Update to match new setup

README.md

@@ -6,7 +6,7 @@ instance running (for web remote access if need be). We must manually unlock cer
 ### Files
 * `etc-letsencrypt.mount` allows to unlock and mount encrypted certificates volume.
   * Relevant information should be added to `/etc/crypttab`.
-* `etc-letsencrypt.timer` is a timer to automatically start previous unit, **but this is currently not used**.
+  * Make sure that `/etc/letsencrypt` directory exists
 * `wait-for-dns.conf` is a drop-in Systemd unit file, which prevents nginx to start before DNS server is operational.
 #### Installation
 * `install.sh` script copies Systemd files to their destination.

etc-letsencrypt.mount

@@ -1,8 +1,7 @@
-# ALERT nginx.service must NOT be enabled
 [Unit]
 Description=Mount Let's Encrypt data directory
 Wants=systemd-cryptsetup@lecrypt.service
-After=systemd-cryptsetup@lecrypt.service network.target
+After=systemd-cryptsetup@lecrypt.service
 
 [Mount]
 What=/dev/mapper/lecrypt
@@ -10,3 +9,6 @@ Where=/etc/letsencrypt
 Type=ext4
 Options=rw,relatime
 TimeoutSec=45
+
+[Install]
+WantedBy=default.target

etc-letsencrypt.timer

@@ -1,10 +0,0 @@
-# WARNING not used in current setup
-[Unit]
-Description=Try to mount letsencrypt certs after boot
-
-[Timer]
-Unit=etc-letsencrypt.mount
-OnBootSec=30
-
-[Install]
-WantedBy=timers.target

install.sh

@@ -24,8 +24,9 @@ $sudo cp $run_directory/wait-for-dns.conf /etc/systemd/system/nginx.service.d/
 
 echo "Reloading Systemd..."
 $sudo systemctl daemon-reload
-echo "Disabling nginx..."
-$sudo systemctl disable nginx
+echo "Enabling etc-letsencrypt.mount..."
+$sudo systemctl enable etc-letsencrypt.mount
+# WARNING you should enable this mount (and keep nginx.service enabled) if your volume does not unlock automatically
 
 echo "Finished install. Exiting..."
 exit 0