Homeassistant Blueprint for SSL-Certificate renewal

renew_ssl_cert.yaml

blueprint:
  name: Renew Let's Encrypt Certificate
  description: Renew Certificate when due date is below given value
  domain: automation
  input:
    cert_expiry_sensor:
      name: Certificate Expiry Sensor
      description: Sensor from the Certificate Expiry Integration (https://www.home-assistant.io/integrations/cert_expiry)
      selector:
        entity:
          integration: cert_expiry
    renew_date:
      name: Certificate renewal date
      description: Date when the SSL-Certificate will be renewed
      selector:
        number:
          min: 1
          max: 60
          mode: slider
          unit_of_measurement: "days"
      default: 31
    time_to_check_cert:
      name: Certificate check time
      description: Time when the certificate date will be checked.
      selector:
        time:
    reboot_host_after_renewal:
      name: Reboot Host System
      description: Reboot the Home Assistant Host System when the certificate is renewed. (if enabled)
      selector:
        boolean:
      default: false
    minutes_until_reboot:
      name: Minutes until reboot
      description: Minutes until reboot of Home Assistant if reboot is enabled
      selector:
        number:
          min: 1
          max: 60
          mode: slider
          unit_of_measurement: "minutes"
      default: 5
    send_notification:
      name: Send notification
      description: Sends a notification to a device if enabled
      selector:
        boolean:
      default: false
    notification_device:
      name: Device to notify
      description: Device which will be notified.
      selector:
        device:
          integration: mobile_app
      default: None
    notification_title:
      name: Notification title
      description: Notification title for notification that is sent when the certificate has been renewed.
      default: SSL certificate renewed
    notification_message:
      name: Notification message
      description: Notification that is sent when the certificate has been renewed.
      default: HA SSL certificate renewed
alias: Renew SSL Cert
description: 'Renew SSL Certificate, optional: send notification'
trigger:
  - platform: time
    at: !input time_to_check_cert
condition:
  - condition: template
    value_template: '{{ expire_days_var < var_check }}'
action:
  - service: hassio.addon_start
    data:
      addon: core_letsencrypt
  - choose:
      - conditions:
          - condition: template
            value_template: '{{ send_notification_var }}'
        sequence:
          - device_id: !input notification_device
            domain: mobile_app
            type: notify
            title: '{{ message_title_var }}'
            message: '{{ message_var }}'
    default: []
  - choose:
      - conditions: 
          - condition: template
            value_template: '{{ reboot_host_after_renewal_var }}'
        sequence:
          - delay:
              hours: 0
              minutes: !input minutes_until_reboot
              seconds: 0
              milliseconds: 0
          - service: hassio.host_reboot
    default: []
mode: single
variables:
  certificate_var: !input cert_expiry_sensor
  var_check: !input renew_date
  message_var: !input notification_message
  message_title_var: !input notification_title
  reboot_host_after_renewal_var: !input reboot_host_after_renewal
  send_notification_var: !input send_notification
  expire_days_var: >-
    {{ ((as_timestamp(states(certificate_var), 0) - as_timestamp(now())) / 60 / 60 / 24 ) | int }}

Added @e28eta's changes into this gist

Merge all changes from @ChabanOS except for the nginx add-on stuff

Cleanup whitespace similar to @Eonasdan

Integrate some of the adjustments from @zollak such as defaults and description text

After all the merging and adjustments I followed the remaining instructions to make the automation, however I did not want to save via the UI and I clicked on the "view yaml", copied, pasted into my own yaml file. All is well.