commit 83e32fcac8e4f0784db9a551b14048c728849c7a
Author: sup39 <dev@sup39.dev>
Date:   Sat Jun 18 01:55:49 2022 +0900

    init

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0570038
--- /dev/null
+++ b/README.md
@@ -0,0 +1,7 @@
+# certrenew.service
+A sample to configure certbot auto renew with systemd
+
+## Reference
+- [crontabを捨てsystemdに定期実行を任せよう。(narikei)](https://qiita.com/narikei/items/ca4823c7f6790f0cbe0b)
+- [systemd .timerについて調べた事を記事にしておく(SOUICHIROU)](https://www.souichi.club/raspberrypi/systemd-timer/#OnCalendar)
+- [How do I reload a group of systemd services?](https://unix.stackexchange.com/questions/334471/how-do-i-reload-a-group-of-systemd-services)
diff --git a/certrenew.path b/certrenew.path
new file mode 100644
index 0000000..1a79c20
--- /dev/null
+++ b/certrenew.path
@@ -0,0 +1,8 @@
+[Unit]
+Description=Restart services which use SSL when the cert directory changes
+
+[Path]
+PathChanged=/etc/letsencrypt/live
+
+[Install]
+WantedBy=multi-user.target
diff --git a/certrenew.service b/certrenew.service
new file mode 100644
index 0000000..440bca2
--- /dev/null
+++ b/certrenew.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Service to renew letsencrypt certs
+
+[Service]
+Type=simple
+
+## NOTE
+# (1) comment out one of the following ExecStart
+# (2) check if the path to certbot is correct
+# (3) check if the credentials file is correct
+
+## cloudflare
+#ExecStart=/usr/local/bin/certbot renew --non-interactive --agree-tos --preferred-challenges dns --authenticator dns-cloudflare --dns-cloudflare-credentials /etc/certbot/cloudflare.ini --dns-cloudflare-propagation-seconds 10
+
+## porkbun
+#ExecStart=/usr/local/bin/certbot renew --non-interactive --agree-tos --preferred-challenges dns --authenticator dns-porkbun --dns-porkbun-credentials /etc/certbot/porkbun.ini --dns-porkbun-propagation-seconds 10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/certrenew.target b/certrenew.target
new file mode 100644
index 0000000..2635936
--- /dev/null
+++ b/certrenew.target
@@ -0,0 +1,3 @@
+[Unit]
+Description=Services which need reloaded with SSL certs are updated
+PropagatesReloadTo=nginx postfix dovecot
diff --git a/certrenew.timer b/certrenew.timer
new file mode 100644
index 0000000..0b1e91a
--- /dev/null
+++ b/certrenew.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Timer to renew letsencrypt certs periodically
+
+[Timer]
+OnCalendar=*-*-4,14,24 04:15:15
+RandomizedDelaySec=31m17s
+
+[Install]
+WantedBy=timers.target