> For the complete documentation index, see [llms.txt](https://documentation.tjhsst.edu/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.tjhsst.edu/services/www/administration.md). # Administration This page describes how to accomplish certain administration tasks on [WWW](/services/www.md) ## SSL We use Let's Encrypt for SSL, using Certbot. Let's Encrypt certificates expire every 90 days and are renewed every 60 days. Renewal is automated, but several other servers use the wildcard certificate and must pull the updated one. The most important of these are the mail servers, which use the certificate for SMTP. The script `update-ssl.sh` in the root home directory of Casey and Smith should handle this. After certificates are renewed, run the update-ssl script on: * Mail servers (Smith and Casey) * IPA servers, for the web ui * Monitor/Grafana ## Scripts This section contains various other scripts to do useful things on [WWW](/services/www.md). ### What to do if the webserver goes down 1. Log in to remote.tjhsst.edu (or if you're already on the internal network, that's fine too) 2. `ssh root@www` 3. `systemctl restart nginx` This restarts nginx and ensures that the service manager is still in a consistent state. The website should work after this (if not, try clearing cache/etc, it's possible a redirect to an error page might've been cached, although it shouldn't be). ### If SSL doesn't renew automatically The certbot command is `certbot certonly`\ `--manual \`\ `--preferred-challenges dns \`\ `--manual-auth-hook /usr/local/bin/certbot-ipa-dns-update.sh \`\ `--deploy-hook "nginx -s reload" \`\ `--manual-cleanup-hook /usr/local/bin/certbot-ipa-dns-cleanup.sh \`\ `-d tjhsst.edu \`\ `-d '*.tjhsst.edu' \`\ `--non-interactive --agree-tos -m lead-sysadmins@tjhsst.edu --no-eff-email \`\ `--expand` You can try running this manually to see the error. You can also look at the script in `/usr/local/bin/certbot-ipa-dns-update.sh` to see what it's supposed to do. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://documentation.tjhsst.edu/services/www/administration.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.