Randomize acme.sh cron schedule in installation and upgrade scripts to prevent traffic spikes to Let's Encrypt. Added logic to generate random hour and minute for cron job entries, enhancing the installation process.

2025-12-31 22:26:50 +01:00 · 2025-12-31 22:26:50 +01:00 · dc8bc57b35
parent 47dc442ace
commit dc8bc57b35
2 changed files with 21 additions and 6 deletions
--- a/install/install.py
+++ b/install/install.py
@ -4688,13 +4688,18 @@ user_query = SELECT email as user, password, 'vmail' as uid, 'vmail' as gid, '/h

            cronFile = open(cronPath, "w")

+            # Randomize acme.sh cron schedule to avoid traffic spikes to Let's Encrypt
+            # Generate random hour (0-23) and minute (0-59) for each installation
+            acme_hour = random.randint(0, 23)
+            acme_minute = random.randint(0, 59)
+
            content = """
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup >/dev/null 2>&1
 0 0 1 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup >/dev/null 2>&1
 0 2 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/upgradeCritical.py >/dev/null 2>&1
 0 0 * * 4 /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/renew.py >/dev/null 2>&1
-7 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
+%d %d * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
 0 0 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Daily
 0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Weekly

@ -4707,7 +4712,7 @@ user_query = SELECT email as user, password, 'vmail' as uid, 'vmail' as gid, '/h
 0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Week'

 */3 * * * * if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then /usr/local/lsws/bin/lswsctrl restart; fi
-"""
+""" % (acme_minute, acme_hour)

            cronFile.write(content)
            cronFile.close()
--- a/plogical/upgrade.py
+++ b/plogical/upgrade.py
@ -5020,20 +5020,25 @@ vmail
            data = open(cronPath, 'r').read()

            if data.find('findBWUsage') == -1:
+                # Randomize acme.sh cron schedule to avoid traffic spikes to Let's Encrypt
+                # Generate random hour (0-23) and minute (0-59) for each installation
+                acme_hour = random.randint(0, 23)
+                acme_minute = random.randint(0, 59)
+                
                content = """
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup >/dev/null 2>&1
 0 0 1 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup >/dev/null 2>&1
 0 2 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/upgradeCritical.py >/dev/null 2>&1
 0 0 * * 4 /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/renew.py >/dev/null 2>&1
-7 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
+%d %d * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
 0 1 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py ssl_reconcile --all >/dev/null 2>&1
 */3 * * * * if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then /usr/local/lsws/bin/lswsctrl restart; fi
 * * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py run_scheduled_scans >/usr/local/lscp/logs/scheduled_scans.log 2>&1
 """

                writeToFile = open(cronPath, 'w')
-                writeToFile.write(content)
+                writeToFile.write(content % (acme_minute, acme_hour))
                writeToFile.close()

            if data.find('IncScheduler.py') == -1:
@ -5070,18 +5075,23 @@ vmail


        else:
+            # Randomize acme.sh cron schedule to avoid traffic spikes to Let's Encrypt
+            # Generate random hour (0-23) and minute (0-59) for each installation
+            acme_hour = random.randint(0, 23)
+            acme_minute = random.randint(0, 59)
+            
            content = """
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1
 0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup >/dev/null 2>&1
 0 0 1 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup >/dev/null 2>&1
 0 2 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/upgradeCritical.py >/dev/null 2>&1
 0 0 * * 4 /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/renew.py >/dev/null 2>&1
-7 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
+%d %d * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
 0 1 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py ssl_reconcile --all >/dev/null 2>&1
 0 0 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Daily
 0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Weekly
 * * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py run_scheduled_scans >/usr/local/lscp/logs/scheduled_scans.log 2>&1
-"""
+""" % (acme_minute, acme_hour)
            writeToFile = open(cronPath, 'w')
            writeToFile.write(content)
            writeToFile.close()