From eb460ed0e243770a4b65d95d345c3dc1d6b29ab5 Mon Sep 17 00:00:00 2001
From: DACHXY <Danny10132024@gmail.com>
Date: Tue, 13 May 2025 16:02:42 +0800
Subject: [PATCH] fix: certbot cert renew

---
 system/modules/certbot.nix | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/system/modules/certbot.nix b/system/modules/certbot.nix
index 55827f1..3b5f81a 100644
--- a/system/modules/certbot.nix
+++ b/system/modules/certbot.nix
@@ -5,12 +5,23 @@
     description = "certbot renew";
     timerConfig = {
       Persistent = true;
-      OnCalendar = "*-*-* 03:00:00";
+      OnCalendar = "*-*-* 16:30:00";
       Unit = "certbot-renew.service";
     };
     wantedBy = [ "timers.target" ];
   };
 
+  systemd.timers."certbot-nginx-reload" = {
+    enable = true;
+    description = "certbot renew";
+    timerConfig = {
+      Persistent = true;
+      OnCalendar = "*-*-* 16:32:00";
+      Unit = "nginx-config-reload.service";
+    };
+    wantedBy = [ "timers.target" ];
+  };
+
   systemd.services."certbot-renew" = {
     enable = true;
     after = [
@@ -26,19 +37,9 @@
     };
   };
 
-  systemd.services."nginx-reload-after-certbot" = {
-    after = [ "certbot-renew.service" ];
-    requires = [ "certbot-renew.service" ];
-    wantedBy = [ "certbot-renew.service" ];
-    serviceConfig = {
-      Type = "oneshot";
-      User = "nginx";
-      # This config file path refers to "services.nginx.enableReload"
-      ExecStart = ''${pkgs.nginx}/bin/nginx -s reload -c /etc/nginx/nginx.conf'';
-    };
-  };
-
   systemd.services."nginx-config-reload" = {
+    after = [ "certbot-renew.service" ];
+    wantedBy = [ "certbot-renew.service" ];
     serviceConfig = {
       User = "root";
       ExecStartPre = "${pkgs.busybox}/bin/chown -R nginx:nginx /etc/letsencrypt/";