Explanation
The Blueprint generates an automation that renews the Let’s Encrypt certificate of the Home Assistant. The prerequisite for this is that the “Cert Expiry” integration (Certificate Expiry - Home Assistant) and the “Let’s Encrypt” addon are installed and configured.
The automation checks daily at a specified time whether the expiration date of the certificate has fallen below a certain threshold. If the value falls below the threshold, the Let’s Encrypt addon is started and the certificate is renewed. If desired, a notification can be sent and the Home Assistant can be restarted to activate the new certificate.
Blueprint Code
Click the badge to import this Blueprint:
blueprint:
name: Renew Let's Encrypt Certificate
description: Renew Certificate when due date is below given value
domain: automation
input:
cert_expiry_sensor:
name: Certificate Expiry Sensor
description: Sensor from the Certificate Expiry Integration (https://www.home-assistant.io/integrations/cert_expiry)
selector:
entity:
integration: cert_expiry
renew_date:
name: Certificate renewal date
description: Date when the SSL-Certificate will be renewed
selector:
number:
min: 1
max: 29
mode: slider
unit_of_measurement: "days"
default: 5
time_to_check_cert:
name: Certificate check time
description: Time when the certificate date will be checked.
selector:
time:
restart_after_renewal:
name: Restart Home Assistant
description: Restarts the Home Assistant when the certificate is renewed. (if enabled)
selector:
boolean:
default: true
minuts_till_restart:
name: Minutes untile restart
description: Minutes until restart of Home Assistant if restart is enabled
selector:
number:
min: 1
max: 60
mode: slider
unit_of_measurement: "minutes"
default: 5
send_notification:
name: Send notification
description: Sends a notification to a device if enabled
selector:
boolean:
default: false
notification_device:
name: Device to notify
description: Device which will be notified.
selector:
device:
integration: mobile_app
notification_title:
name: Notification title
description: Notification title for notification that is sent when the certificate has been renewed.
notification_message:
name: Notification message
description: Notification that is sent when the certificate has been renewed.
alias: Renew SSL Cert
description: ''
trigger:
- platform: time
at: !input time_to_check_cert
condition:
- condition: template
value_template: '{{ expire_days_var < var_check }}'
action:
- service: hassio.addon_start
data:
addon: core_letsencrypt
- choose:
- conditions:
- condition: template
value_template: '{{ send_notification_var }}'
sequence:
- device_id: !input notification_device
domain: mobile_app
type: notify
title: '{{ message_title_var }}'
message: '{{ message_var }}'
default: []
- choose:
- conditions:
- condition: template
value_template: '{{ restart_after_renewal_var }}'
sequence:
- delay:
hours: 0
minutes: !input minuts_till_restart
seconds: 0
milliseconds: 0
- service: hassio.host_reboot
default: []
mode: single
variables:
certificate_var: !input cert_expiry_sensor
var_check: !input renew_date
message_var: !input notification_message
message_title_var: !input notification_title
restart_after_renewal_var: !input restart_after_renewal
send_notification_var: !input send_notification
expire_days_var: >-
{{ ((as_timestamp(states(certificate_var)) - as_timestamp(now())) / 60 / 60 / 24 ) | int }}
