From 60be494bcbb47c6ba809b11444994c945564243d Mon Sep 17 00:00:00 2001
From: Frank Sachsenheim <funkyfuture@riseup.net>
Date: Fri, 18 Dec 2020 16:51:19 +0100
Subject: [PATCH] Use systemd unit for renewal where installed

---
 tasks/renew-cron.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tasks/renew-cron.yml b/tasks/renew-cron.yml
index 394a30e..3c4a455 100644
--- a/tasks/renew-cron.yml
+++ b/tasks/renew-cron.yml
@@ -6,3 +6,19 @@
     minute: "{{ certbot_auto_renew_minute }}"
     hour: "{{ certbot_auto_renew_hour }}"
     user: "{{ certbot_auto_renew_user }}"
+  when: certbot_install_from_source or ansible_service_mgr != "systemd"
+
+- block:
+    - name: Remove cron job for certbot renewal.
+      cron:
+        name: Certbot automatic renewal.
+        state: absent
+    - name: Adapt systemd unit for renewal
+      lineinfile:
+        path: /lib/systemd/system/certbot.service
+        regexp: ^ExecStart=.*
+        line: ExecStart={{ certbot_script }} renew {{ certbot_auto_renew_options }}
+  when:
+    # certbot packages come with a timer unit for this job
+    - not certbot_install_from_source
+    - ansible_service_mgr == "systemd"