Merge branch 'master' into ipv6-new

Author: aptalca

README.md

@@ -141,7 +141,8 @@ This will *ask* Google et al not to index and list your site. Be careful with th
 
 ## Versions
 
-+ **05.12.18:** Add ipv6 and http/2 support to default site config.
++ **19.12.18:** Add ipv6 and http/2 support to default site config.
++ **08.12.18:** Had to remove cert renewal during container start due to certbot's new undocumented "feature" of up to 8 minute random delay.
 + **03.12.18:** Fix silly bug resetting the duckdns token.
 + **02.12.18:** Add dns validation support for ovh.
 + **20.11.18:** Externalize reverse proxy confs to separate github repo `linuxserver/reverse-proxy-confs`, update baseimage packages during build

root/etc/cont-init.d/50-config

@@ -228,12 +228,11 @@ if [ ! -f "/config/keys/letsencrypt/fullchain.pem" ]; then
     sleep infinity
   fi
   openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
+  sleep 1
   cat {privkey,fullchain}.pem > priv-fullchain-bundle.pem
+  echo "New certificate generated; starting nginx"
 else
-  echo "Certificate exists; parameters unchanged; attempting renewal"
-  chmod +x /app/le-renew.sh
-  sleep 1
-  /app/le-renew.sh
+  echo "Certificate exists; parameters unchanged; starting nginx"
 fi
 
 # logfiles needed by fail2ban
@@ -247,3 +246,4 @@ chown -R abc:abc \
 	/config
 chmod -R 0644 /etc/logrotate.d
 chmod -R +r /config/log
+chmod +x /app/le-renew.sh