Skip to content

Instantly share code, notes, and snippets.

@mdeweerd

mdeweerd/renew_ssl_cert.yaml

Forked from e28eta/renew_ssl_cert.yaml
Last active January 17, 2025 19:00
Show Gist options
  • Save mdeweerd/c9040a56379e31173094e9354583b953 to your computer and use it in GitHub Desktop.
Save mdeweerd/c9040a56379e31173094e9354583b953 to your computer and use it in GitHub Desktop.
Download ZIP
Homeassistant Blueprint for SSL-Certificate renewal
Raw
renew_ssl_cert.yaml
---
blueprint:
name: Renew Let's Encrypt Certificate
description: Renew Certificate when due date is below given value
domain: automation
input:
cert_expiry_sensor:
name: Certificate Expiry Sensor
description: "Sensor from the Certificate Expiry Integration (https://www.home-assistant.io/integrations/cert_expiry)"
selector:
entity:
filter:
- integration: cert_expiry
renew_date:
name: Certificate renewal date
description: Date when the SSL-Certificate will be renewed
selector:
number:
min: 1
max: 29
mode: slider
unit_of_measurement: days
default: 5
time_to_check_cert:
name: Certificate check time
description: Time when the certificate date will be checked.
selector:
time:
restart_nginx_after_renewal:
name: Restart Nginx
description: Restarts Nginx when the certificate is renewed. (if enabled)
selector:
boolean:
default: true
minutes_until_nginx_restart:
name: Minutes until restart
description: Minutes until restart of Nginx if restart is enabled
selector:
number:
min: 1
max: 60
mode: slider
unit_of_measurement: minutes
default: 1
restart_mosquitto_after_renewal:
name: Restart Mosquitto
description: Restarts Mosquitto when the certificate is renewed. (if enabled)
selector:
boolean:
default: false
minutes_until_mosquitto_restart:
name: Minutes until restart
description: Minutes until restart of Mosquitto if restart is enabled
selector:
number:
min: 1
max: 60
mode: slider
unit_of_measurement: minutes
default: 1
reboot_hassio_after_renewal:
name: Reboot HassIO (reboot system)
description: Reboots the system (HAOS) when the certificate is renewed. (if
enabled)
selector:
boolean:
default: false
restart_ha_after_renewal:
name: Restart Home Assistant
description: Restarts the Home Assistant when the certificate is renewed. (if
enabled)
selector:
boolean:
default: false
minutes_until_ha_restart:
name: Minutes until restart or reboot
description: "Minutes until restart/reboot of Home Assistant/HASSIO if restart/reboot is enabled"
selector:
number:
min: 1
max: 60
mode: slider
unit_of_measurement: minutes
default: 5
send_notification:
name: Send notification
description: Sends a notification to a device if enabled
selector:
boolean:
default: false
notification_device:
name: Device to notify
description: Device which will be notified.
selector:
device:
filter:
- integration: mobile_app
default: None
notification_title:
name: Notification title
description: Title for notification, sent when the certificate has been renewed.
default: SSL certificate renewed
notification_message:
name: Notification message
description: Notification message, sent when the certificate has been renewed.
default: HA SSL certificate renewed
alias: Renew SSL Cert
description: 'Renew SSL Certificate, optionnaly: restart HA, restart NGINX, send notification'
triggers:
- trigger: time
at: !input time_to_check_cert
condition:
- condition: template
value_template: '{{ expire_days_var < var_check }}'
actions:
- action: hassio.addon_start
data:
addon: core_letsencrypt
- choose:
- conditions:
- condition: template
value_template: '{{ send_notification_var }}'
sequence:
- device_id: !input notification_device
domain: mobile_app
type: notify
title: '{{ message_title_var }}'
message: '{{ message_var }}'
default: []
- choose:
- conditions:
- condition: template
value_template: '{{ restart_nginx_after_renewal_var }}'
sequence:
- delay:
hours: 0
minutes: !input minutes_until_nginx_restart
seconds: 0
milliseconds: 0
- action: hassio.addon_restart
data:
addon: core_nginx_proxy
default: []
- choose:
- conditions:
- condition: template
value_template: '{{ restart_mosquitto_after_renewal_var }}'
sequence:
- delay:
hours: 0
minutes: !input minutes_until_mosquitto_restart
seconds: 0
milliseconds: 0
- action: hassio.addon_restart
data:
addon: core_mosquitto
default: []
- choose:
- conditions:
- condition: template
value_template: '{{ reboot_hassio_after_renewal_var }}'
sequence:
- delay:
hours: 0
minutes: !input minutes_until_ha_restart
seconds: 0
milliseconds: 0
- action: hassio.host_reboot
default: []
- choose:
- conditions:
- condition: template
value_template: '{{ restart_ha_after_renewal_var }}'
sequence:
- delay:
hours: 0
minutes: !input minutes_until_ha_restart
seconds: 0
milliseconds: 0
- action: homeassistant.restart
default: []
mode: single
variables:
certificate_var: !input cert_expiry_sensor
var_check: !input renew_date
message_var: !input notification_message
message_title_var: !input notification_title
restart_ha_after_renewal_var: !input restart_ha_after_renewal
reboot_hassio_after_renewal_var: !input reboot_hassio_after_renewal
restart_mosquitto_after_renewal_var: !input restart_mosquitto_after_renewal
restart_nginx_after_renewal_var: !input restart_nginx_after_renewal
send_notification_var: !input send_notification
expire_days_var: >-
{{ ((as_timestamp(states(certificate_var), 0) - as_timestamp(now())) / 60 / 60 /
24 ) | int }}
@Pastaloverzzz
Copy link

I found the solution and edited the fork, if you want you can copy it from me: https://gist.github.com/Pastaloverzzz/673cdd5245bf3cf33852a75305fe179c/revisions
solution was simply changing it to:

      selector:
        entity:
          filter:
            - integration: cert_expiry

and

      selector:
        device:
          filter:
            - integration: mobile_app

@mdeweerd
Copy link
Author

@Pastaloverzzz Thank you, I've merged your gist into this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment