Homeassistant Blueprint for SSL-Certificate renewal

renew_ssl_cert.yaml

blueprint:
  name: Renew Let's Encrypt Certificate
  description: Renew Certificate when due date is below given value
  domain: automation
  input:
    cert_expiry_sensor:
        name: Certificate Expiry Sensor
        description: Sensor from the Certificate Expiry Integration (https://www.home-assistant.io/integrations/cert_expiry)
        selector:
            entity:
                integration: cert_expiry
    renew_date:
        name: Certificate renewal date
        description: Date when the SSL-Certificate will be renewed
        selector:
            number:
                min: 1
                max: 29
                mode: slider
                unit_of_measurement: "days"
        default: 5
    time_to_check_cert:
        name: Certificate check time
        description: Time when the certificate date will be checked.
        selector:
            time:
    restart_after_renewal:
        name: Restart Home Assistant
        description: Restarts the Home Assistant when the certificate is renewed. (if enabled)
        selector:
            boolean:
        default: true
    minuts_till_restart:
        name: Minutes until restart
        description: Minutes until restart of Home Assistant if restart is enabled
        selector:
            number:
                min: 1
                max: 60
                mode: slider
                unit_of_measurement: "minutes"
        default: 5
    send_notification:
        name: Send notification
        description: Sends a notification to a device if enabled
        selector:
            boolean:
        default: false
    notification_device:
        name: Device to notify
        description: Device which will be notified.
        selector:
            device:
                integration: mobile_app
    notification_title:
        name: Notification title
        description: Notification title for notification that is sent when the certificate has been renewed.
    notification_message:
        name: Notification message
        description: Notification that is sent when the certificate has been renewed.
alias: Renew SSL Cert
description: ''
trigger:
  - platform: time
    at: !input time_to_check_cert
condition:
  - condition: template
    value_template: '{{ expire_days_var < var_check }}'
action:
  - service: hassio.addon_start
    data:
      addon: core_letsencrypt
  - choose:
    - conditions:
        - condition: template
          value_template: '{{ send_notification_var }}'
      sequence:
        - device_id: !input notification_device
          domain: mobile_app
          type: notify
          title: '{{ message_title_var }}'
          message: '{{ message_var }}'
    default: []
  - choose:
    - conditions: 
        - condition: template
          value_template: '{{ restart_after_renewal_var }}'
      sequence:
        - delay:
              hours: 0
              minutes: !input minuts_till_restart
              seconds: 0
              milliseconds: 0
        - service: hassio.host_reboot
    default: []
mode: single
variables:
  certificate_var: !input cert_expiry_sensor
  var_check: !input renew_date
  message_var: !input notification_message
  message_title_var: !input notification_title
  restart_after_renewal_var: !input restart_after_renewal
  send_notification_var: !input send_notification
  expire_days_var: >-
    {{ ((as_timestamp(states(certificate_var)) - as_timestamp(now())) / 60 / 60 / 24 ) | int }}

Just tried to set this up as part of a new install for renewing a Let's Encrypt cert. I can't seem to get the thing to work; I don't have the option to send a notification checked, however it will not let me continue without setting a notification device or message. Since I don't have a device with the app installed I can't continue...

Can you Update line 34 please? The line reads: "name: Minutes untile restart" and contains a typo. it must be: "name: Minutes until restart" (no more e after until :D

@eagle00789 fixed typo now. Thx for recommending!

Just tried to set this up as part of a new install for renewing a Let's Encrypt cert. I can't seem to get the thing to work; I don't have the option to send a notification checked, however it will not let me continue without setting a notification device or message. Since I don't have a device with the app installed I can't continue...

I too have the issue where I cannot save the blueprint without a device to notify.
I do not have a mobile device registered to my HA instance, so cannot select and therefore cannot save.
Is it possible to ignore the last three fields when not enabling notifications? Else the option is moot.
Thanks!

Hey @q20, I'm no longer updating this blueprint. However, there are multiple forks of my version. In my HA Community thread (https://community.home-assistant.io/t/blueprint-for-automatic-renewal-of-a-lets-encrypt-certificate/300533), I mentioned some other versions where notifications aren't necessary. I hope you find a version that fits your needs!

Ah, thanks for the heads-up, @TJ-developer. I'll take a look at the other offerings. 👍