-goes]

A few months ago, I tested this solution (only keep the letsencrypt dir). It worked well. It is rarely a good idea to delete the letsencrypt folder, you get notifications about expiring certificates that you cannot renew any more because they're deleted. Solution could be to make another volume just for letsencrypt, so it's easier to delete just the jitsi config.

[fireba11]

Another option would be to use the letsencrypt staging servers for testing ;-)

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.