Don't abort cert renewal when a single domain fails

The renewal script was exiting immediately when certbot returned a
non-zero exit code, which happens when ANY cert fails to renew. A
single dead domain (e.g., DNS no longer pointed here) would block
ALL other certificates from being processed and combined for HAProxy.

Now logs the failures but continues to copy/combine successfully
renewed certificates and reload HAProxy.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

scripts/renew-certificates.sh

@@ -20,12 +20,21 @@ log_error() {
 
 log_info "Starting certificate renewal process"
 
-# Run certbot renewal
+# Run certbot renewal — don't exit on failure, some certs may have
-if certbot renew --quiet --no-random-sleep-on-renew; then
+# renewed successfully even if others failed (e.g., domain no longer
-    log_info "Certbot renewal completed"
+# pointed here). Continue to copy/combine whatever succeeded.
+CERTBOT_OUTPUT=$(certbot renew --no-random-sleep-on-renew 2>&1)
+CERTBOT_EXIT=$?
+
+if [ $CERTBOT_EXIT -eq 0 ]; then
+    log_info "Certbot renewal completed successfully"
 else
-    log_error "Certbot renewal failed with exit code $?"
+    log_error "Certbot renewal had failures (exit code $CERTBOT_EXIT):"
-    exit 1
+    # Log the specific failures
+    echo "$CERTBOT_OUTPUT" | grep -E "Failed to renew|failure" | while read -r line; do
+        log_error "  $line"
+    done
+    log_info "Continuing to process successfully renewed certificates..."
 fi
 
 # Copy all certificates to HAProxy format