From 100738c1a5c53ef3fb77cb14c06537f8305f4191 Mon Sep 17 00:00:00 2001
From: Tobias Richter <tobias.richter@diva-e.com>
Date: Fri, 9 Apr 2021 18:19:57 +0200
Subject: [PATCH] Add support for renewal hooks in systemd, originally
 contributed by @funkyfuture and @tomasbedrich

---
 tasks/renew-cron.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/tasks/renew-cron.yml b/tasks/renew-cron.yml
index 394a30e..bd9a950 100644
--- a/tasks/renew-cron.yml
+++ b/tasks/renew-cron.yml
@@ -6,3 +6,24 @@
     minute: "{{ certbot_auto_renew_minute }}"
     hour: "{{ certbot_auto_renew_hour }}"
     user: "{{ certbot_auto_renew_user }}"
+
+- block:
+    - name: Remove cron job for certbot renewal.
+      cron:
+        name: Certbot automatic renewal.
+        state: absent
+    - name: Configure renewal hooks to stop services
+      copy:
+        dest: /etc/letsencrypt/renewal-hooks/pre/stop_services
+        content: |
+          #!/bin/sh
+          systemctl stop {{ certbot_create_standalone_stop_services | join(" ") }}
+        mode: ug=rx,o=
+    - name: Configure renewal hooks to start services
+      copy:
+        dest: /etc/letsencrypt/renewal-hooks/post/start_services
+        content: |
+          #!/bin/sh
+          systemctl start {{ certbot_create_standalone_stop_services | join(" ") }}
+        mode: ug=rx,o=
+  when: ansible_service_mgr == "systemd"