Hey there, I found an issue in the PR recently that affects the auto-renewal process. Nginx will still serve the old certificate after renewal succeeds since it's never restarted or reloaded. I have another PR open to fix this, but there's a manual way to apply the fix if you're so inclined (and you still have that Streisand server up and running).
Obviously this only applies if you don't plan on destroying/recreating your Streisand server after the newer PR gets merged (EDIT--just got merged). But just in case, the steps are pretty easy (it's in the PR here too: https://github.com/StreisandEffect/streisand/pull/1688):
If your cert was already auto-renewed (unlikely given the timeline), you'll also need to run systemctl reload nginx to serve the new cert, since the deploy script wasn't present when certbot ran the renewal.
Obviously this only applies if you don't plan on destroying/recreating your Streisand server after the newer PR gets merged (EDIT--just got merged). But just in case, the steps are pretty easy (it's in the PR here too: https://github.com/StreisandEffect/streisand/pull/1688):
If your cert was already auto-renewed (unlikely given the timeline), you'll also need to run systemctl reload nginx to serve the new cert, since the deploy script wasn't present when certbot ran the renewal.