From d22e2491e516845f7810556a80e396e56daaa613 Mon Sep 17 00:00:00 2001
From: Dmitry Ilvokhin <d@ilvokhin.com>
Date: Sat, 21 Mar 2026 19:54:04 +0000
Subject: Remove custom certbot units

There is certbot-renew.timer file that comes out of the box. No need to
maintain own copy.
---
 roles/certbot/files/certbot.service |  6 ------
 roles/certbot/files/certbot.timer   | 10 ----------
 roles/certbot/tasks/main.yml        | 23 ++---------------------
 3 files changed, 2 insertions(+), 37 deletions(-)
 delete mode 100644 roles/certbot/files/certbot.service
 delete mode 100644 roles/certbot/files/certbot.timer

diff --git a/roles/certbot/files/certbot.service b/roles/certbot/files/certbot.service
deleted file mode 100644
index 26cf2fd..0000000
--- a/roles/certbot/files/certbot.service
+++ /dev/null
@@ -1,6 +0,0 @@
-[Unit]
-Description=Let's Encrypt renewal
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/certbot renew --agree-tos
diff --git a/roles/certbot/files/certbot.timer b/roles/certbot/files/certbot.timer
deleted file mode 100644
index 565b4ee..0000000
--- a/roles/certbot/files/certbot.timer
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=Renewal of Let's Encrypt's certificates
-
-[Timer]
-OnCalendar=daily
-OnCalendar=0/12:12:00
-Persistent=true
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
index 25cb320..4169d60 100644
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -19,28 +19,9 @@
     - /etc/letsencrypt/renewal-hooks/post
     - /etc/letsencrypt/renewal-hooks/pre
 
-- name: Configure certbot systemd service
-  ansible.builtin.copy:
-    src: files/certbot.service
-    dest: /usr/lib/systemd/system
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-
-- name: Configure certbot systemd timer
-  ansible.builtin.copy:
-    src: files/certbot.timer
-    dest: /usr/lib/systemd/system
-    owner: root
-    group: root
-    mode: u+rw,g+r,o+r
-
 - name: Enable certbot systemd timer
-  # `ansible.builtin.systemd_service` used here intentionally instead of
-  # `ansible.builtin.service` to issue `systemctl daemon-reload` in case of
-  # changes in Ansible managed unit file.
-  ansible.builtin.systemd_service:
-    name: certbot.timer
+  ansible.builtin.service:
+    name: certbot-renew.timer
     enabled: true
     state: started
     daemon_reload: true
-- 
cgit v1.3