Switches from cron to systemd

handlers/main.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Restart certbot-renew service
+  service:
+    name: certbot-renew
+    state: restarted
+    enabled: true
+  listen: restart-certbot-renew-service

tasks/main.yml

@@ -7,5 +7,5 @@
 - include: install-from-source.yml
   when: certbot_install_from_source
 
-- include: renew-cron.yml
+- include: systemd.yml
   when: certbot_auto_renew

tasks/systemd.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Create certbot-renew service
+  template:
+    src: certbot-renew.service.j2
+    dest: /etc/systemd/system/certbot-renew.service
+  notify: restart-certbot-renew-service
+
+- name: Create certbot-renew timer
+  template:
+    src: certbot-renew.timer
+    dest: /etc/systemd/system/certbot-renew.timer
+  notify: restart-certbot-renew-service

templates/certbot-renew.service.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=Let's Encrypt renewal
+
+[Service]
+User={{ certbot_auto_renew_user }}
+Type=oneshot
+ExecStart={{ certbot_script }} renew --quiet --agree-tos
+
+ExecStartPost=/bin/systemctl reload {{ certbot_web_service }}.service

templates/certbot-renew.timer.j2

@@ -0,0 +1,9 @@
+[Unit]
+Description=Periodically check for Let's Encrypt's certificates renewal
+
+[Timer]
+OnCalendar=*-*-* {{ certbot_auto_renew_hour }}:{{ certbot_auto_renew_minute }}:00
+Persistent=true
+
+[Install]
+WantedBy=timers.target

vars/Ubuntu-16.04.yml

@@ -1 +1,2 @@
 certbot_package: letsencrypt
+certbot_web_service: apache2