Best way to get notification if LE refreshing fails

[frasche]

trafficstars

We are using this proxy for some web services provided by containers and it works great. Only a few days ago, refreshing the lets encrypt certificate for one container fails, because we accidentally forgot to remove an old domain. Now I am wondering, what would be the best way to monitor failed certificate refreshes? Maybe I missed something, but as far as I see, there is no mail sending on exceptions (or any other notification) of the python script.

The only thing that come to my mind, would be an icinga/Nagios plugin, that parses the logs of this container for python exceptions.

Any other ideas, concepts? How do you monitor your companion containers?

[buchdag]

@frasche if you provided a valid email address as DEFAULT_EMAIL you're supposed to receive mail notifications from Let's Encrypt when the certificate(s) obtained with the related ACME account are reaching expiration and haven't been renewed.

But the instrumentation question is actually a very interesting point. What in your opinion would be a sensible way for the container to allow this kind of monitoring ?