My crontab is set up, so that
letsencrypt renew gets executed bi-daily, and does its job.
The only thing not automated is reloading nginx. I could simply add yet another crontab entry for it but I rather wouldn’t. Every server restart is a potential opportunity for things to go wrong, so I’d like to reload nginx only when at least one cert gets renewed.
Waiting for your ultimate wisdom.