I use certbot with route-53 plugin to generate a certificate. I need to use that certificate with grafana. I have to move it to /etc/grafana/certificates and change the permission and owner/group to be able to use it.
My question is about the systemctl timer running certbot renew twice a day.
How can I automate the process of moving and changer owner/group and permission and restart grafana if certbot successfully renew the certificate.